Image for post
Image for post

WSO2 Identity Anonymization Tool

After European union enacted the GDPR policies, every related product should comply with these regulations. So every latest WSO2 product will have the full scale capabilities to support the GDPR policies.

One of the most prominent requirement of GDPR is “right to be forgotten”. Every GDPR complaint WSO2 product has this feature. This feature is supported via a inbuilt tool that is packed with every GDPR complaint WSO2 product. And will be available as a separate standalone tool as well.

The main task of this tool is to anonymize records related to a deleted user. These records include, historical data that is stored in meta data database tables, logs including access and audit logs, Analytic streams, etc… Anonymization does not means erasing all the related data. Instead this tool will replace all the identity related information with a random value (Pseudonym) but keeping the record’s connection as it is. By records connection it means, every record belongs to the same user will be replaced by the same pseudonym. So the connection integrity will be preserved. Even after an anonymization process, IT admin can track events that are done by the same person without knowing his or her identity.

More information about the tool will be available through official WSO2 documentation and each product related documentation. I will write another medium article regarding the architecture of the tool and how to extend the tool to comply with customized needs.

[1] https://docs.wso2.com/display/ADMIN44x/Removing+References+to+Deleted+User+Identities+in+WSO2+Products

Written by

Software Engineer @WSO2

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store