Comment by arielweisberg
18 hours ago
This can be implemented without storing it. They could store a hash. No idea what they actually do.
18 hours ago
This can be implemented without storing it. They could store a hash. No idea what they actually do.
A hash of a public identifier like an email is personally identifiable data.
Isn’t the entire point of a cryptographically secure hash that you can’t derive the original information?
You can't derive the original better than guessing. With public identifiers you can just take a list of them and guess with those. If someone asks for your email they can hash it themselves and compare it against whatever databases.
You can always encrypt with a public key instead of hashing.