On 07/03/18 20:43, Jeremy Bicha wrote: > Notably, in the very first email in this thread, Will Cooke > specifically said IP addresses will never be stored with this data.
That doesn't mean it's not collected and so can be ignored. The "collected" data must be "processed" to remove the IP address (unless you can access a TCP/IP-based web service without revealing your IP address?). > In my opinion, the basic hardware data collection being proposed is > completely insufficient to identify people. Respectfully, GDPR compliance isn't based on opinions. It needs to be studied and processes implemented to ensure compliance, i.e. it needs to be taken seriously, even for statistical data: "(162) Where personal data are processed for statistical purposes, this Regulation should apply to that processing. Union or Member State law should, within the limits of this Regulation, determine statistical content, control of access, specifications for the processing of personal data for statistical purposes and appropriate measures to safeguard the rights and freedoms of the data subject and for ensuring statistical confidentiality. Statistical purposes mean any operation of collection and the processing of personal data necessary for statistical surveys or for the production of statistical results. Those statistical results may further be used for different purposes, including a scientific research purpose. The statistical purpose implies that the result of processing for statistical purposes is not personal data, but aggregate data, and that this result or the personal data are not used in support of measures or decisions regarding any particular natural person." Note that this specifically mentions processing with the result of aggregate non-personal data. J
Description: OpenPGP digital signature
-- Ubuntu-devel-discuss mailing list Ubuntuemail@example.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss