The General Data Protection Regulation (GDPR) is changing how you can handle data in Europe. But what does this actually mean? The first part of this talk gives an overview about the implications of GDPR, which affects every software project with a European relation. That includes users’ right to see, edit, and export their data, the right to be forgotten,… The second part takes a look at what this means for actual software projects with the specific use-case of logging. The main focus here is how to stay GDPR compliant while still being able to use the data for security and operation aspects.
This talk does not replace legal advice or a deeper examination of the topic. It gives you an overview and pointers to relevant techniques, but you need to discuss the implementation for your project with your own legal counsel.