International Business Machines Corporation
Privacy preserving data deletion

Abstract:

Preserving privacy of deleted personal data is provided. A registration of a client device is received. The client device stores a plurality of personal data corresponding to a plurality of data subjects. A copy of a set of personal data corresponding to a particular data subject deleted from the client device is received along with metadata describing the set of personal data deleted from the client device and a hash key based on the set of personal data deleted from the client device. Access to the copy of the set of personal data deleted from the client device is granted in response to receiving an access request that includes the hash key corresponding to the set of personal data from the particular data subject within a defined period of time. The copy of the set of personal data is deleted after expiration of the defined period of time.