With X-files back on the air it seems like a relevant reference (at least for us that are old enough to have followed the original 90ies series): Is the GDPR truth out there?
Now, as you may recall from my previous article, this question is asked from a very specific point of view: the GDPR right to be forgotten and how this affects the potential use of event sourcing.
Through Global Gaming I have been fortunate to work with Wistrand law firm here in Sweden on several projects and hence I turned to them for an answer. And as expected the answer is fairly long and detailed, and basically states that there are still very few actual cases out there which means that every approach that does not follow the regulation to the letter is up for debate.
Being a strong believer in Open Source projects, I feel that there is way too little sharing on the legal side of things. Sure, there are differences in each country/company/setup – but some overall concepts and ideas should be able to be shared and re-used.
Hence I have made the Wistrand memo public here!
Once you have read it, you’ll see that there are many unknowns but also supporting cases for the idea that encryption is a valid method for deletion/anonymization.
Encryption however is tricky. It’s very easy to get it wrong. The more eyes you can get on the code the better. And I kind of suspect that there are a great number of companies out there right now that are developing something similar to what we are about to embark on as an Open Source project: a central service that manages keys to be used for encrypting i.e. personally identifiable data in a way so that once the key is removed – the data is “deleted” (or anonymized if you prefer that term).
The idea is in no way new. It’s widely used. If you for instance read this article on an iPhone, every single file is encrypted with a key and if you decide to delete a file, you don’t actually erase the space that the file occupies – you simply delete the key and the data is lost forever.
Over the next few weeks we’ll provide more details about this project named “KeyRuler” which will consist of a “server” part (that should be possible to re-use in a variety of systems) and a “client” part which in our case will be a proof of concept based on extending Avro schemas for Kafka to identify the data to encrypt and make the process as seamless as possible to the producer- and consumer-application.
Will it work? Can we together solve the security, scalability, performance and all other issues that comes to mind? That is this article’s cliffhanger…