Hacker News new | past | comments | ask | show | jobs | submit login

Stronger audit controls are the way to go for deterring this kind of abuse. Having an audit log of all privileged access, and having a different department review it (employee X accessed user Y's data, which LE request was this for?) isn't necessarily a huge burden: LE requests aren't frequent enough to justify not doing this.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact