as withing May 2018 the DSGVO will be executed by law, self employed people but also companies have to remove all personal data also within their whole backup.
Is there a possibility to scour the backup files for certain data (e.g. personal folders, or documents including a certain personal information like first and last name) and remove specific files/folders?
Maybe such a feature (if it doesn’t exists already) might be extremely interesting as you have to make sure, that all personal data is deleted by a certain date.
I do also think that such a feature could be an additional one that might by paid (per server).
I have changed the title from DSGVO to GDPR so that non-German Europeans know what it is about…
A first step would be to collect more detailed use case information, because the problems are always in the detail. So it would be helpful if you looked at one of your clients and go through what should happen if you get a erasure request.
UrBackup saves file backups as plain files, so one can use normal file indexing and search tools to go through them. We could collect options. Those depend on the operating system used, of course.
When deleting/modifying files their hashes in the UrBackup database need to be modified/deleted as well, otherwise you might get wrong future backups. One currently working solution for that is to run verify with deletion (urbackupsrv verify -v clientname/backupname -d).
Deletion and modification also depends on in which setting you use Urbackup. It might be difficult with ZFS snapshots for example, because those are immutable.