IBM Mobile App Messaging supports General Data Protection Regulation (GDPR) requests for erasure. When a GDPR request for erasure is made by a user, Watson Campaign Automation (WCA) customers can use the GDPR Right to Erasure API to erase the user’s personal data from WCA, Mobile Customer Engagement (MCE), and the user’s device. The API sets the user’s status to “GDPR forget” and the SDK’s state to “GDPR reset”. If the SDK is not re-registered with the MCE server, the SDK stops performing specific functions for the user, such as:
- Delivering mobile app messages
- Updating and deleting user attributes
- Sending events
- Displaying inbox messages and in-app messages
To determine “GDPR reset” state, developers can check the response/callback from the following APIs:
- iOS – MCERegistrationDetails.sharedInstance.userInvalidated
- Android – MceApplication.onSdkReinitializeNeeded
- Cordova – MCEPlugin.userInvalidated
- Xamarin.Forms – SDK.Instance.UserInvalidated
Responding to users in “GDPR reset” state
If “GDPR reset” state is true, you can use the
autoReinitialize option to specify how the SDK behaves after erasing the user’s personal data. In iOS, Android, and Xamarin.Forms, the option is set in MceConfig.json, and in Cordova, the
AUTO_REINITIALIZE variable is set when adding the Cordova plug-in.
autoReinitialize to one of the following values:
true(default value) – Automatically registers the SDK with MCE and obtains a new userId and channelId for anonymous application use when the application is next brought to the foreground. The SDK resumes functions, such as delivering messages and sending events, and collects the user’s personal data anonymously.
false– Restricts the SDK from automatically registering with MCE. Developers must decide how they want the SDK to respond on application startup. For example:
- Continue to restrict SDK functionality and data collection for the user.
- Request permission from the user to collect data anonymously. If the user grants permission, the developer can re-enable MCE integration, re-register with MCE, and start collecting new user ids. See the following sections for instructions for your platform.
MCESdk.sharedInstance.manualInitializationmethod in iOS.
MceApplication.onSdkReinitializeNeededby calling the
If you want to override the application, you can call
SdkInitLifecycleCallbacksinstance that implements
Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clientsâ€™ business and any actions the clients may need to take to comply with such laws and regulations.
The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.
Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings here: https://ibm.com/gdpr