Now You See It, Now You Don't: Uber's Data Deletion Service

Monday, August 12, 2019 - 2:00 pm2:30 pm

Yash Doshi and Harshal Shah, Uber

Abstract: 

Deletion at scale is a complex and iterative process because as more and more systems and features are built, measuring completeness and auditing of a deletion becomes a key to success.

Uber’s data deletion system is a single-source authority for deleting user accounts and related data. It’s managed across multiple data stores and integrates with Uber’s complex environment of microservices. It supports a variety of deletion triggers including user requests, account inactivity, and deletion/retention policies.

The system also integrates with insurance, legal, safety, and money systems to evaluate if there any regulatory or legal requirements that could block the process such as subpoenas, lawsuit, arrears, safety incidents, insurance claims, or fraudulent activity. This talk will discuss how to build a scalable and reliable system with full audit capabilities that allow you to delete a user from all the systems where the data may reside.

Yash Doshi, Uber

Yash Doshi is a senior engineer at Uber, leading technical data deletion initiatives. Prior to Uber, he spent more than a decade working on large scale enterprise distributed systems.

Harshal Shah, Uber

Harshal Shah is a senior engineering manager for the Uber Privacy Engineering team. Prior to Uber, he led security product development at Qualys, focused on endpoint protection.

BibTeX
@inproceedings {238180,
author = {Yash Doshi and Harshal Shah},
title = {Now You See It, Now You Don{\textquoteright}t: Uber{\textquoteright}s Data Deletion Service},
booktitle = {2019 {USENIX} Conference on Privacy Engineering Practice and Respect ({PEPR} 19)},
year = {2019},
address = {Santa Clara, CA},
url = {https://www.usenix.org/node/238181},
publisher = {USENIX Association},
month = aug
}