Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My HN username (Rygian) is PII because it can be used to identify me indirectly (HN has a log of my username connecting from IP x.y.z.w, and my IP address is PII).


In the US there is precedent (existing court rulings) against IP address being PII. Obviously, IP address is not very good PII, and never guaranteed to be able to identify someone.

Whether HN has a log of it is an assumption I don’t have a way to verify. Lots of privacy-conscious sites purge connection logs often and/or refuse to keep them for this very reason.


IP addresses are PII in Europe.


This may sound pedantic but PII is not even mentioned in the GDPR. It's a notion from U.S. law.

The GDPR refers to "personal data". Everything you say above about PII is true of personal data under GDPR.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: