20
Giving fake info can compromise your GDPR access rights (sopuli.xyz)
submitted 3 months ago by freedomPusher@sopuli.xyz to c/privacy@links.hackliberty.org
11 comments fedilink hide all child comments

cross-posted from: https://sopuli.xyz/post/10336994

I often give fake info as an extra measure of data protection. If I don’t need the data controller to have my date of birth, I give a fake one.

Well this just screwed me because I made an access request and the data controller said: to verify your identity, tell us your date of birth. Fuck me. I didn’t keep track of which fake date I gave them. I didn’t even keep track of whether I gave fake info. So they could treat my otherwise legit request as a breach attempt.

I should have kept track of the birth date I supplied. I will; from now on.

you are viewing a single comment's thread
view the rest of the comments
[-] DoctorSpocktopus@lemmy.ca 7 points 3 months ago

Good tip; I guess I’ll just pick a consistent date from now on.

[-] freedomPusher@sopuli.xyz 8 points 3 months ago

I’ll probably use a different DoB for each but keep it in a password file and treat it like a password of sorts.

The data controller was actually being quite responsible in this case by verifying a simple piece of info that should have been mutually known. Many data controllers are reckless and demand a full copy of an ID card (entirely against GDPR rules).

load more comments (2 replies)
this post was submitted on 13 Mar 2024
20 points (88.5% liked)

Privacy

1 readers
10 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 1 year ago
MODERATORS
c0mmando@links.hackliberty.org