undefined | Better HN

0 pointsmiken1233y ago0 comments

> I could sell an app in the EU that just pinged my server once a day. As long as I wasn't keeping a record of who pinged what when, there is no PII.

Data processing is not just about 'keeping a record'. Processing even for a millisecond is also processing.

> Otherwise everything is PII and you would need consent before every TCP handshake.

Consent is not the only ground for data processing. Normally, it would just be performance of a contract, as the user wants something from you.

0 comments

1 comments · 1 top-level

I still haven't got my citation of how the GDPR someone applies to non-PII, which is the entire point of what 1P is saying they are collecting.

Data processing of personal data is what the GDPR is concerned about.

I'm sorry for getting frustrated but for fucks sake, someone cite me something that proves my original point about the opt-out being illegal.

I don't care if I'm wrong but I'm not taking downvotes for questioning someone flatly accusing 1P of bypassing EU regulations.

j / k navigate · click thread line to collapse