Enforcing GDPR Right to be Forgotten at scale
WHAT IT TESTS: Privacy engineering across stores. OUTLINE: Map the subject's data, then crypto-shred the lake, DELETE in the warehouse, and evict caches via an auditable, idempotent workflow. RED FLAG: Assuming one DELETE suffices everywhere.
WHAT IT TESTS: Whether you can engineer verifiable deletion across systems with different deletion semantics. ANSWER OUTLINE: First build a data map from subject to every location. Lake objects favor crypto-shredding by destroying the per-user key; the warehouse supports DELETE but watch Time Travel and clones; caches need targeted eviction or short TTLs. Orchestrate an idempotent workflow that logs every action to an immutable audit trail and verifies completion. RED FLAG: Treating it as one DELETE, ignoring backups and verifiability.
Read the original → interview
- #gdpr
- #privacy
- #data-deletion
- #crypto-shredding
- #compliance
Get five bites like this every day.
Tezvyn delivers a daily feed of 60-second tech bites with quizzes to lock in what you learn.