GDPR and Druid Historic Data

Hi,

Companies that are inside the EU and need to save their users information (like IP, custom cookie ID, ID for advertising, user agent, and so on…) are subject to modifications/deletions because of the GDPR law.

If a user from those companies wants to opt-out from their network, they have the right to do so, and be forgotten from all places where his information is present within the company, in a period of no more than 1 month.

Druid has the problem that is hard to update/delete data on individual records. Have you thought about this in your roadmap? Is there a way to update/delete user level data that we don’t know yet?

Any hint on how we can achieve this will be much appreciated.

Best,

Hello Federico,

I am facing somewhat similar problem. The option suggested for such deletion was using ingestSegment firehose. You can look at my thread regarding How to selectively delete data from druid and issues observed. I don’t have any requirement to currently delete data but was looking for this specifically having GDPR compliance in mind. Apart from GDPR anyways there should be some way to selectively delete data.

As far as i know we don’t have any reliable method for deleting data based on dimensions (these could be cookie ID, IP etc.) . Lets hope for comment by any of the druid core committer.

Thanks,

Prathamesh