Michael O'Kane created HDDS-4291: ------------------------------------ Summary: "GDPR Compliance" Feature Should Be Renamed Key: HDDS-4291 URL: https://issues.apache.org/jira/browse/HDDS-4291 Project: Hadoop Distributed Data Store Issue Type: Improvement Reporter: Michael O'Kane
Under HDDS-2012 a feature was added to Ozone that implemented transparent encryption with per-block encryption, facilitating secure, synchronous cryptographic erasure of data blocks. This feature has been billed as "GDPR compliance", both in documentation and in the flags employed to enable the mode. This terminology should be strictly avoided for a number of reasons: * Data disposal mechanisms are but a tiny part of a GDPR compliance picture. GDPR is a complex organisation that principally concerns itself with organisational measures such as impact assessments, collection justification and privacy-by-design. * Specifically in this case there is nothing within the text of GDPR that precludes the use of soft deletions/tombstones/garbage collection mechanisms for disposal of PII. The right to erasure text was specifically crafted to use the term "_undue_ delay" - this does not mean as quickly as is physically possible. As such there is a significant risk of the feature misleading users into believing its application is necessary for GDPR compliance (it isn't) or will make their data storage GDPR compliant (it won't). The feature should be renamed to something more accurate, such as Strict Deletion Mode or Secure Deletion Mode. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: ozone-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: ozone-issues-h...@hadoop.apache.org