top | item 47095616

(no title)

It's kinda wild that you don't need to be a professional engineer to store PII. The GDPR and other frameworks for PII usually do have a minimum size (in # of users) before they apply, which would help hobbyists. The same could apply for the licensure requirement.

But also maybe hobbyists don't have any business storing PII at scale just like they have no business building public bridges or commercial aircraft.

discuss

knollimar|9 days ago

I'm wary of centralizing the powers of the web like that.

Xelbair|9 days ago

Web is already mostly centralized, and corporations which should be scrutinized in way they handle security, PII and overall software issues are without oversight.

It is also a matter of respect towards professionals. If civil engineer says that something is illegal/dangerous/unfeasible their word is taken into the account and not dismissed - unlike in, broadly speaking, IT.

closewith|9 days ago

GDPR doesn't have any minimum size before applying. There's a household exemption for personal use, but if you have one external user, you're regulated.

henryfjordan|6 days ago

Thanks for clarifying. I was thinking of the CCPA which does have some revenue or user count minimums.

iamacyborg|9 days ago

Worth noting that “PII” is not a concept under the GDPR and that it’s definition of Personal Data is much broader than identifiable information.