27 May
2018
27 May
'18
3:56 p.m.
On 27 May 2018, at 21:41, Owen DeLong <owen@delong.com> wrote:
The way GDPR is written, if you want to collect (and store) so much as the IP address of the potential customer who visited your website, you need their informed consent and you can’t require that they consent as a condition of providing service.
What we were told is that since security > GDPR, storing IPs in logs is obviously OK since it’s a legal requirement. Storing them in a database for targeting / marketing is not. What is a gray area so far is any use of IDS/IPS… +