As the blocking consultation reaches a stopping point, let's take a sprint to investigate the top ideas from a technical POV.
With this project, we would create a browser fingerprint with some specific identifiable pieces of data about the user's computer and store it as a hash. Admins could then set an IP range block that also includes a match for this fingerprint, but would not be able to see the hashed information.
====Questions to answer
** If we are to build this, how would we proceed? (rough implementation plan)
** What is the delta between building this and just building T100070
* Data collection & retention
** What data is currently being collected?
** How long is this data kept?
** Can we hash this data and keep it for longer than 90 days?
* Is a hash actually private enough, given the small ecosystem of browsers?
* Part of core or an extension?
* How would client-side detection interact with backend?
Example of tracking data that could be hashed: