保護DataHogo
Security Encyclopedia/Privacy Best Practices
lowCWE-16

Excessive Data Collection

Collecting more personal data than you need violates GDPR's data minimization principle and increases your liability when a breach occurs.

How It Works

GDPR's data minimization principle (Article 5) requires collecting only data that is 'adequate, relevant and limited to what is necessary'. Collecting phone numbers for a service that never calls users, or storing full birth dates when you only need to verify age, violates this principle and expands your breach liability unnecessarily.

Vulnerable Code
// BAD: collecting data that isn't needed for the service
const userSchema = z.object({
  email: z.string().email(),
  password: z.string(),
  fullName: z.string(),       // needed? or just display name?
  phoneNumber: z.string(),    // do you ever call users?
  dateOfBirth: z.string(),    // do you need exact DOB or just age verification?
  address: z.string(),        // for a SaaS with no physical delivery?
});
Secure Code
// GOOD: collect only what you actually need
const userSchema = z.object({
  email: z.string().email(),    // for login and communication
  password: z.string(),
  displayName: z.string(),      // for personalization
  // phone, DOB, address: only if your service actually needs them
});

Real-World Example

Multiple GDPR enforcement actions have targeted companies for collecting excessive data 'just in case'. When these companies later suffered breaches, the excess data collection multiplied the number of affected individuals and the severity of regulatory penalties.

How to Prevent It

  • Audit every field in your user registration and profile forms — can you achieve your goal without it?
  • Use age-gating checks instead of storing full birth dates if you only need to verify age
  • Delete data you collected historically but no longer need
  • Document your legal basis for each data field collected (legitimate interest, consent, contractual necessity)

Affected Technologies

Node.js

Data Hogo detects this vulnerability automatically.

Scan Your Repo Free

Related Vulnerabilities

No Privacy Policy

low

Operating without a privacy policy violates GDPR, CCPA, and similar regulations — and makes users rightfully distrust your handling of their data.

CWE-16

No Terms of Service

low

Without terms of service, you have no legal basis to restrict abuse, terminate accounts, or limit your liability for user-generated content.

CWE-16

No Account Deletion

medium

Not offering account deletion violates GDPR's right to erasure and CCPA's right to delete — and is a significant privacy red flag for users.

CWE-16

No Cookie Banner

low

Setting non-essential cookies without user consent violates GDPR and ePrivacy Directive requirements for EU users.

CWE-16