USP Privacy Module: listen for deletion event

[patmmccann]

Type of issue

Feature request

Description

https://github.com/InteractiveAdvertisingBureau/USPrivacy/blob/master/CCPA/Data%20Deletion%20Request%20Handling.md describes an event we should potentially listen for and react to from the USP module. I am told ( by @AramZS ) that Prebid will need to fire endpoints with deletion requests upon 'hearing' this event under CPRA. Looking for confirmatory documentation.

[jdwieland8282]

Thanks for sharing, so gpp-core needs an pub defined array of vendor endpoints where each endpoint is called when Data Deletion Request is received. I'm operating off this spec which considers a GPP core module with various sub adapters representing various regs.

I see this issue references the existing USP Privacy Module, do we want to continue development on that module? If so, we could do the same, add an array of vendor endpoints that get invoked when the deletion request comes in.

Functionally, I doubt annnnny vendor has an endpoint for this though.

[patmmccann]

Yeah; suppose you are a fingerprint vendor. The user opts out two min into the page view. The user id module fingerprint vendor never knows, and never processes the deletion request.

[jdwieland8282]

Ok, so summarizing the Identity PMC consensus.

1. The USP module will fire a deletion signal as an internal event to the User id sub adapters, when an asynchronous "delete" signal is given by the user/CMP.
2. Sub adapters are informed on how to listen for this event and what to do with it when they receive it.

[patmmccann]

This is fairly limited in scope which is quite positive, marking ready for dev. So Prebid will simply fire an internal event that anyone vendor module in Prebid can fire an xhr from when it hears a deletion request from the uspapi. It seems we should also wipe the shared id from local storage or cookie on that event?

[jdwieland8282]

yes "shared id from local storage or cookie on that event".

To be clear though, we expect the sub adapters to be listening for that event and do the necessary removal, or are you saying in sharedids case the usp module will do that for it?

[patmmccann]

the sharedid module should listen for the event from the usp module

[dgirardi]

Here's my proposal:

• Extend the interface for all types of adapters (bidders, userId, analytics) with a new onDataDeletionRequest method;*
• USP module will invoke that method when it detects a USP deletion request;
• For the userID case, the main userID module will also remove all stored IDs (I don't think this needs to be delegated to individual ID submodules).

* we could also do an event, but I think a method will make it easier to discover for both adapter maintainers and their users.

[dgirardi]

Here's an issue: if we get the data deletion request and delete all data, on the next page refresh Prebid will have forgotten about it and fetch/store all data again (since we do not have any enforcement for USP). Do we need to implement enforcement first?

[jdwieland8282]

yes. Data deletion requests should persist.

[AramZS]

I do not generally consider data deletion requests to be analogous to right to be forgotten events. Traditionally we do not consider deletion requests to be persistent. A user who wants to end data collection in my understanding would delete data with a request and then opt out.

[AramZS]

(I would love to see a Prebid plugin that actually turns off systems in response to an opt out signal that helps with this, but I think that is a different signal)