Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
pornel 5 days ago

GDPR is about collection and processing of personally identifiable information. These are specific legal terms that depend on the context in which the data is collected and used, not just broadly any data anywhere that might have something to do with a person.

GDPR is aimed at companies building user databases, not allowing them to completely ignore security, accuracy, user complaints, and sell anything to anybody while lying about it. It doesn't limit individual people's personal use of data.

robin_reala 5 days ago | parent | next [-]

GDPR doesn’t mention “personally identifiable information” once; it’s concerned with personal data, which is “any information relating to an identified or identifiable natural person (‘data subject’)”.

The rest is correct: the restrictions are aimed at organisations, not individuals.

[1] https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng#art_4.tit_...

4ndrewl 5 days ago | parent [-]

The restrictions are not aimed at organisations, but to protect individuals.

https://www.gov.uk/government/publications/domestic-cctv-usi...

"If your CCTV system captures images of people outside the boundary of your private domestic property – for example, from neighbours’ homes or gardens, shared spaces, or from public areas – then the GDPR and the DPA will apply to you. You will need to ensure your use of CCTV complies with these laws. If you do not comply with your data protection obligations you may be subject to appropriate regulatory action by the ICO, as well as potential legal action by affected individuals."

You, as an individual, have data protection obligations, if your ring doorbell captures audio/video about someone outside your property boundaries. The apple translation service seems analogous.

robin_reala 5 days ago | parent [-]

The ICO is pretty zealous though in this regard. To quote recital 18:[1]

This Regulation does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity.

[1] https://eur-lex.europa.eu/eli/reg/2016/679/oj/eng#rct_18

4ndrewl 5 days ago | parent [-]

It's likely taken the view that "purely personal or household activity" only covers the recording of audio/video in a domestic setting.

4ndrewl 5 days ago | parent | prev [-]

GDPR does covers individual's use of eg Ring doorbells insofar as recording video and audio outside of your own property. This would seem to be analogous.

GDPR is aimed at protecting _individual's_ personal information, irrespective of what or who is collecting or processing it.

pornel 4 days ago | parent [-]

It applies to Ring and not other doorbell cameras, because Amazon is collecting and selling access Ring video feeds.