IP addresses are PII when they can identify a person, and that's not always the ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		quicksilver03 on Feb 10, 2022 \| parent \| context \| favorite \| on: Use of Google Analytics declared illegal by French... IP addresses are PII when they can identify a person, and that's not always the case, e.g. a company network using NAT for outgoing connections so that dozens, if not hundreds of people appear from the same IP address.

martin_a on Feb 10, 2022 [–]

How are you supposed/able to make that decision on a log level?

quicksilver03 on Feb 10, 2022 | [–]

There's no way you can make that decision, which is why the simplest course of action, or the less risky one, is to treat any IP address as it actually conveyed PII, even 192.168.0.1.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact