Comment by lategloriousgnu
5 years ago
What PII are you putting on a forum? All I can think of is email and password. Your password should be unique to the forum, and I would hardly say that an email address is PII. If you're super worried about email, just use an alias.
> “I would hardly say that an email address is PII.”
The EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) say they are.
Only if it can be associated with your person somehow.
Yes and no; info@example.com used at one site is not going to personally identify you, but most personal and work email addresses are some variant of name or initials. Unless you expect the forum owners to individually mark each member's email address as personally identifiable or not, they ought to treat them as if they were all PII because most of them will be.
(the upshot of your suggestion that your email address sometimes doesn't identify you and so isn't PII would be what, forum owners can leak your email address tied to your forum posts so long as they don't know whose address it is? That doesn't sound particularly desirable.)