Matrix compliance with GDPR article 17: right to erasure

Description

• The LB section 4.4 expresses the requirements related to data protection.
• One of the articles mentioned is the article 17 from the GDPR, or right to erasure.
• This article states that individuals have the right to request the erasure of their personal data at any time. Organizations must erase personal data without undue delay.
• Matrix rooms store data in the form of events that cannot be deleted by default, as they are distributed across a network of servers.
• However, being FITKO a closed system, deleting events storing data directly in the home server is possible.
• This, in turn, can treat unlinkability, since the home server admin will be able to link the citizen to the data to be deleted.
• We need to discuss the requirements here, what can be done and whether we need an MSC.

Background information

• Reference issue: #119

• External link: solution-architecture!1

• The following people may help during the clarification: @holz ; @networkException ; @bjoern

• LB section 4.4

• GDPR analysis table:

  FITKO GDPR requirements.xlsx

• Requirements uIDs: OZG_26, LB_84, LB_85

Priority

• low (sometime in the future...)
• medium (important for the current project phase, no project delay yet according to sprint planning)
• high (important for the next sprint)
• utmost urgent (needs to be resolved during the current sprint)

History (documented by team::requirements)

• 2025-09-17: Ticket was created. Respective people informed.

Next steps (defined by team::requirements)

• Clarify requirements for deleting events stored data.
• Define impact on ADR-0001
• Define if MSC is required.