Toolkit for more privacy-preserving dates in apps released

22. February 2022

EMPRI-DEVOPS studies have repeatedly found that tools often use timestamps unnecessarily and in excessive precision. Today we release django-privacydates, a demonstrator for more privacy-preserving date alternatives for the Django web framework.

Our date alternatives are meant as replacements for traditional timestamp data types like DateTimeField in case of Django. They are designed to fulfil common timestamp use cases that we have identified in several app case studies. We provide three alternatives:

  1. a timestamp with a (static) reduced precision (e.g., only increments of 15 minutes),
  2. a timestamp whose precision can be gradually reduced over time according to a given reduction policy, and
  3. a chronological ordering type that can replace timestamps wherever one only needs ordering and nothing else.

We made django-privacydates available on GitHub. Feel free to try it out and tell us if our design works for you. But be aware, this is after all an academic demonstrator. We can cannot guarantee any regular maintenance.

This toolkit is accompanied by an academic paper that is accepted for publication at GI Sicherheit 2022 and will be presented there in April. Our manuscript is already available for interested readers.