SHA256 hashing email addresses for GDPR reasons

This is a followup on the previous post C# Mask email address for GDPR reasons, where user Inspector Cluedget pointed out that masking (replacing characters with *) an email address in the log file is the least safest of the data masking approaches available.

This extension method will SHA256 hash the email address and add a fake domain name (to make the string look like an email address).

THE EXTENSION METHOD:

using System.Security.Cryptography;
using System.Text;

namespace MyNamespace
{
  public static class StringFormatter
  {
    public static string MaskEmail(this string s)
    {
      return SHA256(s) + "@domain.com";
    }

    private static string SHA256(string s)
    {
      SHA256Managed sha256 = new SHA256Managed();
      StringBuilder hash = new StringBuilder();
      byte[] hashArray = sha256.ComputeHash(Encoding.UTF8.GetBytes(s));
      foreach (byte b in hashArray)
      {
        hash.Append(b.ToString("x"));
      }
      return hash.ToString();
    }
  }
}

USAGE:

using MyNamespace;
 
public void TestMethod()
{
  string email = "someperson@somedomain.com";
  string maskedEmail = email.MaskEmail();
  // result: 14683d88281fc3ad43f39f8ceab111c96cc145be2a3feec98f914661f18d@domain.com
}

WHY?

With the new GDPR rules you must be very careful when storing emails or other personal information anywhere, including your log files. And you should never give out a log file containing email addresses to a third party, even when this third party is “just helping you with a totally unrelated code bug elsewhere”.

There are many approaches to ensure GDPR compliance. The best way is to remove any personal data from any log file. This is not always possible, feasible or practical, which is why pseudonymization or data masking approaches will come in handy.

MORE TO READ:

Advertisements

About briancaos

Developer at Pentia A/S since 2003. Have developed Web Applications using Sitecore Since Sitecore 4.1.
This entry was posted in .net, c#, General .NET and tagged , , , , . Bookmark the permalink.

One Response to SHA256 hashing email addresses for GDPR reasons

  1. Pingback: C# Mask email address for GDPR reasons | Brian Pedersen's Sitecore and .NET Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.