Executive Summary

The General Data Protection Regulation has been thoroughly written about and explained in white papers and periodicals that give it the attention it deserves. The intent of this article is to provide the reader with an understanding on how the included GDPR executables can help an administrator execute upon a Data Subject's rights. In particular, Konica Minolta has developed three executables, each with a specific purpose:

  • rtbf.exe: Allows an administrator to execute a Data Subject's Right to be Forgotten within Dispatcher Paragon
  • rta.exe: Allows an administrator to execute a Data Subject's Right to Access of Data within Dispatcher Paragon
  • rtr.exe: Allows an administrator to execute a Data Subject's Right to Restriction of Processing withing Dispatcher Paragon, or to later re-identify a user whose request has expired.

For the purpose of this document, the following distinctions will be made:

  • Structured Data includes data contained within Dispatcher Paragon that has intentional, strictly defined purposes. This includes, for example, network usernames, names, surnames, email addresses, and home directories. Structured Data is intended to store only personal data, not sensitive data, unless the source of the data (e.g., Active Directory) was poorly defined or managed.
  • Unstructured Data includes data contained within Dispatcher Paragon that is not well defined or structured. This includes, for example, print jobs submitted by the Data Subject, along with metadata such as job titles, job origin, or file names. There is no simple way to filter this information to ensure it does not contain sensitive personal data, and thus the user is at their discretion to ensure that they understand this when submitting print jobs to Dispatcher Paragon.

The scripts provided here are compatible with Dispatcher Paragon MU17 or later build. For customers who have upgraded from much older versions of Dispatcher Paragon, verify that the following lines are present and have appropriate values in the Management folder's safeq.properties file, located in the conf directory. Older releases only had the line database.global.management.username. The below code block is only a sample, and will not work in production environments.

# Database
...
database.global.management.domain =
database.global.management.username.without.domain =
database.global.management.username = ${database.global.management.username.without.domain}
...

Prerequisites

Right to be Forgotten

The executable rtbf.exe is a simple command-line application that can be used in interactive or non-interactive mode to remove references to a Data Subject or fields that may contain a Data Subject's personal or sensitive data. This includes references to all Structured Data containing user data, but also unstructured data in the form of print job metadata.

The application works by fully anonymizing details that could be attributed back to an individual. To ensure that the data is still useful for reporting purposes, the username is still unique, however an administrator is unable to attribute this information back to a specific Data Subject.

Execution

When running in interactive mode, you will be prompted to provide a user's login to remove. You will then be prompted with the extent of data that will be removed, with a request to proceed. Once this is done, the application will then prepare a series of queries, but will not commit the transaction until the very end. If the transaction fails for any reason, there is no need to worry about only partially deleted records.

The application can be run in non-interactive mode by supplying the parameters -u <username> --no-prompt where <username> is the login of the user.

Out of Scope

Information within the main databases of Dispatcher Paragon are affected when this application is run.  It does not modify system logs, archives of reports that an administrator or manager may have created, or print data files residing on Dispatcher Paragon servers.

The following versions are not supported with this solution:

  • YSoft SafeQ 4, any SR
  • YSoft SafeQ 5, any MU

Support has not been tested for versions of Dispatcher Paragon prior to MU17. The solution only supports the first tenant in multi-tenant installations.

Right to Access

rta.exe provides a human-readable document containing all of a Data Subject's information collected. For completeness, this report includes details on all available print jobs, user details, statistics from the data warehouse web reporting, as well as information from the DataMart, if enabled. The report can be quite large, especially if the user is a heavy printers. Note that print job titles are included, as users may print personal documents with sensitive titles.

The output is a simple HTML document with minimal CSS styling for better readability. Also note that an explanation of the data is included at the head of the document.

Right to Restriction of Processing

The executable rtr.exe is also a simple command-line application that can be used in interactive or non-interactive mode. This application requires configuration in advance by setting up a separate, restricted database that the system can use to store data about a user to preserve the information and to keep it from being processed further. It then creates a pseudonym in Dispatcher Paragon's systems for the user and redacts all other references to a Data Subject, including file names. Once a request has expired, or there is a need to re-identify the user, the -R flag will allow the administrator to reverse the process.