Skip to content

feat(privacy): add PII scrubbing and consent management #18

Open
Open
feat(privacy): add PII scrubbing and consent management#18
Assignees
CalvinAllen
Labels
enhancementNew feature or request
@CalvinAllen

Description

@CalvinAllen
CalvinAllen
opened on Dec 24, 2025

Summary

Add built-in privacy controls including PII (Personally Identifiable Information) scrubbing, user consent tracking, and data minimization helpers. Essential for GDPR compliance and user trust.

Features

1. PII Scrubbing

var config = new TelemetryConfiguration
{
    // Enable automatic PII detection and scrubbing
    EnablePiiScrubbing = true,
    
    // Configure what to scrub
    PiiPatterns = new[]
    {
        PiiPattern.EmailAddresses,
        PiiPattern.FilePaths,      // Replace with hashed/relative paths
        PiiPattern.IpAddresses,
        PiiPattern.Usernames,
        PiiPattern.Custom(@"\b\d{3}-\d{2}-\d{4}\b") // SSN pattern
    },
    
    // Replacement strategy
    PiiReplacementStrategy = PiiReplacement.Hash // or Redact, Mask
};

// Manual scrubbing
var safe = VsixTelemetry.ScrubPii(potentiallySensitiveString);

2. Consent Management

// Check/set consent status
if (!VsixTelemetry.HasUserConsent)
{
    // Show consent dialog
    var consented = await ShowTelemetryConsentDialogAsync();
    VsixTelemetry.SetUserConsent(consented);
}

// Consent levels
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.None);      // No telemetry
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Minimal);   // Errors only
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Standard);  // Errors + perf
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Full);      // Everything

// React to consent changes
VsixTelemetry.ConsentChanged += (sender, level) => { /* reconfigure */ };

3. Data Minimization

var config = new TelemetryConfiguration
{
    // Don't send file paths
    IncludeFilePaths = false,
    
    // Hash identifiers instead of sending raw
    HashUserIdentifiers = true,
    
    // Limit stack trace depth
    MaxStackTraceDepth = 5,
    
    // Strip query strings from URLs
    StripUrlQueryStrings = true
};

4. Path Handling

// Convert absolute paths to relative (from solution root)
var safePath = VsixTelemetry.SafePath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "src\file.cs"

// Or hash the path
var hashedPath = VsixTelemetry.HashPath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "a1b2c3d4/src/file.cs"

Implementation Notes

  • Scrubbing should happen in a SpanProcessor before export
  • Consent stored in VS settings (user-level)
  • Consider providing consent dialog UI helper
  • Document what data is collected for transparency

Metadata

Metadata

Assignees

Labels

enhancementNew feature or request

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions