Hacker News new | ask | show | jobs
by claudius 2675 days ago
All of these.

Do not store user data on your end unless you absolutely have to.

Do not give user data to third parties unless you absolutely have to.

Do not do anything without the user explicitly or implicitly consenting to it.

Example: You have to momentarily store the users IP address in order to serve their request for a website. Remove the IP address as soon as you served their request, because you don’t absolutely need it any more.

Example: You have to hand user data over to your ISP (and their ISP etc) in order to serve their request for a website. Do not hand this data over to Facebook, Google, your mum or anybody else, because you don’t absolutely need to.

Example: If someone is visiting your website, it is fair to assume implicit consent to the above two bits. However, if you provide a service where they can store data on your server (e.g. Dropbox), you should inform the user on how the data is stored so that they can sensibly consent to this (or not). So if you’re storing data unencrypted, inform the user that this is the case. If you’re storing data in your mum’s basement, inform the user that this is the case. If you’re storing data in some country with strange laws, inform the user that this is the case.
1 comments
formatkaka 2675 days ago
To make the product better, we require information about how the user interacts with it.

What about if we:

1. Save data anonymously. OR 2. If we have to save some data, we give them an option to access what we have saved. something like 'Data Settings'.

link
claudius 2675 days ago
1) Ask the user if they consent. If they don’t, let them continue using the product and do not collect any data. Make both the "Yes, I consent" and the "No, I do not consent" buttons equally large.

2) If they do consent, consider every individual part of data you save. Do not save complete user sessions, instead, before doing anything, decide what you want to test, which information you require to do so and then save only this information. E.g. (using the example elsewhere) if you want to check how long people stay on individual pages, collect a signal on each page how long the user stayed on this page (and nothing else).

3) Anonymize the data as quickly as possible. For the example above, do not store data for each user how long they stayed on each page. Instead, have one counter per page which is incremented by the time the user stayed on the page (and the individual time subsequently immediately discarded). This way you can still figure out which pages are left early but you cannot tie this data to any individual user.

4) If you want to look at individual user sessions, pay people to use the website while you stand behind them (physically), do not collect data from random customers.

link
nightcracker 2675 days ago
3. Ask
link
cr1895 2675 days ago
Maybe a good place to start:

https://ico.org.uk/for-organisations/guide-to-data-protectio...

link