Registered: 1423542624 Posts: 44
Reply with quote #1
Reposting question below from "unregistered user" from the main thread as a separate topic:
Once you receive an email address and other information can you delete the email address rather than store it? That would sanitize your site rather than leaving users vulnerable if you are hacked. It's the same story with stores and credit card numbers: There's no need for them to maintain the numbers in their database once the transaction is completed.
Reply with quote #2
I appreciate your concerns about privacy and agree that non essential data should not be stored. If it helps, the site does not store your actual email address but a hash (a mathematically derived representation) of your email.
I will also say that since the Department uses a standard convention for emails, anyone who wants your email address can easily get it. Lists of Department employees are plentiful on the internet, for example, in the Congressional record.
Reply with quote #3
A salted hash?