Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You can tell by not entering any PII into the site in the first place.

IP is technically PII in some places. Personally I am not worried if a criminal gets "my" IP in the same way that I am not worried if they have my phone number. I would be worried if they had my name address age bank account info etc, but then I don't give that out freely



> You can tell by not entering any PII into the site in the first place.

That's not the definition of PII. At best, that covers a small subset of PII.

PII means any information that can be used to identify you, either directly or indirectly.

When you access a website combined with which link you opened or which search keywords you used can be used to infer who you are.

How do you tell if a script is not shipping that info to an undisclosed third-party?


If you are not worried that a criminal (or anyone) gets your phone number, post it here in reply to this post.

That's kind of my very coarse litmus test for PII: If I'm not willing to post it publicly in a rando internet forum, it's probably PII. There are exceptions obviously, and the inverse is not true: I may be willing to publicly post certain PII.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: