pii_spider is a tool that helps you find PII or sensitive data in a database. The idea is that you don't know anything but a database connection and pii_spider will look in all your tables and tell what's there.
OK, why should you care about privacy? I'd argue there are two reasons privacy matters:
- How do you get people to turst you? We in technology are on the cusp of regularly upending people's lives. If we as technologists are going to be trusted with people's lives and livlihoods then we have to demonstrate we're worthy of that. So let's do so by managing people's data properly.
- Privacy is safety This is not a computing-specific point but people who talk about privacy being unecessary often assume there's no consequence of a loss of privacy. There is. In his book Data and Goliath Bruce Schneier says:
“There's a strong physiological basis for privacy. Biologist Peter Watts makes the point that a desire for privacy is innate: mammals in particular don't respond well to surveillance. We consider it a physical threat, because animals in the natural world are surveilled by predators. Surveillance makes us feel like prey, just as it makes the surveillors act like predators.”
So having privacy means we're not acting like prey so we can feel safe. We should be able to give that to people.
$ racket main.rkt --username db_user --database pii --password 'mypassword'
$ open output/index.html
Part of the aim here is to have something that can be remotely controlled. So I've started putting together a small deamon to accept remote requests. Note that this is EXPERMIENTAL it has no practical safeguards yet and is more about thinking of how this could be done than readying it for production use.
You'll find more details in the scribble documentation for this app.
pii_spider is licensed under the MIT License see LICENSE for more details.