Delete persistent entity (GDPR)
162 views
Skip to first unread message
Rune Skou Larsen
Feb 22, 2018, 5:08:09 AM2/22/18
to Lagom Framework Users
GDPR is soon going into effect, which means that systems MUST delete an EU citizen's data, when the data is no loger needed.
I don't see any obvious way to enforce deletes for a lagom persistent entity, so I'm planning to delete it diretly in Cassandra by doing something like:
delete from messages where persistence_id="SomeEntity<id>"
delete from snapshots where persistence_id="SomeEntity<id>"
Would that completely wipe all data related on SomeEntity<id>? Is there a better way? Comments welcome.
- Rune
Renato Cavalcanti
Feb 22, 2018, 5:17:40 AM2/22/18
to Lagom Framework Users
Hi Rune,
That will only delete your journal data. Of course the data can be propagated through all your system. Think about the read-side view that you may generate and Kafka topics. Read-side views are trivial to delete, but data that scape the boundaries of your service are trickier.
There is also the case where user information appears on the event log of another user. For example, think on a social network thing where we connect. If you request to be forgotten and all your data is wipped out, but there are some references to your name on my own event log. How does that complies to GDPR?
That will only delete your journal data. Of course the data can be propagated through all your system. Think about the read-side view that you may generate and Kafka topics. Read-side views are trivial to delete, but data that scape the boundaries of your service are trickier.
There is also the case where user information appears on the event log of another user. For example, think on a social network thing where we connect. If you request to be forgotten and all your data is wipped out, but there are some references to your name on my own event log. How does that complies to GDPR?
Rune Skou Larsen
Feb 22, 2018, 8:27:16 AM2/22/18
to Lagom Framework Users
Thanks for the reply.
There is also the case where user information appears on the event log of another user. For example, think on a social network thing where we connect. If you request to be forgotten and all your data is wipped out, but there are some references to your name on my own event log. How does that complies to GDPR?
My understanding of GDPR is, that if a user request to be forgotten, then the system must comply and delete her personal data even though other uses for this data may still exist. Exception being statistics and similar where the personal data is aggregated in an anonymized way - no need to remove her data from that. Another exception exists for data backups under certain conditions.
Another case is, if a user did not request to be deleted, but will not be using the system anymore. Then one purpose for keeping her data is gone. But if another valid purpose for keeping her data still exists (like you mention - a reference from another user), then her data does not need to be deleted.
Reply all
Reply to author
Forward
0 new messages