C# Mask email address for GDPR reasons

UPDATE 2018-08-10: See this post SHA256 hashing email addresses for GDPR reasons for an even better masking approcah. Thanks to Inspector Cluedget for the tip.

This is a C# extension method that will mask your email address following this pattern:

  • If it’s not an email, the entire string will be masked (“this string” => “***********”)
  • If the first part of the email is shorter than 4 characters, the entire email will be masked (me@somewhere.com => *@*.*)
  • All other emails are masked leaving only the first and last characters of the name and domain (somebody@somewhere.com => s******y@s*******e.com)

THE EXTENSION METHOD:

using System;
using System.Text.RegularExpressions;

namespace MyNamespace
{
  public static class EmailMasker
  {
    private static string _PATTERN = @"(?<=[\w]{1})[\w-\._\+%\\]*(?=[\w]{1}@)|(?<=@[\w]{1})[\w-_\+%]*(?=\.)";

    public static string MaskEmail(this string s)
    {
      if (!s.Contains("@"))
        return new String('*', s.Length);
      if (s.Split('@')[0].Length < 4) 
        return @"*@*.*"; 
      return Regex.Replace(s, _PATTERN, m => new string('*', m.Length));
    }
  }
}

USAGE:

using MyNamespace;

public void TestMethod()
{
  string email = "someperson@somedomain.com";
  string maskedEmail = email.MaskEmail();
  // result: s********n@s********n.com
}

WHY?

With the new GDPR rules you must be very careful when storing emails or other personal information anywhere, including your log files. And you should never give out a log file containing email addresses to a third party, even when this third party is “just helping you with a totally unrelated code bug elsewhere”.

There are many approaches to ensure GDPR compliance. The best way is to remove any personal data from any log file. This is not always possible, feasible or practical, which is why pseudonymization or data masking approaches will come in handy.

MORE TO READ:

 

Advertisements

About briancaos

Developer at Pentia A/S since 2003. Have developed Web Applications using Sitecore Since Sitecore 4.1.
This entry was posted in .net, c#, General .NET and tagged , , , . Bookmark the permalink.

3 Responses to C# Mask email address for GDPR reasons

  1. Inspector Cluedget says:

    Why leave *anything* from the original address? It just lessens anonymization and causes collisions between anonymized addresses. With your approach, you’d get fake collusion between unrelated users messing up statistics, and some addresses will still be identifiable because of unique characteristics violating GDPR.

    The common approach to this has always (well, since 20+ years) been
    * hashing the real address using a cryptographically safe hash algorithm and
    * adding a fake domain, e.g.
    * 4a7cdbac9d4a7cdbac9d@fake.email

    This since-forever common approach has the benefit of
    * maximizing anonymization and
    * removing collisions and
    * being GDPR compliant since before GDPR

    So, much better than your roll-your-own approach. Or don’t you agree? Why reinvent a lesser wheel? :)

  2. briancaos says:

    Leaving a blank email will make it impossible to find user-related log lines across the log file. So that approach is the last resort as it makes debugging a real pain.
    However, you raise a very important question: Will masking the email satisfy the European GDPR rules?
    As an example: Can you identify the user from a masked email like a*b@c.com? There are only some 35 emails in the world that would match this pattern. The idea of hasing the email and adding a fake domain is certainly a stronger approach. I have created a SHA256 example of how to to that here: SHA256 hashing email addresses for GDPR reasons

  3. Pingback: SHA256 hashing email addresses for GDPR reasons | Brian Pedersen's Sitecore and .NET Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.