Configurable Per-Query Data Minimization for Privacy-Compliant Web APIs

TL;DR

This paper introduces Janus, a configurable tool for implementing data minimization in GraphQL Web APIs to ensure privacy compliance, with a practical proof-of-concept and manageable overheads.

Contribution

It presents Janus, a novel, configurable framework that automates data minimization in GraphQL APIs, addressing a gap in privacy-preserving web API design.

Findings

Janus effectively reduces data exposure according to client roles.

Experimental results show acceptable performance overheads.

Janus enables practical, compliant API implementations.

Abstract

The purpose of regulatory data minimization obligations is to limit personal data to the absolute minimum necessary for a given context. Beyond the initial data collection, storage, and processing, data minimization is also required for subsequent data releases, as it is the case when data are provided using query-capable Web APIs. Data-providing Web APIs, however, typically lack sophisticated data minimization features, leaving the task open to manual and all too often missing implementations. In this paper, we address the problem of data minimization for data-providing, query-capable Web APIs. Based on a careful analysis of functional and non-functional requirements, we introduce Janus, an easy-to-use, highly configurable solution for implementing legally compliant data minimization in GraphQL Web APIs. Janus provides a rich set of information reduction functionalities that can be configured for different client roles accessing the API. We present a technical proof-of-concept along with experimental measurements that indicate reasonable overheads. Janus is thus a practical solution for implementing GraphQL APIs in line with the regulatory principle of data minimization.