Remember the consequences of "move fast and break things" mindsets aren't just occasional bugs. Developers hold the responsibility of users' data and our mistakes have consequences.
You can't un-leak data and you can't un-ruin peoples' lives.
I'm not sure if that answers the question but it's what comes to mind.
██ Oliver █ L██████
If you're collecting personal data, "how should I protect this?" is actually your third question."Should I collect this?" is only the second question.The first question is "what would the worst people do if they got hold of this?"
03:49 AM - 04 Mar 2018
Alternatively: Move slow and ignore CVEs (I'm looking at you, equifax).
In other words, just because you're consuming code that other people wrote, and that is considered "stable," doesn't mean you can skirt responsibility when that code is found to be vulnerable.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.