Re: IP Address in an emergency?
"In a genuine emergency, more data is probably better than not enough, especially as someone would have to sift through it to see what is relevant."
In a genuine emergency, getting flooded with irrelevant information and having to filter that heap of junk while the clock is ticking does not really help.
After all those things are officially for time pressing emergencies where there is not enough time to care about the proper processes. Losing that little advantage to excessive flooding with spam, as the retainer of that info is likely to send all he has to comply with that EDR seems a bit contraproductive to me. So why those EDR do obviously not need to define the scope or targeted information is something i do not really understand. Add the fact that every company i know sorts any data they have in their own specific way and letting an outsider (officer) wade through that heap when searching for selected info seems even more inefficient.
Imagine the following situation:
"Hey farcebook, give me every info about mister culprit ASAP."
"OK, here are 20 Terabytes with information. All family fotos, contact lists, likes and dislikes, visited forums and discussions, mothers blood type, grandfathers last will, every picture he has ever clicked......."
Yes i exaggerate as the article rather unspecified speaks of personal information like adresses, but would any company really hold back on something if that EDR only has a "give me all you have" option ?
Obviously, they dont...