Privacy data encryption & deletion while preserving analytical integrity

This talk introduces a novel data pipeline architecture, enabled by an open-source Python library created by the speaker, to solve this complex compliance requirement in a single action. The library implements the crypto-shredding pattern.

• Sensitive fields are encrypted with a unique encryption key per customer, before data is loaded into the platform, restricting access and protecting it during leaks.
• Analytical sensitive fields are generalised to enable analytics use, while protecting the original value.
• Encryption keys are stored separately outside the data platform, ensuring sensitive data stays unreadable even when the data platform is breached.
• Data erasure becomes a single operation: delete the encryption key, and the respective customer’s data is rendered permanently unreadable across all tables — without modifying or scanning any data, preserving analytics & referential integrity.
• Decrypts sensitive data under authorisation for any customer whose key is maintained.

The talk covers the architecture, the cryptographic foundations of the Python library, practical integration into Python pipelines, and data governance framework for encryption key management and rotation, including a live demo of the library.