GDPR : Deletion of user data

A

AFrenchCompany

Member
Dec 6, 2021
24
2
8
46
Hi,

GDPR imposes that we comply with request from Users who want their data deleted.
Which poses some questions for us.

Let's assume that we have
* User data in an LXC on a Proxmox VE Node, say under `/var/www/User/`
* Backups of this LXC to PBS machines

Is there a feature to remove all traces of `/var/www/Users` in PBS backups (w/o deleting whole backups) ?
If so, is it immediate or does it need to wait for pruning? garbage collection?
Is it possible to write random data to the PBS disks in place of the User data ?


Thanks !
 
Last edited:
backup snapshots are immutable, there is no way to selectively delete them. I would suggest talking to your DPO/lawyer/.. and consulting guidelines issues by your local authorities, so that you can define a policy on how backups should be handled w.r.t. user data and deletion requests.
 
Also, AFAIR the GDPR is usually interpreted that it is unreasonable to remove the data from backups, as there are also quite a lot of other reasons why a complete removal of user data is against other, higher valued interests. A quick search brought up this page. But, as @fabian said, better consult someone who knows how the regulation is handled in your jurisdiction.
 
Thanks for the feedback, we'll check with a lawyer on the GDPR side of things.

Although I forgot to mention that our interest in this question was twofold.
We also have clients who require that data be deleted completely upon the ending of the business relation.

But I guess that doesn't change the immutability of PBS backups :)
 
Last edited:
AFrenchCompany said:
We also have clients who require that data be deleted completely upon the ending of the business relation.
Click to expand...
Then I would try to separate these / each customer in such a way, that you can easily remove all the associated backups to that customer without affecting other backups. And yes, after you remove the backups, the chunks belonging to that backup will be removed a day later.
 
Thanks, we can manage to store the data differently as to have user-specific backups.

Remains the question of writing random data to the PBS disks in place of these backups (this is a client requirement).
Can PBS do that ? I believe simple garbage collection would not satisfy their requirements.
 
What about encrypted backups? Then, even if someone can restore the chunks, they are useless unless they have access to the key.

Depending on where the backups are stored, "overwriting" is also not working as expected. For example, ZFS or any other Copy-on-Write file system will not write to the same sectors on the disk anyway. If SSDs are used, they will use wear-levelling which means that even if you would use a simpler file system, writing to the same blocks again, might not write to the same memory cells in the SSD...
 
Last edited:
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back