GDPR & NATS streaming server - Is it possible to anonymize a field somehow?

65 views
Skip to first unread message

Chris

unread,
Oct 23, 2019, 8:45:23 AM10/23/19
to nats
Hey all

We are investigating using the NATS streamer server.

We will be connecting the streaming server to a Postgres for source event logging. From my understanding, this will basically tell the streaming server to store all the events there.

We will also be using Google's Protobuf for the data. 



To deal with PII (Personal Identifiable Data) & GDPR, from my understanding, there are two ways:

1) Encrypt the subject data (or even part of the data) and use the "lost key" strategy. Meaning, the data is encrypted, but in order to "delete" the data, you are actually deleting the key, keeping the data "forever encrypted".
2) Add the "max_age" on a subject. Meaning, all events of a certain subject, will be automatically deleted from the Postgres by the NATS streaming server after a specific duration (for example, 30 days).

The absolute ideal situation would be if we could delete certain parts of the event that is only PII and just long term store the other in Postgres, but seeing NATS streaming server stores the events binary (i think), I am going to assume this is totally impossible?


I am just curious if anyone here knows of a third option that we have maybe not thought about? Regarding deleting specific part


Any idea, or feedback is highly appreciated!

Thanks!

// Christoffer

Derek Collison

unread,
Oct 23, 2019, 8:57:49 AM10/23/19
to nat...@googlegroups.com
There is nothing automated since NATS.io itself is agnostic to payloads. They are opaque bytes to the system.

You could however do what you want with an application that archives from the main store channel to another stripping the PII away.

In the future we see this being done with signed web assemblies.

Cheers,
=derek


--
You received this message because you are subscribed to the Google Groups "nats" group.
To unsubscribe from this group and stop receiving emails from it, send an email to natsio+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/natsio/0f63af4e-3109-45f1-9812-98914e168553%40googlegroups.com.

Chris

unread,
Oct 23, 2019, 9:01:05 AM10/23/19
to nats
Ah, yes. That would be possible, thanks.

// Christoffer
To unsubscribe from this group and stop receiving emails from it, send an email to nat...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages