← Back to context

Comment by Sayrus

1 year ago

You'd be surprised what French data authority (CNIL) has to say about this[1]:

> Any use of personal data for an objective that is incompatible with the primary purpose of proces- sing is a misuse that is subject to administrative or criminal sanctions. > For example, a mechanic cannot sell the vehicle’s technical data to insurers to enable them to infer the driving profiles of their policyholders.

There may be a lack of enforcement, but it seems this type of data may be protected under GDPR.

[1] https://www.cnil.fr/sites/cnil/files/atoms/files/cnil_pack_v...

2 comments

Sayrus

Reply
max_  1 year ago

With good encryption we wouldn't need to spend alot of time trying to enforce these laws

  • Sayrus  1 year ago

    As a corporation, would I use your encryption standards if I stand to make money legally by not using them? You'll need to enforce encryption usage to force me to use these. Which currently requires these kind of laws.

    What do you have in mind to ensure standards that are good for end-users are put in my place?