Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Companies should seriously consider implementing GDPR even in the US, it certainly made taking data dumps of customer data a lot harder and certainly private images like Government IDs were encrypted on disk. I’m surprised at the lack of security if I’m honest, at Yahoo! almost nobody had access to prod user data.

Essentially you cannot trust Coinbase IMO, might move the few hundred dollars of BTC out of there :-)



> I'm surprised at the lack of security if I’m honest

This is the crypto industry, who make the discrepancy between Theranos' claims and practice look conservative.


> How does Coinbase protect data in transit and data at rest?

> Coinbase employs a range of technical and organizational measures to defeat efforts to intercept, surveil, or otherwise access without authorization data in transit. For instance, Coinbase encrypts all confidential data transfers to prevent interception or tampering of that data by unauthorized third parties.

Coinbase does business in the EU and thus, already has to comply with the GDPR. Moreover, the US also requires safeguards for sensitive customer information by financial services companies.


How would GDPR help in this case where the employees were bribed?


Internal segregation. If inplemented properly perhaps these specic employees wouldnt have access to all that data in the first place.


> Companies should seriously consider implementing GDPR even in the US

... and save the data in US cloud where everybody can access it.

It is really funny how FAANG can get away with data colkection in spite of GDPR.


Yeah this is really frustrating, especially the way the EU commission keep coming up with workarounds that the court will almost certainly strike down.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: