GDPR
-
So in the GDPR laws apparently it states that you have the right to request all data that a company or institute keeps of you. I wonder if you could request your password as saved in the database. If they send it to you in clear text, you might want to close your account ;)
V.
You have the right to request it, you don't have the right to receive it.
-
So in the GDPR laws apparently it states that you have the right to request all data that a company or institute keeps of you. I wonder if you could request your password as saved in the database. If they send it to you in clear text, you might want to close your account ;)
V.
KPN Webcare on Twitter: "@johanlorier Wachtwoorden van KPN worden versleuteld met UTF8 ^BL"[^] Translated; Passwords of our telecomprovider are encrypted in UTF8 (according to their PR on Twitter)
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
KPN Webcare on Twitter: "@johanlorier Wachtwoorden van KPN worden versleuteld met UTF8 ^BL"[^] Translated; Passwords of our telecomprovider are encrypted in UTF8 (according to their PR on Twitter)
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
That's not very secure :confused: I always encrypt mine with BASE64.
-
You have the right to request it, you don't have the right to receive it.
-
That's not very secure :confused: I always encrypt mine with BASE64.
-
So in the GDPR laws apparently it states that you have the right to request all data that a company or institute keeps of you. I wonder if you could request your password as saved in the database. If they send it to you in clear text, you might want to close your account ;)
V.
-
-
For all data they are obliged to give it to you as far as I know. You could even ask for every detail why they keep it and how long and on top of that you have to right to have it removed if it is not related to their business.
V.
-
I think it is only "personally identifiable information". I can't see that a password would be classed as such.
-
V. wrote:
not related to their business.
What if they are in the business of cold calling, or scamming people? (Is there a difference...)
At least in the US we have the Do Not Call list. So for cold call companies, you can request that they no longer contact you and they must comply. Sadly you can't ask them to remove you from their system like the GDPR. Many claim that it takes time to update the system and you may get additional calls for the next few weeks. This is usually a lie to cover their rear ends. Having seen a few of these systems, the update is usually done right away and pushed out to other sites same day. The problem occurs when one of those other sites doesn't update their DNC data routinely.
-
At least in the US we have the Do Not Call list. So for cold call companies, you can request that they no longer contact you and they must comply. Sadly you can't ask them to remove you from their system like the GDPR. Many claim that it takes time to update the system and you may get additional calls for the next few weeks. This is usually a lie to cover their rear ends. Having seen a few of these systems, the update is usually done right away and pushed out to other sites same day. The problem occurs when one of those other sites doesn't update their DNC data routinely.
-
At least in the US we have the Do Not Call list. So for cold call companies, you can request that they no longer contact you and they must comply. Sadly you can't ask them to remove you from their system like the GDPR. Many claim that it takes time to update the system and you may get additional calls for the next few weeks. This is usually a lie to cover their rear ends. Having seen a few of these systems, the update is usually done right away and pushed out to other sites same day. The problem occurs when one of those other sites doesn't update their DNC data routinely.
Unless you had your phone disconnected, or were out of the country for a year or two, you would know that the Do Not Call List is of absolutely no use any more. It really is a consequence of VOIP - and they spoof the 'FROM' if you have caller ID to try to get you to pick up after they get through the "no private calls" filter. Also, they employ robo-calls (illegal) and call cell-phone (illegal). They really don't give a damn. They don't have to.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
The idea of wanting a fee begs a question. And I'm sure the King and Queen of the EU will address this in short order: If they can charge you for your own information, should they also pay you for it, as in royalties, when they use it?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
I think it is only "personally identifiable information". I can't see that a password would be classed as such.
You'd be surprised how many do offer personally identifiable information. I once worked for some people who kept their users' passwords in unencrypted form. Aside from the sadly inevitable "password5"s and "pa55w0rd123"s the number of "DaveSmith1974" type entries was a real eye-opener.
98.4% of statistics are made up on the spot.
-
You'd be surprised how many do offer personally identifiable information. I once worked for some people who kept their users' passwords in unencrypted form. Aside from the sadly inevitable "password5"s and "pa55w0rd123"s the number of "DaveSmith1974" type entries was a real eye-opener.
98.4% of statistics are made up on the spot.
I do sometimes wish I was useless enough to code our systems with a form a reversible password, it would be fun to look at some of the choices people make. I wonder if Dave Smith is 44, or if that's just the number of times his company's password policy made him change his password :confused:
-
The idea of wanting a fee begs a question. And I'm sure the King and Queen of the EU will address this in short order: If they can charge you for your own information, should they also pay you for it, as in royalties, when they use it?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
W∴ Balboos wrote:
If they can charge you for your own information, should they also pay you for it, as in royalties, when they use it?
No, because you do not own the copyright on data they collect, nor could you copyright that information since it is not considered an original piece of work.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
W∴ Balboos wrote:
If they can charge you for your own information, should they also pay you for it, as in royalties, when they use it?
No, because you do not own the copyright on data they collect, nor could you copyright that information since it is not considered an original piece of work.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
I've always considered myself an original piece of work!:cool::java:
- I would love to change the world, but they won’t give me the source code.
You are a colony of copies of the original piece of work :laugh: We all started as single cell-organisms, that grew by dupliciting the original cell.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
W∴ Balboos wrote:
If they can charge you for your own information, should they also pay you for it, as in royalties, when they use it?
No, because you do not own the copyright on data they collect, nor could you copyright that information since it is not considered an original piece of work.
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
Eddy Vluggen wrote:
piece of work.
I've often been called a real 'piece of work'. So where's my money? And what about the young ladies, who being gypped out of the full title, are just considered a "real piece" ?
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010
-
I do sometimes wish I was useless enough to code our systems with a form a reversible password, it would be fun to look at some of the choices people make. I wonder if Dave Smith is 44, or if that's just the number of times his company's password policy made him change his password :confused:
Even for a reversible password, the encryption engine can incorporate the password into its own encryption (decryption). Given the attempt at the password, it can still use it for the comparison. This makes compromising one key is less of a disaster, as it doesn't compromise them all.
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010