The day after the first meeting…
Engineering Manager: Welcome DBA, Operations Engineer, and Privacy Officer. Did you all get a chance to look over the project wiki? What do you think?
Operations Engineer: I did.
DBA: Yup, and I have some questions.
Privacy Officer: Sounds really cool, as long as we’re careful.
Engineer: We’re always careful!
DBA: There are a lot of pages on the web, Keeping that much data is going to be expensive. I didn’t see anything on the wiki about evicting entries and for a table that big, we’ll need to do that regularly.
Privacy Officer: Also, when will we delete the device ids? Those are like a fingerprint for someone’s phone, so keeping them around longer than absolutely necessary increases risk for the user & the company’s risk.
Operations Engineer: The less we keep around, the less it costs to maintain.
Engineer: We know that most mobile users have only 1-3 pages open at any given time and we estimate no more than 50,000 users will be eligible for the service.
DBA: Well that does suggest a manageable load, but that doesn’t answer my question.
Engineer: Want to say if a page hasn’t been accessed in 48 hours we evict it from the server? And we can tune that knob as necessary?
Operations Engineer: As long as I can tune it in prod if something goes haywire.
Privacy Officer:: And device ids?
Engineer: Apply the same rule to them?
Engineering Manager: 48 hours would be too short. Not everyone uses their mobile browser every day. I’d be more comfortable with 90 days to start.
DBA: I imagine you’d want secure destruction for the ids.
Privacy Officer:: You got it!
DBA: what about the backup tapes? We back up the dbs regularly?
Privacy Officer:: are the backups online?
DBA: No, like I said, they’re on tape. Someone has to physically run ‘em through a machine. You’d need physical access to the backup storage facility.
Privacy Officer:: Then it’s probably fine if we don’t delete from the tapes.
Operations Engineer: What is the current timeline?
Engineer: End of the quarter, 8 weeks or so.
Operations Engineer: We’re under water right now, so it might be tight getting the hardware in & set up. New hardware orders usually take 6 weeks to arrive. I can’t promise the hardware will be ready in time.
Engineering Manager: We understand, please do your best and if we have to, Product Manager won’t be happy, but we’ll delay the feature if we need to.
Privacy Officer:: Who’s going to be responsible for the data on the stage & production servers?
Engineering Manager: Product Manager has final say.
DBA: thanks. good to know!
Engineer: I’ll draw up a plan and send it around for feedback tomorrow.
Who brought up user data safety & privacy concerns in this conversation?
Privacy Officer is obvious. The DBA & Operations Engineer also raised privacy concerns.