Open flowirtz opened 5 years ago
Bump @Miroka96?
CC @simsieg does that affect your Model View View Model Model View Model Controller implementation?
CC @fyndalf Do we run into any issues here from a legal perspective?
@FWirtz I agree with you here, to my (non-lawyer) mind this log statement should be removed.
Generally, following the GDPR regulation, logging personal information (such as user names, IP addresses) is to be avoided unless the user explicitly gives their consent, or valid reasons (such as fraud detection, accountability, ...) exist for retaining personal information.
Thus, removing this log statement seems reasonable, as there doesn't seem to be good reason to retain this kind of information in this context.
As per Article 4.1 GDPR the username should be considered as personal data. Logging it openly can be considered a bad practice and thus should be avoided.
https://github.com/Miroka96/stromberg-telegram-bot/blob/1e7ce81a866ff8b04a4e8a25aba0beb3fb167626/bot.go#L76