Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I think that depends on how do you define PII.

I suspect the ZKP proof or token is practically unique and related to you, so I could be personal data if you use the definition from GDPR.

With ZKP the entity and the original verifier shouldn't be able to match your identity to the ZKP proof or token, but the app on your phone of course can do that.

The app probably will be made some government contractor and there is no technical measure that would prevent them to just share all that data with whoever they want.

 help



The app can be open-source and verified to not be sharing extra info, though. Of course if no-one bothers to use the verifiable version of it, then it's all pointless, but this is true regardless (they could also just not use ZKPs).



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: