Hacker News new | comments | ask | show | jobs | submit login

>If the goal is to prevent certain actions by making them illegal and a given boundary can already ensure that, whats the point in widening that boundary even more?

Atleast in germany the boundary has not been widened and most corporations seemed to operate just fine.

> Just because if the name is added to such a database of cars produced, it will be personal identifying?

When you add data to your database you'll have to consider this, yes.

Privacy under the GDPR means that you evaluate whether or not it is necessary to store such data.

Why? Because the GDPR is not only about the present but also about potential problems. If your database gets breached and someone runs of with the data, the GDPR seeks to ensure that the data contained is the absolute minimum necessary and does not threaten the privacy of the users if possible.

Put another way:

Under GDPR you do not own data like car color, built, model, extras. People give you stewardship of the data and you are responsible for it. It is your task to protect it. Protecting people's data is easier when you don't have as much of it.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact