Ancestors

Written by J$ on 2025-01-21 at 12:35

Attn you IT systems maintainers.

Do you manage datasets containing birth sex? Place of birth? Ancestral nationality? Gender? Political, sexual, religious preference? Health care history? poof no you don’t.

Now make it so. It’s prevention time; time to run if you can. And hide. Don’t do the gestapo’s work for them.

=> More informations about this toot | More toots from js@mastodon.nl

Written by mkj on 2025-01-21 at 13:07

@js VERY few systems need to store that kind of data for their intended purpose.

If you're going to implement one rule out of the GDPR, might as well make it the one on data minimization.

That one is there for a reason, indeed!

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by patter on 2025-01-21 at 14:06

@mkj @js limited time data profiles: sure, ecommerce site, you need some info until a bit after you've shipped my purchases, but you don't need to know of my existence after that

=> More informations about this toot | More toots from patterfloof@meow.social

Toot

Written by mkj on 2025-01-21 at 14:08

@patterfloof That's one not-unreasonable example, yes. One can argue about whether the data needs to be kept for things like warranty purposes or accounting purposes, but with some thought it should be possible to minimize the data kept for that, too.

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Descendants

Written by patter on 2025-01-21 at 14:12

@mkj @js it's one of several things where "how would this work in a walk-in shop"

like I can go to Morrisons for groceries, they know what's been picked up & that it's been paid for, but not who has it (more or less)

warranty is usually something you have to opt into, though the basic could be handled by including a receipt with the package

spitballing ideas, not deeply planned

=> More informations about this toot | More toots from patterfloof@meow.social

Written by mkj on 2025-01-21 at 14:16

@patterfloof Not arguing against you here, and I do agree that there almost certainly are ways to make it work. Same with card payments; sure, the card payment processor needs to know that specific person paid specific amount to specific company, and the company needs some way to know that a purchase has been paid; but the payment processor certainly doesn't need to know what products were bought.

Any proposed actual solution would need to meet the relevant legal requirements, of course.

@js

=> More informations about this toot | More toots from mkj@social.mkj.earth

Written by J$ on 2025-01-21 at 14:35

@mkj @patterfloof … or by whom, I’d say.

=> More informations about this toot | More toots from js@mastodon.nl