From 1d431256bbceb355ed633c323e47f761e86c282d Mon Sep 17 00:00:00 2001
From: Julio Biason <julio.biason@pm.me>
Date: Wed, 17 Jul 2019 13:38:13 -0300
Subject: [PATCH] New chapter: user privacy

---
 content/books/things-i-learnt/_index.md       |  1 +
 .../books/things-i-learnt/debuggers/index.md  |  2 +-
 .../integration-tests/index.md                |  2 +-
 content/books/things-i-learnt/users/index.md  | 35 +++++++++++++++++++
 4 files changed, 38 insertions(+), 2 deletions(-)
 create mode 100644 content/books/things-i-learnt/users/index.md

diff --git a/content/books/things-i-learnt/_index.md b/content/books/things-i-learnt/_index.md
index 3299e6b..fe7dbb1 100644
--- a/content/books/things-i-learnt/_index.md
+++ b/content/books/things-i-learnt/_index.md
@@ -19,6 +19,7 @@ template = "section-contentless.html"
 		* [Learn The Basics of Functional Programming](functional-programming)
 		* [Shortcuts Are Nice, But Only In The Short Run](understand-shortcuts)
 		* [Debuggers Are Overrated](debuggers)
+		* [Think About The Users](users)
 	* Testing Software
 		* [Unit Tests Are Good, Integration Tests Are Gooder](integration-tests)
 		* [Testing Every Function Creates Dead Code](tests-dead-code)
diff --git a/content/books/things-i-learnt/debuggers/index.md b/content/books/things-i-learnt/debuggers/index.md
index 5acb618..20b3343 100644
--- a/content/books/things-i-learnt/debuggers/index.md
+++ b/content/books/things-i-learnt/debuggers/index.md
@@ -37,4 +37,4 @@ Again, I'm not taking the merits of debuggers, but in the long run, they are
 mostly useless and actually point missing surrounding support to actually
 understand what's going on.
 
-{{ chapters(prev_chapter_link="/books/things-i-learnt/understand-shortcuts", prev_chapter_title="Shortcuts Are Nice, But Only In The Short Run", next_chapter_link="/books/things-i-learnt/integration-tests", next_chapter_title="Unit Tests Are Good, Integration Tests Are Gooder") }}
+{{ chapters(prev_chapter_link="/books/things-i-learnt/understand-shortcuts", prev_chapter_title="Shortcuts Are Nice, But Only In The Short Run", next_chapter_link="/books/things-i-learnt/users", next_chapter_title="Think About The Users") }}
diff --git a/content/books/things-i-learnt/integration-tests/index.md b/content/books/things-i-learnt/integration-tests/index.md
index 9e0e6ef..d6a2e62 100644
--- a/content/books/things-i-learnt/integration-tests/index.md
+++ b/content/books/things-i-learnt/integration-tests/index.md
@@ -72,4 +72,4 @@ of moving parts.
 [^2]: Again, it's pure feeling from my experience. I have no data to back that
   affirmation up, so take it with a grain of salt.
 
-{{ chapters(prev_chapter_link="/books/things-i-learnt/debuggers", prev_chapter_title="Debuggers Are Overrated", next_chapter_title="Testing Every Function Creates Dead Code", next_chapter_link="/books/things-i-learnt/tests-dead-code") }}
+{{ chapters(prev_chapter_link="/books/things-i-learnt/users", prev_chapter_title="Think About The Users", next_chapter_title="Testing Every Function Creates Dead Code", next_chapter_link="/books/things-i-learnt/tests-dead-code") }}
diff --git a/content/books/things-i-learnt/users/index.md b/content/books/things-i-learnt/users/index.md
new file mode 100644
index 0000000..e89601f
--- /dev/null
+++ b/content/books/things-i-learnt/users/index.md
@@ -0,0 +1,35 @@
++++
+title = "Things I Learnt The Hard Way - Think About The Users"
+date = 2019-07-17
+
+[taxonomies]
+tags = ["en-au", "books", "things i learnt", "privacy"]
++++
+
+Think how the data you're collecting from your users will be used -- this is
+more prevalent on these days, where "privacy" is a premium.
+
+<!-- more -->
+
+I once had a discussion with a CTO about collecting the user IMEI on our
+mobile app. Basically, there was no use case for capturing that information
+yet but, as he put at the time, "We may want to know if one user uses two
+phones, or if two users use the same phone". I raised the fact that we didn't
+need this information and, besides that, it felt like we were invading the
+users privacy. He still decided to go ahead. My answer: "I'll do it, but I
+want to point that I'm not happy with it."
+
+In the end, the store blocked the app... because we were capturing the IMEI.
+
+But there are cases and cases. If you really _really_ need to capture user
+information, be sure to protect it against unauthorized use, be it by external
+forces (someone found a way to attack your data) or internal (some disgruntled
+colleague decided to take the data from your users with them).
+
+And be sure, there _will_ be a leak at some point, it's just a matter of time.
+If you can, the best way to protect your users data is to never capture it.
+When a flaw on your system is found or when some colleague leaves the company
+in bad terms, there will be no data to expose to the world, anyway. You can't
+be more secure than this.
+
+{{ chapters(prev_chapter_link="/books/things-i-learnt/debuggers", prev_chapter_title="Debuggers Are Overrated", next_chapter_link="/books/things-i-learnt/integration-tests", next_chapter_title="Unit Tests Are Good, Integration Tests Are Gooder") }}