Data Erasure & Governance with 2020 

Owning a home is hard 2 

3 Analysis Help homeowners remember ● Surveys ● Heuristic analysis of adjacent tools ● Problem prioritization 

Agenda 1. Why respect deletion requests? 2. Users’ data and your app experience 3. Code walkthrough with Flutter & Firebase 4. Summary 4 

Hello! I am Noble Sr. Product Manager, Ventera Former Google Developers Expert for Product Strategy 5 Emergent Technologies Data Ethics Product Strategy Noble 

Why respect erasure requests? and how FlutterFire makes that easy 

Why respect data erasure requests? ❏ Users context and choice ❏ Intuitive controls in your application ❏ It’s not your data 7 

Choice, Control, & Erasure ● Leave it to your users to choose data they want to share with you ● Choice also means the ability to revoke their consent later ● Control means the ability to erase my data is accessible and intuitive. 8 Image credit Aaron Iker | Dribbble 

Context 

● Names ● Addresses ● Email addresses ● SSN/National ID # ● Personal Health Info ● ... Personal Data Data Categories Specific To Our App ● Property tax information ● Inspection Reports ● Location information ● Banking information ● Photos 

Context Clear reason why you need my data. How long do you need it? Who are you sharing this data with and when? Choice Give me agency over my data. How often does that data change? Can I revoke my consent at any time? Control Easy access to my data. Do: Use standard, low-friction patterns. Don’t: Use dark patterns, hidden links. 11 Why respect erasure requests? 

How a panicked Product Lead went from WTF is Flutter to talk in 5 weeks HOW to handle erasure with Flutter fire 

Handling erasure with Firebase ❏ Conduct Impact Assessment ❏ Configure Firebase ❏ Review data structure 13 

Privacy Impact Assessment 14 Provide controls to make it simple for users to delete their data Data Privacy Impact Assessment and determine risks Find opportunities to Minimize Data PIA at a high level 

Firebase setup ● Wire up Auth with flutterfire ● Install Firebase Extensions ● Configure Delete User Data firebase.google.com/products/extensions & Implement Extension 

npm install -g firebase-tools ... firebase ext:install delete-user-data --project=projectId 16 Installing via CLI Update your CLI and Install the extension 

17 Review Data Structure Update your CLI and Install the extension 

18 Firebase Extensions Pre-packaged solutions to save time Switched to Editor 

Summary Conduct a PIA Assessment of risks > Remediate > monitor continuously as you would security. Setup Firebase Configure your environment, spot check your data architecture, and ensure users data is keyed to UID. Implement Extension As you do, be sure to think about the three C’s. Context, Choice, and Control. 19 

The pandemic & how Flutter turned an idea into a prototype, quickly. Code walkthrough with Flutter & Firebase 

FlutterFire Walkthrough ❏ Installing FlutterFire plugins ❏ Setup IDE ❏ Implement & monitor the Extension 21 

Installing FlutterFire Plugins 22 

dependencies: flutter: sdk: flutter firebase_core: "^0.5.0" firebase_auth: "^0.18.0+1" 23 Add & Download Dependencies Add the firebase_auth dependency to your projects pubspec.yaml flutter pub get 

import 'package:firebase_auth/firebase_auth.dart'; … import 'package:cloud_firestore/cloud_firestore.dart'; … // Delete User Future deleteUser() async { FirebaseUser user = await getUser; try { await user.delete(); } catch (e) { ... } } 24 Implement Extension Leverages FlutterFire with Cloud Firestore, Cloud Storage 

Widget confirmButton = FlatButton( ... onPressed: () { Navigator.of(ctx).pop(); deleteUserData(ctx, auth); }, ); 25 Implement Extension Leverages FlutterFire for Cloud Firestore 

26 Switched to Console 

Monitoring ● Auth dashboard ● Add firebase.google.com/products/extensions Your extensions 

Summary Installing FlutterFire plugins firebase.flutter.dev gets you plugins for auth, analytics, Firestore, Cloud messaging and more across mobile and web. Setup IDE VSCode with the Dart, Awesome Flutter Snippets, Flutter Extension plugins was the way to go. Implement & monitor the Extension You can monitor the activity of your extension, in the Functions panel including checks on health, usage, and logs. 28 

Positive Sum Opportunities Vulnerabilities and breaches cause Governments to view data as a human right. Growth In Regulations Massive amounts of our personal data is given up for convenience. Growth In Data Regulations 

Data Privacy & Current Landscape CCPA 30 PIPEDA LGPD GDPR PDO APP MDPA 

31 

Lessons learned Choose the right tool Visual Studio Code FTW. Started with Android Studio based on demos but with the right VSCode plug-ins, I never looked back. Minimize data Think deeply about what data you really need. Consider progressively collecting them when your user needs it. It's shiny but not a toy Complex applications may require non-GCP. OOTB, there are powerful integrations like firebase. You have a lot of options if you're willing to do the work. 32 

Thanks! 2020 Your questions? You can find me at @nobleackerson on Twitter & Medium 

Appendix 34 

Data Right to Access Where would you expect to request access or deletion of your data if not Account? 

Easy access to my data ● Intuitive controls so that I can act on my consent ● The rights to rectification, deletion, and information 36 

Minimize your data Data processing should only use as much data as is required to successfully accomplish a given task. 37