gdpr icon indicating copy to clipboard operation
gdpr copied to clipboard

Published 20 hours ago verified publisher icon georgringer

"Personal data portability" feature

Open fedir opened this issue 6 years ago • 1 comments

Let's implement "Personal data portability" feature (it's also one of the most important points of European GDPR).

Objective

  • On the request of the user it's private information should be exported in a structured, commonly used and machine-readable format

How it could work

  • Each frontend user should be able to request records, which contains it's own private data (via FE plugin)
  • On the data level, TCA should be extended to classify selected tables / fields with "private data" of the FE user
  • Data export API, for private data (but filtering from system information, to avoid additional information disclosure)
  • An additional Backend module for the DPO could be added to control if all private data is exportable

Ressources

  • https://gdpr-info.eu/art-20-gdpr/
  • https://techblog.bozho.net/gdpr-practical-guide-developers/

fedir avatar Apr 22 '18 11:04 fedir

the main problem I see: There is no API in datahandler to fetch related records like orders of a user. This will be solved with https://typo3.org/community/teams/typo3-development/initiatives/persistence/. therefore I will wait until this is fixed

georgringer avatar Apr 23 '18 16:04 georgringer