Designing – ‘Right to forget’

How to do right-to-be-forgetten right (IMHO) – Create an identity store (with atleast known ids and proxies for ids)– Create a key pair per identity– Encrypt private data with the public key– Decrypt private data with the private key (along with RBAC, Audit, logging and time bound access token)– Delete the private key when the user exercises his right-to-forget.– Remember the user’s decision and continue to encrypt private data that comes in future (however this time there is no way to decrypt.) Note : identity registration, store, public key access for a given id can all be services which may […]