I mean, if those records are being kept, it shouldn't be that hard to make them ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Gaelan on March 17, 2018 \| parent \| context \| favorite \| on: The Nightmare Letter: A Subject Access Request Und... I mean, if those records are being kept, it shouldn't be that hard to make them easily user-accessible, right? Support people that got the letters could just give users the link to the page with the data.

rebuilder on March 18, 2018 [–]

It seems to me that could easily create a privacy issue of its own. Certainly just a link would be terribly insecure, you'd need to authenticate the user. And whatever you do, you've now created a web-facing portal to the private data you're supposed to protect. Seems risky to me.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact