Forgotten @ Scale: A Practical Solution for Implementing the Right To Be Forgotten in Large-Scale Systems

The European General Data Protection Regulation asserts data subjects' right to be forgotten, i.e., their right to request that all their personal data be deleted from an organizations' data stores. However, fulfilling such requests in large-scale systems is technically challenging. It requires that organizations keep track of all locations in which an individual's data is stored, be able to access and delete it in a reasonable time frame, and be able to prove that all such data was in fact deleted. In addition, organizations must cope with complexities such as multiple, distributed, and continuously evolving systems of record, complex data retention policies and deletion approval workflows. We present a first design pattern and practical implementation of the right to be forgotten on a large scale in Big Data and cloud environments.

[1]  Tamar Domany,et al.  Enterprise Data Classification Using Semantic Web Technologies , 2010, SEMWEB.

[2]  Guilherme Ottoni,et al.  RIFLE: An Architectural Framework for User-Centric Information-Flow Security , 2004, 37th International Symposium on Microarchitecture (MICRO-37'04).

[3]  Jianfeng Ma,et al.  A full lifecycle privacy protection scheme for sensitive data in cloud computing , 2014, Peer-to-Peer Networking and Applications.

[4]  Kieron O'Hara,et al.  Can Semantic Web Technology Help Implement a Right to Be Forgotten , 2012 .

[5]  Jordán Pascual Espada,et al.  Machine learning approach for text and document mining , 2014, ArXiv.

[6]  Axel Polleres,et al.  A Scalable Consent, Transparency and Compliance Architecture , 2018, ESWC.

[7]  Paula Ta-Shma,et al.  Brief Announcement: A Consent Management Solution for Enterprises , 2017, CSCML.

[8]  Geoffrey H. Kuenning,et al.  TrueErase , 2016, ACM Trans. Storage.

[9]  Christophe Debruyne,et al.  Compliance through Informed Consent: Semantic Based Consent Permission and Data Management Model , 2017, PrivOn@ISWC.

[10]  Jeffrey Rosen,et al.  The Right to Be Forgotten , 2012 .

[11]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[12]  Radia Perlman,et al.  The ephemerizer: making data disappear , 2005 .

[13]  Andrew C. Myers,et al.  A decentralized model for information flow control , 1997, SOSP.

[14]  Christine Morin,et al.  Towards Enforcement of the EU GDPR: Enabling Data Erasure , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[15]  Andreas Krause,et al.  Deletion-Robust Submodular Maximization: Data Summarization with "the Right to be Forgotten" , 2017, ICML.

[16]  Harry Velupillai,et al.  Evaluation of Registry Data Removal by Shredder Programs , 2008, IFIP Int. Conf. Digital Forensics.

[17]  Joonas Forsberg Implementation of Centralized Log Management Solution for Ensuring Privacy of Individuals as Required by EU Regulation , 2018 .

[18]  Siani Pearson,et al.  Taking the Creative Commons beyond copyright: developing Smart Notices as user centric consent management systems for the cloud , 2014, Int. J. Cloud Comput..

[19]  Amit A. Levy,et al.  Vanish: Increasing Data Privacy with Self-Destructing Data , 2009, USENIX Security Symposium.

[20]  Edgar R. Weippl,et al.  The Right to Be Forgotten: Towards Machine Learning on Perturbed Knowledge Bases , 2016, CD-ARES.