[simion314]

>its pretty much impossible to know whether or not you comply, even if you store zero data about users.

Can you explain how you store Zero data but you are not sure? Are you referring at the fact that you include third party code or use third party services?

The fact that the laws are not simple is because they need to define things very specifically to make it impossible for "clever" people to interpret them different then the "spirit oft he law"

[Shebanator]

Servers have logs, which can have a lot of personal data in them. Not all of that logging is under your control, especially if you rely on 3rd party services like AWS. This is a simple example but there are many more.

[RobertKerans]

I get what you're saying here, but if those [for example] logs contain personal information, and those logs are exposed (or have the possibility of being exposed) then that information should be redacted. Sure it's often not trivially simple, but it's your responsibility (AWS seems a wired example to use as well, given that any logging facilities actually provided by them offer redaction).

[scaryclam]

What logs are you thinking of? There are none that I can think of that require a lot of personal data. IP address storage is explicitly covered provided you log them for security etc.

[shados]

an exception stack trace containing the data of a customer object could put in a name by accident, for example. And then you're in trouble. The third parties you use could be storing data, even if they tell you they don't. If they do you need to get a DPA signed up. You might still need a DPO, and so on and so forth. It's a massive undertaking for any org of a reasonable size.

Worth it in the long run, as once we're used to it and tweaks to the law happen to make it easier/better? Sure. Easy? Heck no.

[simion314]

I think this can't happen in the scenario you mentioned of zero personal data stored, since you have a simple webpage , no personal data is stored, then your backend should have no customer objects to handle.

I seen the issue you described where an exception will log all the function parameters but if I am not wrong this logs are configurable so you can check the framework you use about this logs and probably is a good idea to delete old error logs(I know as developers we are busy and don't want to mess with log configs and cronjobs etc but even without GDPR an error log file containing DB data since 2017 is a security risk)

[scaryclam]

This isn't an issue I've come across. I've always put customer IDs in logging data, which is fine according to GDPR. Names, or other PII for that matter, shouldn't be in there, period. Stack traces are actually fine, just make sure you rotate your logs. Error and debugging logs are covered in the GDPR.

Third parties lying to you wont get you in trouble, it'll get them in trouble with the GDPR enforcers, so it's not worth doing that sort of "what if" exercise.

I've worked for organisations of many sizes. Basic data sanitation (aka, don't be daft) is enough. Give the GDPR a read, it's clear enough for almost all cases and isn't nearly as bad as some folks here on HN would have you believe.

[kasey_junk]

Customer ids may or may not be ok. You will get different guidance on that. For instance cookie ids are personal data.

[shados]

Third parties won't get you in trouble as long as you have a DPA, but you need to get it.

Customer IDs are fine as long as they can't be associated with other information anywhere else, but if they can, it's an issue.

Sanitation is easy but someone, somewhere will screw it up when you're not looking.

[Shebanator]

Yes, exactly. Thanks for chiming in.

[M2Ys4U]

So when you said "even if you store zero data about users" you meant "except for when you store data about users.

Okay then...