undefined | Better HN

0 pointsusui3y ago0 comments

Still, I don’t understand. If it’s illegal for a data point to be stored, how could it be used anywhere with confidence? If your microservice returns an illegal datum, and a consuming service needs to use it somewhere, how is that secondary usage not a form of storage? This is before taking into consideration things such as cached responses, temporary files, RAM, and other downstream services. You would also have to prove that datum wasn’t derived from anywhere else. What a legislative nightmare this sounds like!

0 comments

1 comments · 1 top-level

black_puppydog3y ago

Yeah what I'm writing about there not being a pain signal applies either way; even if you have a good reason to store data, leaking them should hurt.

But even so, many times a website seems to ask for data they absolutely strictly don't need. Electronics shop -> doesn't need my gender, nor birth date really.

If someone does need my birth date, they typically a) don't need to store it but just verify, and b) what they'd really need would be a trusted third party (like my govt ID) certifying that date. And even then, often just properties about it like "is over 21" or such. Which is incidentally what my german ID allows to do, albeit in a way too complicated way.

1 more reply

j / k navigate · click thread line to collapse