Skip to content

feat(privacy): add PII scrubbing and consent management #18

New issue
New issue
Open
Open
feat(privacy): add PII scrubbing and consent management#18
Labels
enhancementNew feature or request
@CalvinAllen

Description

@CalvinAllen
CalvinAllen
opened on Dec 24, 2025

Summary

Add built-in privacy controls including PII (Personally Identifiable Information) scrubbing, user consent tracking, and data minimization helpers. Essential for GDPR compliance and user trust.

Features

1. PII Scrubbing

var config = new TelemetryConfiguration
{
    // Enable automatic PII detection and scrubbing
    EnablePiiScrubbing = true,
    
    // Configure what to scrub
    PiiPatterns = new[]
    {
        PiiPattern.EmailAddresses,
        PiiPattern.FilePaths,      // Replace with hashed/relative paths
        PiiPattern.IpAddresses,
        PiiPattern.Usernames,
        PiiPattern.Custom(@"\b\d{3}-\d{2}-\d{4}\b") // SSN pattern
    },
    
    // Replacement strategy
    PiiReplacementStrategy = PiiReplacement.Hash // or Redact, Mask
};

// Manual scrubbing
var safe = VsixTelemetry.ScrubPii(potentiallySensitiveString);

2. Consent Management

// Check/set consent status
if (!VsixTelemetry.HasUserConsent)
{
    // Show consent dialog
    var consented = await ShowTelemetryConsentDialogAsync();
    VsixTelemetry.SetUserConsent(consented);
}

// Consent levels
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.None);      // No telemetry
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Minimal);   // Errors only
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Standard);  // Errors + perf
VsixTelemetry.SetConsentLevel(TelemetryConsentLevel.Full);      // Everything

// React to consent changes
VsixTelemetry.ConsentChanged += (sender, level) => { /* reconfigure */ };

3. Data Minimization

var config = new TelemetryConfiguration
{
    // Don't send file paths
    IncludeFilePaths = false,
    
    // Hash identifiers instead of sending raw
    HashUserIdentifiers = true,
    
    // Limit stack trace depth
    MaxStackTraceDepth = 5,
    
    // Strip query strings from URLs
    StripUrlQueryStrings = true
};

4. Path Handling

// Convert absolute paths to relative (from solution root)
var safePath = VsixTelemetry.SafePath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "src\file.cs"

// Or hash the path
var hashedPath = VsixTelemetry.HashPath(absoluteFilePath);
// "C:\Users\john\code\MyProject\src\file.cs" → "a1b2c3d4/src/file.cs"

Implementation Notes

  • Scrubbing should happen in a SpanProcessor before export
  • Consent stored in VS settings (user-level)
  • Consider providing consent dialog UI helper
  • Document what data is collected for transparency

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions