|
|
|
|
|
|
by daamien
945 days ago
|
|
|
Actually the GDPR "just" requires to protect the data against "reasonably likely" attacks. «
To determine whether a natural person is identifiable, account should be taken of all the means reasonably likely to be used, such as singling out, either by the controller or by another person to identify the natural person directly or indirectly. To ascertain whether means are reasonably likely to be used to identify the natural person, account should be taken of all objective factors, such as the costs of and the amount of time required for identification, taking into consideration the available technology at the time of the processing and technological developments.
» https://www.privacy-regulation.eu/en/r26.htm |
|
|