GDPR and common sense by @edent (shkspr.mobi)
Every so often, I get a glimpse into the thought processes of someone who has a very different view of the world to me. I don't deal with people's personal information often. So I was surprised to receive an email with a multi-megabyte spreadsheet called "Pay and Bonuses 2020". The email contained t...

Heh, no idea what GDPR has to do with password protected attachments but this reminds me of a nifty customer that decided that NextCloud or KeePass files are way too complicated and simply dropped me required data in my HOME folder on the brand new server I was supposed to configure next day anyway. This I could access with my very own ssh key generated just for this purpose the day before. I had to admire the simplicity – and I needed that data on this server anyway 😀

Also auto-complete is a PITA on occasion. Looking at you Firefox.

One thought on “

  1. Well, GDPR requires analysing and documenting flows of personal data. I can see how an organisation might choose to have a policy of password-protecting when data is transferred, so phrasing aside, it could sorta make sense.
    They still need to read Schneier on security of algorithms and processes, though.

Leave a Reply

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)