Logo image
Back
Understanding and Benchmarking the Impact of GDPR on Database Systems
Journal article   Open access   Peer reviewed

Understanding and Benchmarking the Impact of GDPR on Database Systems

Supreeth Shastri, Vinay Banakar, Melissa Wasserman, Arun Kumar and Vijay Chidambaram
Proceedings of the VLDB Endowment, Vol.13(7), pp.1064-1077
03/01/2020
DOI: 10.14778/3384345.3384354
url
https://arxiv.org/pdf/1910.00728View
Open Access

Abstract

The General Data Protection Regulation (GDPR) provides new rights and protections to European people concerning their personal data. We analyze GDPR from a systems perspective, translating its legal articles into a set of capabilities and characteristics that compliant systems must support. Our analysis reveals the phenomenon of metadata explosion, wherein large quantities of metadata needs to be stored along with the personal data to satisfy the GDPR requirements. Our analysis also helps us identify new workloads that must be supported under GDPR. We design and implement an open-source benchmark called GDPRbench that consists of workloads and metrics needed to understand and assess personal-data processing database systems. To gauge the readiness of modern database systems for GDPR, we follow best practices and developer recommendations to modify Redis, PostgreSQL, and a commercial database system to be GDPR compliant. Our experiments demonstrate that the resulting GDPR-compliant systems achieve poor performance on GPDR workloads, and that performance scales poorly as the volume of personal data increases. We discuss the real-world implications of these findings, and identify research challenges towards making GDPR-compliance efficient in production environments. We release all of our software artifacts and datasets at htlp:'"www.gdprbencli.org
 Computer Science Computer Science, Information Systems Computer Science, Theory & Methods Science & Technology Technology

Details

Metrics

18 Record Views
34 Times Cited - Web of Science
Logo image