Ancestors

Toot

Written by J$ on 2025-01-21 at 12:35

Attn you IT systems maintainers.

Do you manage datasets containing birth sex? Place of birth? Ancestral nationality? Gender? Political, sexual, religious preference? Health care history? poof no you don’t.

Now make it so. It’s prevention time; time to run if you can. And hide. Don’t do the gestapo’s work for them.

=> More informations about this toot | More toots from js@mastodon.nl

Descendants

Written by J$ on 2025-01-21 at 12:38

My predecessors learned this lesson, saving many. Many more died, horribly. Take precautions NOW, as long as you still can.

=> More informations about this toot | More toots from js@mastodon.nl

Written by mkj on 2025-01-21 at 13:07

@js VERY few systems need to store that kind of data for their intended purpose.

If you're going to implement one rule out of the GDPR, might as well make it the one on data minimization.

That one is there for a reason, indeed!

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by Chimmie Firefly 💙💜🤍 on 2025-01-21 at 14:01

@mkj@social.mkj.earth @js@mastodon.nl Tbh I wish bank etc. were better at storing something less important. Like a signed signature of me being an adult through which they can refer to government in case I do a fuck-up

=> More informations about this toot | More toots from gameplayer@fearness.org

Written by mkj on 2025-01-21 at 14:04

@gameplayer Indeed, it would be real nice if some sort of zero knowledge proof was the default.

But even in the world we do live in, we can do quite a lot better than is often done by simply not collecting and storing data "just in case".

Instead to make sure every piece of data is stored for some specific purpose, and if storing something specific can't be justified based on a user requirement (including legal requirements), to reconsider whether to store that at all.

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by patter on 2025-01-21 at 14:06

@mkj @js limited time data profiles: sure, ecommerce site, you need some info until a bit after you've shipped my purchases, but you don't need to know of my existence after that

=> More informations about this toot | More toots from patterfloof@meow.social

Written by mkj on 2025-01-21 at 14:08

@patterfloof That's one not-unreasonable example, yes. One can argue about whether the data needs to be kept for things like warranty purposes or accounting purposes, but with some thought it should be possible to minimize the data kept for that, too.

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by patter on 2025-01-21 at 14:12

@mkj @js it's one of several things where "how would this work in a walk-in shop"

like I can go to Morrisons for groceries, they know what's been picked up & that it's been paid for, but not who has it (more or less)

warranty is usually something you have to opt into, though the basic could be handled by including a receipt with the package

spitballing ideas, not deeply planned

=> More informations about this toot | More toots from patterfloof@meow.social

Written by mkj on 2025-01-21 at 14:16

@patterfloof Not arguing against you here, and I do agree that there almost certainly are ways to make it work. Same with card payments; sure, the card payment processor needs to know that specific person paid specific amount to specific company, and the company needs some way to know that a purchase has been paid; but the payment processor certainly doesn't need to know what products were bought.

Any proposed actual solution would need to meet the relevant legal requirements, of course.

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by J$ on 2025-01-21 at 14:35

@mkj @patterfloof … or by whom, I’d say.

=> More informations about this toot | More toots from js@mastodon.nl

Written by patter on 2025-01-21 at 14:07

@mkj @js also thinking of early 2000s, with places that needed login for no real reason & people wildly sharing throwaway email address logins for them

=> More informations about this toot | More toots from patterfloof@meow.social

Written by mkj on 2025-01-21 at 14:10

@patterfloof Bug me not ready or not here I come! 🙂

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by 𝕎𝕦𝕝𝕗𝕪 on 2025-01-21 at 18:20

@js

In a fascist structure, population Databases are tools of oppression.

Your duty as a citizen resisting authoritarian oppression and genocide

supercedes

Your code of ethics as a #Sysadmin

=> More informations about this toot | More toots from n_dimension@infosec.exchange