Privacy and Data Protection
What you can do to protect your data as a developer
As a developer, you not only have to make sure you’re working on the right functionalities for the application that you’re building but also that you’re taking care of functional and non-functional requirements. Applications have to be secure, able to scale fast, have fast response times, and not crash when the load peaks. In the era that we’re living in, it’s inevitable that privacy and data protection are also on that list of requirements.
If you’re really lucky as a developer, your company has hired a privacy engineer that does the privacy and data protection work for you. But most of the time you have to do it yourself. Understanding good privacy practices is a tool every engineer should have in their toolbelt.
Privacy engineering is an emerging discipline within, at least, the software or information systems domain which aims to provide methodologies, tools, and techniques such that the engineered systems provide acceptable levels of privacy.
In this article, I will show you how you can cope with privacy and data protection from a developer perspective. But before we start with this I’ll give you a brief introduction of how the privacy landscape has changed over the years.
The Changing Privacy Landscape
In this era, data plays a huge role in our everyday life, in lots of obvious ways — when we’re shopping online and type in our name and address when placing an order, for example.
But data collection can also be less visible.
Data brokers specialize in creating in-depth profiles of individuals for advertisers. A profile can contain data like sexuality, browsing history, political affiliation, and even medical records.
This poses challenges for human rights. One challenge relates to the way companies use our data. The internet’s business model depends on people sharing their data in exchange for access to content, services, and social media platforms. While you might not pay anything upfront to go on social media platforms, they still make money from you by selling your personal information to advertisers. By clicking on “I agree” in the terms of service, users technically consent to this model. But as we all know, the biggest lie on the internet is: “I understood the terms of service”. No one really knows what they’re signing up to and this creates opportunities for misuse.
With the changing privacy landscape, the list of tasks for developers has expanded. Data from millions of users has been stolen. Every now and then a data breach happens and makes the news. As a developer, it’s your task to prevent this from happening. This requires some measures.
Be Transparent About Data
Let’s take a health app as an example. A user might be happy about the smartwatch collecting data like their heartbeat and location. They are probably happy to share that information to gain more info about their physical well being. However, if that data is sold to a running shoe company without their explicit consent, they probably wouldn’t be OK with that.
In Europe, companies have to comply with the General Data Protection Regulation (GDPR). This regulation was introduced on the 25th of May 2018. All companies, no matter what sector they are in, have to comply with the GDPR if they collect data from their employees, customers or other persons from the European Union. This includes audio and video, as well as text.
The GDPR gives individuals more privacy rights and should better protect people’s data. Not only in their role as a consumer, but also in their role as a civilian and employee.
In the US, this works a little bit differently. Privacy is handled differently depending on the sector. The health care sector, for example, has Health Insurance Portability and Accountability Act (HIPAA) confidentiality laws that companies in that sector need to comply with.
The HIPAA consists of five sections, also known as titles. Title one and two are the most important. Title one is about health care access, portability, and renewability. From a developer perspective, title two is the most interesting. Title two is about preventing health care fraud and abuse, administrative simplification, and medical liability reform. This title covers the protection of data.
One of the rules in this title is the ‘Privacy Rule’. This looks the same as the GDPR rules, for the most part — it gives individuals the right to request their own information or data to correct inaccuracies, for example.
Give the User Control Over Their Data
Collected data is often used to offer personalized experiences or advertisements to users. This data can be used to create unique interactions that more closely align with your users’ interests and needs.
Let your users select their preferences, so they can choose whether they want to share certain information or not. Take a profile page, for example. Some users want their date of birth to be visible for everyone. Other people only want it to be visible to their friends. Give users control over their data and respect their preferences!
How to protect your data
As a developer there are certain things that you can do to prevent sensitive data from leaking. Here are five things that that you should take into account when it comes to protecting data.
Treat sensitive information differently
It might make sense to share basic business data across the organization quite freely, but access to data that contains personal information should be treated differently. Sensitive data should be guarded closely. This includes access to data that might not seem susceptible to misuse at first glance, like names and addresses of customers or users.
Cross environment data
Don’t use data from the production database on other environments. This includes not using it on your local environment! Protecting the sensitive data on the production environment is hard enough. By using the production data on other environments things get unnecessarily more complex.
If your company has to apply to the GDPR (General Data Protection Regulation), it is not allowed to use production data on any other environment than the production environment.
It’s good practice to encrypt all backups. Backups contain a lot of sensitive information. If for some reason a backup gets compromised, it still takes a lot of effort to decrypt the backup file. Probably so much effort that the person that has laid his hands on the backup won’t bother.
You should make backups frequently enough to ensure that you can restore your application without significant data loss. The more important your application is, the more redundancy should be built into your backup storage approach.
If you want to protect your data, you should only let authorized users have access to the data. This means that you should restrict access to the servers. Create a new user for every person. Don’t let a user be shared by multiple people. Make sure you give them access to the folders that they need access to. Don’t grant more permissions to users than needed.
You also want to make sure that you restrict access to all of your website’s environments. You don’t want some random person to accidentally visit the test or acceptance environment, because someone misconfigured the robots.txt file. Something as simple as this is considered a data breach.
Restricting access can be done very easily with basic HTTP Authentication. This requires a user to fill in a username and password before the website can be visited. This way your data is protected from random persons.
Keep software packages and libraries up to date
Keeping your software packages and libraries up to date is vital for keeping your application secure. Outdated software packages and libraries can cause a lot of harm. When hackers discover a vulnerability they are quite happy to abuse that vulnerability and they will do it quickly. Always patch vulnerabilities as soon as possible!
If you are using third-party software such as a CMS, like Wordpress, you should take this very seriously. Don’t wait with applying security patches. Since third-party software is used a lot, hackers will create exploits and try to attack vulnerable applications. Most of these third-parties have a mailing list or RSS feed detailing security issues. Take advantage of this.
Other popular tools that get used a lot by developers to manage their software dependencies are Composer, npm, and yarn. Security vulnerabilities appearing in a package you depend on but aren’t paying any attention to is one of the easiest ways to get caught out. Ensure you keep your dependencies up to date.
Only collect data that you need
This one might seem obvious, but I’ve seen more than once that extra data gets collected just in case a new feature gets added that needs that data. Data that you don’t collect is data that you don’t have to protect! Don’t collect more data than is necessary.
Once you start collecting data, it is considered good practice to periodically evaluate the data that you’ve collected. If data gets collected that isn’t being used, you should delete that data.