GDPR

June 15, 2017

A GDPR view request generally is based around data of the user with one can identify a single person. There is data like first name and last name together with an email address which makes a pretty high chance to identify a person. I thought of just grepping for the first name and last name and any other identifiable data we got in our logs. Something like

fgrep -R "Homer Simpson" /var/log

But then of course the first name and last name could be split up. So something like this would fit better:

fgrep -R "Homer" /var/log | grep "Simpson"

Also i would run this for every id like an email address:

fgrep -R "[email protected]" /var/log

June 15, 2017

GDPR lead me as a web developer to search for user-data in applications. One way to find user data is through the application itself. This works, if there is only a handful of applications and the data flow is well understood.