GDPR: When "Pseudonimise User ID" is activated, still allow users to export data subjects requests for a given User ID #12839
Labels
c: Privacy
For issues that impact or improve the privacy.
Enhancement
For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone
Our User ID Pseudonymisation does a SHA1 and uses the Matomo salt during hashing. (refs #12836 #12641 #12600)
It is not full anonymisation because given the User ID, and knowing the Matomo salt, then it's possible to find back all the visits for this particular user. In the backend, since we know the Salt, we're in theory able to process the User ID hash (Pseudonym) and return all visits/actions data for this User ID only. The goal of this issue is to implement this behavior for full transparency towards data subjects.
Exporting data subjects data based on User ID
Current behavior
Currently, when User ID Pseudonymisation is activated on the instance, all User IDs are replaced by the hashed value. And exporting the data subject's data won't work because User ID is now hashed/pseudonymised.
Expected behavior
The text was updated successfully, but these errors were encountered: