logoalt Hacker News

subscribedlast Monday at 11:38 PM1 replyview on HN

There's a law forbidding storage beyond necessary minimum and law punishing such behaviour unless another law necessitated storage of the original document in the unsecured, unencrypted form. Doubtful.

There's also laws mandating secure systems design.

Separately there's no _need_ to store the original document if the verification system is sound (and audit real, not some phony crap like in some of the scandals posted here on HN).


Replies

lazideyesterday at 12:51 AM

If you need to prove you sold to real people, storing their credentials is a necessary thing, for as long as your need to prove that. At least with the way things currently are.

How else do you expect it to work? ‘Honest, we checked’ checkboxes?

show 2 replies