Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

They have to name every possible thing they can potentially receive. Mac addresses are available as part of networking details if you're using their desktop software. Zoom is enterprise video conferencing that only recently gained attention for average consumers.


>They have to name every possible thing they can potentially receive.

Then they are missing a lot.


Like what?


Example: A program on your PC can open all files your user owns. Then transmit those files (or parts from them).


That's not considered PII information for a privacy policy. They also don't store your files.


It's still private files. So an oversight by Zoom. A picture of you is absolutely a PII.

>They also don't store your files.

Nobody can prove that. Assume the worst, especially with a company like Zoom.

Remember it was about:

>They have to name every possible thing they can potentially receive

And files certainly fall into that.


That's not how PII is defined nor how privacy policies work. They list potential PII received in standard categories with normal product usage and backend processing.

Otherwise every server on the internet can be sent data by you at anytime which effectively makes listing things pointless.


Definition is wrong then.

That's the point.


No it's not. As I explained, it's well developed legal structure that's used by several countries for major legislation and has decades of precedence. There's also further complexity on how data is submitted, stored, and processed.

Any random file is not considered PII. It doesn't automatically identify you and it's still your responsibility if you send your private files everywhere.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: