|
|
| Reporter | Patrick Schmalstig | Assigned To | | |
|---|
| Severity | Feature-request | |
|---|
| Status | non-assigned | Resolution | open | |
|---|
| Product Version | | |
|---|
| Fixed in Version | | |
|---|
|
|
| Summary | 0006074: Handle privacy within the revisions system |
|---|
| Description | When a member requests to be purged, they have the right to be forgotten.
But we may still have their data in a Resource-fs format stored within the revisions system / table. We must account for this to be GDPR-compliant.
We can't just simply delete any matched revisions record; maybe a member who wants to be anonymised did not submit a particular piece of content in the revisions system. We must anonymise their e-mail address within the Resource-fs data while preserving the rest.
Luckily, it looks like revisions stores Resource-fs data as JSON. So doing a str_replace wouldn't be that difficult. The difficult part is matching the JSON schema to the db_meta to determine which fields need anonymised and to what criteria they belong. |
|---|
| Additional Information | Probably not something that will be done for v11.0 as this is a very complex issue. But it should be done within the v11.x branch as it's semi-high priority (given it regards legal compliance). |
|---|
| Tags | Roadmap: Over the horizon, Type: Legal compliance / Privacy |
|---|
|
|
| Time estimation (hours) | |
|---|
| Sponsorship open | |
|---|
|
|
