Wow, so basically blacklisting email sender’s on ip address isn’t allowed either? When is an IP address, an individual and when is it just a machine in the cloud?
Incorrect. gdpr.eu/eu-gdpr-personal-data/ states IP addresses are personal data.
MrOxiMoron@lemmy.world 7 months ago
gian@lemmy.grys.it 7 months ago
You can. After all the GDPR does not forbid you to not accept to talk to someone.
charonn0@startrek.website 7 months ago
I’m not sure that helps much. Blacklisting senders based on their IP is much more commonly (and effectively) done on intermediary servers rather than on the client.
Aux@lemmy.world 7 months ago
GDPR does NOT prohibit storing any information indefinitely if it is required for proper functioning of the service. If the service bans you by IP, they need your IP indefinitely to function properly and GDPR doesn’t apply. Just like you can’t remove yourself from a creditor black list, and it will have a lot more personal information than just an IP address.
Kissaki@feddit.de 7 months ago
What matters is the association of the IP to a person or account. If you receive spam and block the source IP it’s not personal data. If you create an account on a website and they store your IP to it then it is.
Handling them for necessary technical service protection can also be acceptable without explicit consent as long as it’s limited/temporary (you may be able to handle that without account association in the first place anyway).
speaker_hat@lemmy.one 7 months ago
What’s the email of the privacy committee again?