GDPR and common sense by @edent
Every so often, I get a glimpse into the thought processes of someone who has a very different view of the world to me. I don't deal with people's personal information often. So I was surprised to receive an email with a multi-megabyte spreadsheet called "Pay and Bonuses 2020". The email contained t...

Heh, no idea what GDPR has to do with password protected attachments but this reminds me of a nifty customer that decided that NextCloud or KeePass files are way too complicated and simply dropped me required data in my HOME folder on the brand new server I was supposed to configure next day anyway. This I could access with my very own ssh key generated just for this purpose the day before. I had to admire the simplicity – and I needed that data on this server anyway 😀

Also auto-complete is a PITA on occasion. Looking at you Firefox.

One thought on “

            • Well, GDPR requires analysing and documenting flows of personal data. I can see how an organisation might choose to have a policy of password-protecting when data is transferred, so phrasing aside, it could sorta make sense.
              They still need to read Schneier on security of algorithms and processes, though.