undefined | Better HN

0 pointskasey_junk7y ago0 comments

CNIL is one of ~20 regulatory agencies & this isn’t their “official” stance.

Other opinions have concluded that you must keep an index of requested deletes in the face of backups, for instance.

0 comments

That agrees exactly with what CNIL said. Obviously you have to keep an index of requested deletes for the same length of time you keep backups in order to re-delete the relevant data in the event of restoring the backups.

Article 63 of the GDPR specifically covers consistency of enforcement across the regulatory agencies.

srrr7y ago

I don't see the problem here (for small companies). If you have a database with user data, and a user deletes his account, you delete the data from production. At this moment, you have a live system without this users data, and some backups with the data. The moment you make a new backup, you have a dataset to restore from that does not include the user data.

You keep daily backups for 1 week, and after one week the users data is gone from all backups.

The only possible window for restoring deleted user data is the time window from deletion to backup. To "solve" this you need to make more backups, ideally live backup and replication with really frequent snapshotting. And this is something you would want even without the new law, because you don't want to lose user data in case of a server failure. Why would you restore from an old backup? (And if you really need to restore from an old backup you most likely want to merge this backup with the newest one to reduce data loss. In this case you can reapply all deletes.)

The new laws don't change anything. For me at least. Also my lawyer is totally fine with "only" minimizing the problematic time window. We both know that it will never be zero.

greglindahl7y ago

You have a very narrow view about what backups are used for. Which is fine for your business, but for many others, the backups are important business records. What if an employee is stealing from the company, and does it for longer than the time that your business keeps backups? You might say "oh but I keep logs", in which case you have the same problem with keeping the logs that you think you dodged by not keeping the backups.

srrr7y ago

Yes and no... the GDPR is all about purpose, and if you keep a log for the purpose of logging unauthorized access to data this is fine if you state this fact in the contract with the employee and only store and access the logs for this purpose.

You just can not keep backups of everything for the purpose of everything.

My example can not include all cases and was written in the spirit of "we are a bunch of devs with a small project". As is monal.im .

j / k navigate · click thread line to collapse

0 comments

opencl7y ago

Article 63 of the GDPR specifically covers consistency of enforcement across the regulatory agencies.

srrr7y ago

You keep daily backups for 1 week, and after one week the users data is gone from all backups.

The new laws don't change anything. For me at least. Also my lawyer is totally fine with "only" minimizing the problematic time window. We both know that it will never be zero.

greglindahl7y ago

srrr7y ago

You just can not keep backups of everything for the purpose of everything.

My example can not include all cases and was written in the spirit of "we are a bunch of devs with a small project". As is monal.im .

j / k navigate · click thread line to collapse