Skip to content

feat(privacy): add PII scrubbing and consent management #18

Open
Open
feat(privacy): add PII scrubbing and consent management#18
Assignees
CalvinAllen
Labels
enhancementNew feature or request
@CalvinAllen

Description

@CalvinAllen
CalvinAllen
opened on Dec 24, 2025

Summary

Add built-in privacy controls including PII (Personally Identifiable Information) scrubbing, user consent tracking, and data minimization helpers. Essential for GDPR compliance and user trust.

Features

1. PII Scrubbing

var config = new TelemetryConfiguration
{
    // Enable automatic PII detection and scrubbing
    EnablePiiScrubbing = true,
    
    // Configure what to scrub
    PiiPatterns = new[]
    {
        PiiPattern.EmailAddresses,
        PiiPattern.FilePaths,      // Replace with hashed/relative paths
        PiiPattern.IpAddresses,
        PiiPattern.Usernames,
        PiiPattern.Custom(@"\b\d{3}-\d{2}-\d{4}\b") // SSN pattern
    },
    
    // Replacement strategy
    PiiReplacementStrategy = PiiReplacement.Hash // or Redact, Mask
};

// Manual scrubbing
var safe = VsixTelemetry.ScrubPii(potentiallySensitiveString);

2. Consent Management

// Check/set consent status
if (!VsixTelemetry.HasUserConsent)
{
    // Show consent dialog
    var consented = await ShowTelemetryConsentDialogAsync();
    VsixTelemetry.SetUserConsent(consented);
}

// Consent levels
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.None);      // No telemetry
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Minimal);   // Errors only
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Standard);  // Errors + perf
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Full);      // Everything

// React to consent changes
VsixTelemetry.ConsentChanged += (sender, level) => { /* reconfigure */ };

3. Data Minimization

var config = new TelemetryConfiguration
{
    // Don't send file paths
    IncludeFilePaths = false,
    
    // Hash identifiers instead of sending raw
    HashUserIdentifiers = true,
    
    // Limit stack trace depth
    MaxStackTraceDepth = 5,
    
    // Strip query strings from URLs
    StripUrlQueryStrings = true
};

4. Path Handling

// Convert absolute paths to relative (from solution root)
var safePath = VsixTelemetry.SafePath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "src\file.cs"

// Or hash the path
var hashedPath = VsixTelemetry.HashPath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "a1b2c3d4/src/file.cs"

Implementation Notes

  • Scrubbing should happen in a SpanProcessor before export
  • Consent stored in VS settings (user-level)
  • Consider providing consent dialog UI helper
  • Document what data is collected for transparency

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions