The Call of the Open Sidewalk

From a place slightly to the side of the more popular path

User Tools

Site Tools

pgpfan:gdpr

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
pgpfan:gdpr [2026/03/19 15:52] – [Personal Data] Stronger example. b.walzerpgpfan:gdpr [2026/03/21 17:33] (current) – [Personal Data] Was too abrupt. b.walzer
Line 61: Line 61:
 The number on the left is my employee identification number. It identifies me in multiple employment related contexts. It counts as personal data under the GDPR. The number on the right is from an anonymized database. It identifies a particular person, but there is no way to relate it to an actual physical person. It does not count as personal data under the GDPR. So you may distribute, store or further process the rightmost number without my knowledge or consent. You can only distribute, store or further process the leftmost number with consideration of my rights under the GDPR. The number on the left is my employee identification number. It identifies me in multiple employment related contexts. It counts as personal data under the GDPR. The number on the right is from an anonymized database. It identifies a particular person, but there is no way to relate it to an actual physical person. It does not count as personal data under the GDPR. So you may distribute, store or further process the rightmost number without my knowledge or consent. You can only distribute, store or further process the leftmost number with consideration of my rights under the GDPR.
  
-But the numbers are the same! Here the actual value is not important, only the context((For another example of this sort of thing, see: [[https://ansuz.sooke.bc.ca/entry/23|What Colour are your bits?]])).+But the numbers are the same! That is why this is such a good example; the actual value is not important, only the context((For another example of this sort of thing, see: [[https://ansuz.sooke.bc.ca/entry/23|What Colour are your bits?]])).
  
 It seems fairly clear that a public key used for identification can count as personal data under the GDPR. The question came up with respect to the public key used to identity users of blockchains((See section 3.3 of: [[https://www.europarl.europa.eu/RegData/etudes/STUD/2019/634445/EPRS_STU(2019)634445_EN.pdf|Blockchain and the General Data Protection Regulation]])). Does it count for the public key(s) in PGP identities? It seems fairly clear that a public key used for identification can count as personal data under the GDPR. The question came up with respect to the public key used to identity users of blockchains((See section 3.3 of: [[https://www.europarl.europa.eu/RegData/etudes/STUD/2019/634445/EPRS_STU(2019)634445_EN.pdf|Blockchain and the General Data Protection Regulation]])). Does it count for the public key(s) in PGP identities?
pgpfan/gdpr.1773935528.txt.gz · Last modified: by b.walzer