I mentioned the issue of capturing credit cards and passwords.
David Gilbertson
62

Lastly, users tend to get a bit complainey about people intercepting and saving everything they type, particularly credit card numbers, passwords and the like. So it’s important that they don’t know you’re doing this. Wink.

I don’t need to worry about covering the boring stuff like privacy and security

Woah there, ok. This is an interesting technique, but it needs some huge warnings on top!

If you’re doing this for real after Spring 2018, you have any EU users, and you’re not extremely careful, then this is illegal and subject to fines of up to 20 million euros or 4% of business turnover, whichever is higher. That’s before you even get into more specific national laws like UK & US data protection.

Privacy and security are not things to wink past or skip over — the world is changing, and techniques like this are likely to infringe on user’s privacy in a way many users will be unhappy with, and which in cases like this is often completely against the law and can seriously damage your business if you’re caught.

Avoiding tracking credit card data & passwords is a sensible start (if you accidentally store credit card info incorrectly you’re in very dangerous territory — take a look at the penalties for PCI non-compliance), but if you collect any personal information, which includes usernames, ips, the user’s location, any unique cookies, etc etc, then this is personal data and to collect it you need a user’s explicit opt-in permission, in a clear way, for this specific separate use case.

That means an EULA of legal noise doesn’t count, a ‘we can do whatever we like’ checkbox does nothing, pre-checked checkboxes are meaningless, and a ‘by using this site you consent to…’ message is irrelevant.

If you accidentally track any information about more sensitive information like ethnicity or health, or if you transfer data about EU citizens outside the EU, then the rules and penalties are tougher still.

There’s a lot more to this, and I am not a lawyer, but Mailchimp has a nice intro if you’re interested, as does Piwik.

I’m sure there are nice routes to implement this legally, but they do require more care. You should check with somebody more formally knowledgeable before shipping anything, and you’d still have take be careful, but I imagine it would be ok to track a user’s events on their machine, just temporarily in memory in JS, and to then have an easy way that lets a user opt-in and send the full report of their current session to you later, getting their consent at the point where they hit an error, with a clear explanation of what that data includes and how it’s going to be used.

This is cool stuff regardless, don’t get me wrong! Redux creates a lot of power here, and this is a very neat way to use it, but the penalties for using that power carelessly are high, and it’s not helpful to talk all about a cool technique and release a bunch of code without at least mentioning that anybody directly using it is probably breaking the law in many parts of the world.

One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.