Deal with Logging and Privacy

(Bug, To be Fixed , Priority: Critical, Test Status: No automated tests yet , Reported By Justin du Coeur, Effort: Moderate)

System

Summary: Our logging is pervasive, and way too leaky. Deal with that.

Most of our logging dates back a decade or more, to before the times when I was sensitized to the security implications there. There's too much in there, potentially including PII. (I don't know that for sure, but I don't know that there isn't.)

Go through and comprehensively redo all logs. Ideally, rewrite them using the same idiom I used at Rally, possibly even using weePickle to do so, so that each log message is strongly-typed JSON outputting a recursive data type (with raw Strings explicitly forbidden), using an opt-in approach such that we have to explicitly describe how to log a given structure.