General Data Protection Regulation (“GDPR”)

49 readers

1 users here now

Everything related to the #GDPR is discussed here. This is the first and only community specifically for GDPR topics which is decentralized and outside of walled-gardens. #EDPB recommendations and guidance can and should also be discussed here.

For the moment, chatter on the similar California Consumer Privacy Act (CCPA) could be discussed at least until the volume of messages compels us to split it into a separate community.

founded 11 months ago

MODERATORS

[email protected]

Giving fake info can compromise your GDPR access rights (sopuli.xyz)

submitted 8 months ago* (last edited 8 months ago) by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

I often give fake info as an extra measure of data protection. If I don’t need the data controller to have my date of birth, I give a fake one.

Well this just screwed me because I made an access request and the data controller said: to verify your identity, tell us your date of birth. Fuck me. I didn’t keep track of which fake date I gave them. I didn’t even keep track of whether I gave fake info. So they could treat my otherwise legit request as a breach attempt.

I should have kept track of the birth date I supplied. I will; from now on.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 8 months ago

Put anything related to any account in your password manager. Not only should your security questions have absolutely nothing to do with the real you, so should anything that’s not pertinent to the account. My first pet’s name or the name of my first car are often just random strings like my passwords and my names are randomly generated names.

Another route is to use the same fake info everywhere unless you need specific fake info which goes in the password manager.

If you’re not using a password manager you should start. Options like KeePass don’t require providers to have access to your info.