[gdpr-discuss] GDPR abuse ?
Ralph Corderoy
ralph at inputplus.co.uk
Fri May 11 12:17:31 BST 2018
Hi TJ,
> In order to operate effective anti-spam measures to deal with this,
> data controllers/processors would need to retain some PII. That
> retention would likely come under the heading of 'needed to operate
> the service'.
That's the issue I've been wondering about WRT lug.org.uk's Mailman
provision. There's also Mailman's variables like
`accept_these_nonmembers' that build up email addresses over time.
> Hashing the identity items individually (email address, nick-name,
> real-name, telephone, etc.) would mean the anti-spam data was
> anonymous.
Not if it's easy enough to hash all likely telephone numbers and check
by brute force? Or determine if foo at bar.xyzzy in particuar is there?
--
Cheers, Ralph.
https://plus.google.com/+RalphCorderoy
More information about the gdpr-discuss
mailing list