Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

My understanding of the GDPR is that it doesn't apply if the analytics are fully anonymized, and only partially applies if the analytics are pseudonymous[1]. It's exceedingly likely that one of these cases applies, since the ID in question is tied to a single Mozilla installation, not individual user or even browser profile.

[1]: https://www.ucl.ac.uk/data-protection/guidance-staff-student...



It is PD (Personal Data). The same way an IP or any 'anonymous' identifier from web analytics is.

So from my understanding of the GDPR regulations this is a clear violation.


At the same time IP addresses have been ruled to be personal information. They very clearly don't uniquely identify a person, but are close enough that it doesn't matter as the GDPR is concerned. Unique identifiers in general are murky waters.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: