Nameless data can still be personal
Roland Perry
ukcrypto at chiark.greenend.org.uk
Sat, 8 Nov 2008 09:41:04 +0000
In article <1374735793.20081108003538@originalthinktank.org.uk>, Chris
Salter <ukcrypto@originalthinktank.org.uk> writes
>While I have always been
>careful not to include any 'end user' identifiable information in any
>published web statistics, I've otherwise viewed both logs and reports
>as proprietary (mine) rather than (other individuals) personal data.
They can be both. The collection is "yours" as a data controller,
comprising other people's personal data (unless the logs have been
thoroughly anonymised).
>Not that who accesses the sites that I administer would in practice be
>considered sensitive information.
"Sensitive data* has a jargon meaning (indicating religion etc...) but
it's a slippery slope to start second-guessing whether or not anyone
would "care" that the information you have about them was leaked.
--
Roland Perry