WordPress.org

Make WordPress Core

Changes between Version 1 and Version 2 of Ticket #43492, comment 26


Ignore:
Timestamp:
04/03/2018 02:01:11 PM (3 years ago)
Author:
DavidAnderson
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #43492, comment 26

    v1 v2  
    33So, yes, if 1) you are an entity subject to the GDPR (like the WP Foundation is), and if 2) you harvest and process data that you scrape from a website and connect it in your data store in such a way that it can, through direct or indirect means, be identified with an individual EU citizen (e.g. the website has an 'About' page that identifies a specific individual), then indeed the GDPR *does* bear upon that. "But that's a really onerous requirement" doesn't matter; the GDPR's POV on that - for better or for worse, whether I like it or not - is "yes, that's what we wanted to accomplish, it seems like things are going well."
    44
    5 N.B. The wording of the GDPR isn't that something is associated in some/any general way. It's about what data you store and process. If you don't store the URL (or anything else that comes into the PII category), then I believe you can process the content of any website to your heart's content without any GDPR implications.
     5N.B. The wording of the GDPR concerning being 'associated' isn't that something is associated in some or any general way. It's about what data you *store* and/or *process*. If you don't store the URL (or anything else that comes into the PII category), then I believe you can process the content of any website to your heart's content without any GDPR implications.