Make compliance with GDPR Erasure Requests seamless for developers

As a Roblox developer, it is currently too hard to respond to the massive amount of GDPR Right to Erasure requests I receive under the current format Roblox forwards these requests to me.

If Roblox is able to address this issue, it would improve my development experience because all the time I spend complying with erasures in the current inefficient manner would be able to be used for developing games instead.

Sometimes I get bursts of up to one request per minute:

To comply with these requests I have to open Studio for each game for each UserID for which a removal is requested, search through the data stores (perhaps through multiple past versions of data store formats used in the game because Roblox does not tell me when this player played my game) and manually delete their data.

I imagine that devs who run much larger games than me simply ignore these requests because there would be no way to keep up with them and also have time to develop games.

Roblox has already stated they are unwilling to automatically perform these removals, even if we utilize the Datastore2 UserID tagging functionality because “We don’t want to directly delete it unless authorized by you.”

Here are two proposed solutions, respecting the “we won’t directly delete without authorization” mantra, that would make the developer experience much more seamless.

Proposal 1

Proposal 2

Both of these proposals would take advantage of the DataStore v2 User ID metadata tagging to detect which data store records are associated with which User IDs.

64 Likes

I’d rather have an API which pushes events directly to the server in queue, like a datastore. If it’s not dealt within 7 days, create a message to the dev telling them.

It’s important to note that not all places deal with data exclusively within Roblox and any solution must include it and allow for review of this content to ensure best practice.


The amount of visible GDPR violations is unacceptable and the lack of care from Roblox is real unfortunate. All this takes is one organisation to notice to bring absolute hell for everyone, you must expect some of the fines to run down to developers who failed their legal duty.

Did Google get fined 7.6 million Euros for failing to delete GDPR erasure requests across two countries in 2020? Yes. Here’s a list of reported GDPR fines. It is critical that this sort of incident is avoided for everyone’s sake.

13 Likes

Since making this thread I learned about OpenCloud which allows us to access datastores through a web API. I’m writing a python script that checks my Roblox messages for GDPR messages from Roblox and then automatically performs the deletion.

One problem in my view with this approach is the fact that Roblox sends the GDPR removal requests directly to my account’s inbox. That means (as far as I can tell) my script needs to have my .ROBLOSECURITY cookie to be able to check my PMs - which expires after a certain amount of time, and every time I log out.

And it also makes me wary of deploying this code on a remote server because I’d have to trust whoever is running it not to take the cookie and have access to my entire account.

It would be a lot better if these GDPR requests came somewhere through the group, and I could access them through the OpenCloud API. Then I could have a single API key that only has permission to read GDPR erasure requests, and to write to my games’ datastores.

That way, in the event the code was compromised, there would be virtually 0 harm: My cookie remains safe, and the attacker probably cannot even use the limited API key because of the IP address whitelist.

8 Likes

Sorry for bumping an old thread, but I figured this was one of the better places for visibility.

We’re working on sending GDPR requests as email and as payloads via Webhooks (User ID, Experience ID(s)). Expect a release end of March / early April.

21 Likes

Sorry to push another update on this. We launched Webhooks earlier this week. This is a new release in Creator Notifications dashboard which is the first step we have taken towards providing assistance in staying compliant with GDPR.
You can configure webhooks and subscribe to listen to events on Right To Erasure Request. We will notify your custom servers or discord servers to automate this process of deleting the data from your DataStores. Stay tuned more update on Discord Bots and sample codes for custom servers.
Check out the original post:
https://devforum.roblox.com/t/introducing-webhooks-for-external-notifications/2288935
Although main purpose of webhooks is not just for GDPR but also to receive any other notifications in the future which might need automation.

5 Likes

Apologies for bumping this months later. I really like the second idea that the OP proposed because it makes handling erasure requests much easier.

I can’t imagine how the developers of large games feel. They must get many requests daily, and going through them all must be tedious.

4 Likes

I agree with you.

Even though Roblox has given us the power to automate GDPR erasure requests using the web API, not a lot of us have the money and skill to host a dedicated web application to automate it for us.

Roblox should provide a tool from their own service to help it do it for us.

3 Likes

From my eyes, they have no reason not to add a system like that. If they can provide visual charts showing memory store data usage, then they can certainly provide a page that allows you to view your games’ data stores and erase them from the website.

A change like this would only make things more convenient for developers.

2 Likes

Good news! In a Developer Forum poll that was recently posted to gather feedback regarding the upcoming UserDataStoreService, a Roblox Staff Member mentioned that they plan to automatically handle GDPR Requests through this new service:

Although it’s not guaranteed that this functionality would be carried over to the existing DataStoreService at some point, it’s a good step toward making the process of complying with GDPR Data Erasure requests much more intuitive and feasible on a large-scale.