On 07/03/18 20:43, Jeremy Bicha wrote:
> Notably, in the very first email in this thread, Will Cooke
> specifically said IP addresses will never be stored with this data. 

That doesn't mean it's not collected and so can be ignored. The
"collected" data must be "processed" to remove the IP address (unless
you can access a TCP/IP-based web service without revealing your IP
address?).


> In my opinion, the basic hardware data collection being proposed is
> completely insufficient to identify people.

Respectfully, GDPR compliance isn't based on opinions. It needs to be
studied and processes implemented to ensure compliance, i.e. it needs to
be taken seriously, even for statistical data:

"(162) Where personal data are processed for statistical purposes, this
Regulation should apply to that processing. Union or Member State law
should, within the limits of this Regulation, determine statistical
content, control of access, specifications for the processing of
personal data for statistical purposes and appropriate measures to
safeguard the rights and freedoms of the data subject and for ensuring
statistical confidentiality. Statistical purposes mean any operation of
collection and the processing of personal data necessary for statistical
surveys or for the production of statistical results. Those statistical
results may further be used for different purposes, including a
scientific research purpose. The statistical purpose implies that the
result of processing for statistical purposes is not personal data, but
aggregate data, and that this result or the personal data are not used
in support of measures or decisions regarding any particular natural
person."

Note that this specifically mentions processing with the result of
aggregate non-personal data.

J

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
Ubuntu-devel-discuss mailing list
Ubuntu-devel-discuss@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss

Reply via email to