Hi all, According to the GDPR act [1] Chapter 3, Section 3, Article 17 (Right to erasure) the data subject has the authority to request the erasure of the data from controller. And the controller has the authority to erase the data according to the conditions given in the Article 17. And in an event of erasure request, it should perform the action without giving an extreme delay and erase all of the relevant information.
In the current implementation, some of the user information (Ex: username) scattered around multiple locations and it is technically hard to clear all of the data from a single action without giving a significant delay. For an example there are instances username is printed in logs and it is technically difficult to erase those instances from logs. *Solution - Introducing Pseudonyms for Username* By introducing a pseudonym for username we can limit the usage of actual username throughout the system. By doing this erasure of actual username will remove the underlying value represented by the pseudonym attached to it. Hence it'll make the removal of user information from all of the related locations technically feasible. There are two main approaches to implement the pseudonyms for username which are below described. *Approach 1 * Keep the core implementation to work with usernames and change all of the output locations to convert username to relevant pseudonym and output. *Approach 2* Change the core implementation to work with pseudonym and change the places where the user friendly username is required. *Preferred Approach* Approach number 2 is selected as the best approach since all of the internal usages will be change to use the pseudonym and in a event of failure pseudonym will be displayed instead of the actual username which will guaranty the compliance. [1] http://data.consilium.europa.eu/doc/document/ST-5419-2016-INIT/en/pdf Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
