Advokat Frida
SafeSeed · ToolkitOne-page brief
SafeSeed: confirmably-synthetic test data
Your non-prod environments are full of “test” data that is really production data in a fake moustache. SafeSeed generates PII-shaped values from standards-reserved never-real ranges, then leaves a tamper-evident receipt a reviewer can check rather than trust.
Four jobs, all local: Generate never-real PII-shaped values from cited ranges, Attest each run with a tamper-evident SHA-256 receipt, Verify a file is unchanged and still synthetic, and Scan existing columns for anything out of range. A CLI, npm library, and GitHub Action — zero backend, zero network, MIT.
Four honesty tiers
1 · Provably non-real
2 · Reserved, never issued
Valid in format, but the issuer sets them aside and never assigns them: NANPA 555-01xx numbers, never-issued SSN ranges.
3 · Designated for testing
Real-looking values processors publish for testing, like Stripe test cards. Fake by agreement, not by physics.
4 · Structurally fake
No standard reserves names or addresses, so they’re made obviously synthetic: TEST_Person_000142, 123 Example Way.
What it proves, and the line it won’t cross
Proves
- Every value came from one of the four cited tiers
- Anonymous on their own — no identifiable person (GDPR Recital 26)
- Tamper-evident SHA-256 record — confirm, don’t trust
- Zero network in generate, attest, and verify
Does not prove
- Not an enforcement boundary — no access control, no interception
- Scan checks only named columns — misses free-text and unmapped
- Not a lawful-basis or DSAR answer; not anonymisation
- Doesn’t resemble real data — wrong for ML or load tests
Lift verbatim into your control register
Non-production test data is generated from standards-reserved non-real ranges (SafeSeed), with a tamper-evident run record (SHA-256 content fingerprint) and a verify/scan step run in CI to confirm files are unchanged and within reserved synthetic ranges. Supports a data-minimisation / privacy-by-design posture (GDPR Art. 25) and the “selected” and “protected” elements of ISO/IEC 27001:2022 Annex A 8.33; can form part of an Art. 32 measures narrative. It does not, on its own, satisfy these in full, address A 8.33’s “managed” duties (authorization, access control, retention, deletion), or constitute anonymisation of production data.