Feature Request: Provide functionality to meet requirements for user privacy and data protection

[mdmADA]

Overview of the Feature Request

1. Provide a way to anonymise or purge all personal data in Dataverse, after a set period of time.

So for all access requests older than x months, automatically anonymise or purge the guestbookresponse table, the actionlogrecord table, the log files, anywhere where this personal personal information resides. [This would have to run every hour or every day to ensure the time window slides along, keeping only information in the current datetime - x months window].

2. Provide a way to anonymise or purge all personal data related to a specific user.

Example: As a superuser, select person X who has contacted ADA requesting all their personal information be purged or anonymised - choose to purge or anonymise, click Go, then the magic happens.

3. Provide a way for a user to login to dataverse and export all their personal information, to have a copy for themselves, to import into another system for example, or to just have for their records.

For example, from the Account Information page, a user could select "Export all my personal data" and dataverse will export the information in a report or similar.

What kind of user is the feature intended for?
(Example users roles: API User, Curator, Depositor, Guest, Superuser, Sysadmin)

1. Provide a way to anonymise or purge all personal data in Dataverse, after a set period of time.

• superuser, sysadmin, system
• a script that runs every hour or at least every day to anonymise or purge all users' data from current datetime - x months/days
• allow for manual initiation

2. Provide a way to anonymise or purge all personal data related to a specific user.
   superuser

3. Provide a way for a user to login to dataverse and export all their personal information, to have a copy for themselves, to import into another system for example, or to just have for their records.
   regular user

What inspired the request?

Creating new ADA policy documents for dataverse based on the AARC framework (https://aarc-community.org/policy/).

The requested functionality would allow the standards around privacy and data retention to be met; allow users to withdraw their consent and/or data from dataverse; allow users to export their personal data from dataverse.

Any brand new behavior do you want to add to Dataverse?
The requested features are brand new.

Any open or closed issues related to this feature request?

• Feature Idea: Automatically delete guestbook data after certain period #10002

Are you thinking about creating a pull request for this feature?

No resources to do so.

[qqmyers]

I think there are cases where Dataverse is required to keep track of who downloads restricted data. How would a feature like this interact with that requirement - would automated removal just have to be optional? Or would we need a way to exempt some datasets? Maybe this can be discussed in the sensitive data wg?