Gather user activity info and then remove profile info for next round of GDPR requests

Description

ID
3367751
3363879
3356102
3378146

For these users, follow the same steps taken in (gathering user activity info) and (removing profile info once we have activity info; this ticket is a clone of that one).


That is, remove ALL profile information (http://docs.synapse.org/rest/org/sagebionetworks/repo/model/UserProfile.html) possible. We think we can blank out most of the information; we should do this wherever we can.

For required fields that would break the database if nulled, we should anonymize them as follows:

  • For email address (if required), remove all emails and replace with <id>@synapse.org (question for : will this create some kind of weird email loop situation?) [Update: YES, this will create a weird email loop. Instead we can replace the email with gdpr-synapse+<id>@sagebase.org.]

  • For userName (if required), remove original and replace with <id>.

Note: these are all tracked in the same spreadsheet as the first requests.

Also, think about how we might automate this, currently manual process.

Environment

None

Assignee

Ziming Dong

Reporter

Meredith Slota

Labels

Validator

Meredith Slota

Development Area

None

Release Version History

None

Epic Link

Sprint

None

Fix versions

Priority

Critical
Configure