Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My understanding of the GDPR is that it doesn't apply if the analytics are fully anonymized, and only partially applies if the analytics are pseudonymous[1]. It's exceedingly likely that one of these cases applies, since the ID in question is tied to a single Mozilla installation, not individual user or even browser profile.

[1]: https://www.ucl.ac.uk/data-protection/guidance-staff-student...



It is PD (Personal Data). The same way an IP or any 'anonymous' identifier from web analytics is.

So from my understanding of the GDPR regulations this is a clear violation.


At the same time IP addresses have been ruled to be personal information. They very clearly don't uniquely identify a person, but are close enough that it doesn't matter as the GDPR is concerned. Unique identifiers in general are murky waters.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: