Comments (4)
Jet was US only, which brought CCPA-driven requirements. I've not personally been involved in those, and Equinox doesn't present any specific features and/or have stances that alter the overall equation on this. In terms of active systems using Equinox, those by design and/or nature of their business function don't tend to maintain personal data.
I'd venture this is best asked on the DDD-CQRS-ES forum - this is a regular question, and there are experienced folk there.
As general advice from someone who has not traversed the issue IRL properly: talking to lawyers and product managers is going to be the first port of call - storing less data, deciding high level strategies about how to segregate where personal data lives, considering things like encrypting sensitive data and then discarding the keys in the event of a request to be forgotten.
For Equinox.EventStore: How one technically gets rid of data in either an ESDB in-stream snapshot is going to be tied up in the exercise/discussion of if/how you're going to get rid of the event that entered it into the state underlying the snapshot in the first instance.
For Equinox.Cosmos, the pruner and archiver mechanisms may or may not be useful
For Equinox.SqlStreamStore, I'd ask the question as a SqlStreamStore question
from equinox.
Thanks for the followup; hopefully you're adequately covered now.
For avoidance of doubt I was referring to https://github.com/ddd-cqrs-es/slack-community - while the fundamental approaches are as described in the linked threads on the email group, the bulk of discussion now takes place on the Slack (there are no archives there though), the place to get a contextual and complete answer to such a question especially if you can provide some details of the actual nature of your system and its specific constraints is probably there.
I also forget to mention earlier that:
- there is a purge API in Equinox.Cosmos for removing events from a stream (
proPruner
uses it, but not for for GDPR-drive data removal) - For EventStore or SqlStreamStore, you'd use the APIs to do the removal of the events; Equinox doesn't expose/wrap a specific API (though it'll cope with missing events etc)
from equinox.
Also, the obvious other alternate solution is - don't store personal data in your event streams ;)
from equinox.
Thanks for the response @bartelink .
I found two existing threads in the DDD/CQRS list:
- https://groups.google.com/g/dddcqrs/c/diLl2l7E_0c/m/GTXwsxoDAgAJ
- https://groups.google.com/g/dddcqrs/c/tH5NwF1M8YA/m/mh2hHaOfBQAJ
One approach mentioned was, as I described, having some support for ensuring the original event with the personal data is removed from the stream (by purging, ,recreating, etc).
The other interesting alternative is to encrypt personal data on the stream, then "forget" the encryption key if the data is requested to be purged. Apparently this has been tested as a valid legal approach with GDPR.
In any case, I think this adequately answers my question for now. I'll close this issue.
Thanks!
from equinox.
Related Issues (20)
- V2: constrain dependencies HOT 1
- V2: Cosmos: Backport LogSink signature change HOT 2
- Cosmos Table support HOT 2
- Cosmos: Fix unfold event numbering
- The canonical definition of AwaitTaskCorrect is incorrect HOT 4
- Add LoadOption.RequireLeader
- missed published packages HOT 6
- StreamId.gen2/3 - consider revert to struct tuples HOT 1
- StreamNotFoundException when trying to add Events to a new Stream with EventStoreDb HOT 5
- Is there a specific message-db version that one has to use? HOT 8
- DynamoDB: EventsContext fails to read when tip not read HOT 1
- Feature: ReadThrough mode HOT 1
- DynamoStore: Needs to write through tip to guarantee order on DDB streams
- Core: NullReferenceException when using cached reads
- DynamoStore: Use ReturnValuesOnConditionCheckFailure to implement Resync
- refactor: Label contexts unambiguously
- Rename AsyncCacheCell to TaskCell
- CosmosStore: Complain about large partition keys if not configured
- Remove Compaction from Domain terms
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from equinox.