Support » Plugin: GDPR Personal Data Reports » Randomness

  • Hi Sean

    Me again!!

    I have looked through your code and it is very clean and appears to be well written.

    One thing I wanted to see was how you were generating the random part to anonymise the data subject and see that you have a function called generate_random_string which generates the random information and based on a 30 character string.

    I have attended a number of different conferences and seminars where the anonymising of the data subjects identifiable information was discussed in detail and if the randomness is really good enough for anonymising the data subject and the general view was that it needs to be more robust than a loop with a sequence of characters in alphanumeric order. I would suggest that you might consider doing a few things to make it more random. Firstly change the sequence of the 30 characters so that the order is random and when generating the random include a random millisecond delay before each random character is generated and also when it is selected. This way it makes it far more difficult to unravel the randomness (or rather lack of randomness) when using your current method and therefore much harder to break if the data was breached. It also shows a Supervisory Authority and a concerted effort has been made to really anonymise the data subjects identifiable information.

    You might also (in the Pro version) want to consider moving the report generation part to be part of a cronjob rather than realtime as I would imagine in future (in the Pro version) you plan to make the plugin work with other plugins that store personally identifiable information etc and this could put a load and delay other processed on a very busy server.

    Also you appear to be reading the content for the email from files in the mail folder which you might want to consider moving to the settings page so that they can be edited by the data controller and also you may want to consider moving these from being stored in files to be stored in the WP database itself.

    In addition you might want to consider adding a cronjob that runs once a day and checks to see if any new meta keys have been added to the users table as at the moment it is only as good as when you configured the plugin which could give a false sense of security. There should be an option to be able to send an email with information to the data controller / IT to inform them that they need to review the settings page in your plugin to check if any new meta key data needs to be included for your plugin to handle it in the eraser process.

    Finally, you might want to consider the addition of an export option in the logs panel and also the option to email the data controller the logs each day as this would be useful for the data controller to store to evidence to a Supervisory Authority that they are taking a proactive course of action regarding the GDPR.

    Best wishes

    Nathan

Viewing 1 replies (of 1 total)
  • Plugin Author willowsconsulting

    (@willowsconsulting)

    Hi Nathan,

    thanks for all your suggestions. We will look into the anonymization process and try to improve it as per your comments.
    I am adding all your other suggestions as feature requests for either the free or pro version. Most of them should not be difficult to implement.

    Thanks again for all your feedback,
    Wojtek

Viewing 1 replies (of 1 total)
  • The topic ‘Randomness’ is closed to new replies.