Also saving data that may be personally identifiable without the prior opt-in consent of the person concerned is likely a breach of Data Protection laws. That's up to two years too, I think, and the Information Commissioner in the UK has more or less stated he wants to find someone to make an example of.

We're a small company, developing on Windows using Visual Studio. Since Windows XP, all our developers work in a normal user account; as nearly as possible they use the same environment the most restricted of our users might, so that dumb security-related mistakes get caught fast.

Having said that, they also know the local admin account details for their machine, and are entrusted with installing/uninstalling stuff as necessary.

That differentiation - between the access we allow and what we encourage as day-to-day practice - is an important one. On other OSes you're more likely to be making this differentiation already. If you're using Windows and don't, please consider it. This is a useful resource: http://blogs.msdn.com/aaron_margosis/