top | item 40394926

(no title)

tbrock | 1 year ago

> but we need to remember enough that when we encounter you again, we recognize that you've objected to further processing. How are we supposed to know in future interactions that you've opted out if we've deleted all mentions of you and your PII?

Just hash the PII, delete the original and reinsert the hashed version (perhaps into another table). On insert check if hashes match and the opt out bit is set, if they match and it’s set then act appropriately.

discuss

abeppu|1 year ago

You used the word "just" there, but I don't think storing hashed PII is necessarily an out here. Clearly, the whole point of the suggestion is that we can still match the person against a record, and the hashed device id or ip or email or whatever else is functioning as an identifier.