Jordi Boggiano
Contributed by Jordi Boggiano in #32194

Privacy is an increasingly important compliance concern for tech companies. Existing regulations such as EU 2016/679, commonly known as GDPR, and upcoming regulations such as CCPA (California Consumer Privacy Act) impose some restrictions on the collection and treatment of personal data.

In addition to classic personal data such as names and phone numbers, some digital information, such as email addresses and IP addresses, are also considered personal data.

A common procedure to store information about users (for analysis purposes) while being compliant is to anonymize IP addresses. Specifically, you must remove the last byte for IPv4 addresses and the last 8 bytes for IPv6 addresses.

Although this is not technically challenging, in Symfony 4.4 we've added a new anonymize() method to the IpUtils class so you don't have to create this method yourself:

1
2
3
4
5
6
7
8
9
use Symfony\Component\HttpFoundation\IpUtils;

$ipv4 = '123.234.235.236';
$anonymousIpv4 = IPUtils::anonymize($ipv4);
// $anonymousIpv4 = '123.234.235.0'

$ipv6 = '2a01:198:603:10:396e:4789:8e99:890f';
$anonymousIpv6 = IPUtils::anonymize($ipv6);
// $anonymousIpv6 = '2a01:198:603:10::'
Published in #Living on the edge