Hacker News new | ask | show | jobs
by he0001 1086 days ago
> the fact that Sweden categorize IP-adress as a Privacy data point

Static IP-adresses are considered identity by EU court[0]. There have been several verdicts where EU court have ruled them subjective to GDPR.

[0] https://curia.europa.eu/juris/liste.jsf?language=en&num=C-70...
1 comments
poniko 1086 days ago
yes? You can still store data within Sweden/EU that contains GDPR data, you just need to have a valid reason and comply with the GDPR rules i.e remove the data when you don't need them for the reason you where saving them. Store the data outside EU is never ok.
link
alkonaut 1086 days ago
But if you wash the IP and any other PII then you can store it anywhere? So why store IP? Is it because GA doesn't offer an option to wipe PII from the messages?
link
poniko 1086 days ago
This is where it gets tricky and why I need to find out more details about the new rulings. Google does not store IP when the user is from the EU but this still seems inadequate to the IMY.

https://support.google.com/analytics/answer/12017362?hl=en

link
alkonaut 1086 days ago
So long as all PII is cleared client side and not merely dropped before storage I can’t see any issues with GDPR?
link