Anonymization & Privacy

Anonymization practices for MCP-I

Anonymization and Privacy

To balance accountability with privacy, MCP-I supports:

  1. Data Minimization: Collect only necessary information
  2. Selective Disclosure: Reveal only required log fields
  3. Anonymization: Remove identifying information when appropriate
  4. Pseudonymization: Replace identifiers with non-identifying equivalents
// Example log anonymization function
function anonymizeLogRecord(logRecord) {
  // Create a deep copy
  const anonymized = JSON.parse(JSON.stringify(logRecord));

  // Replace sensitive fields with masked versions
  if (anonymized.clientInfo && anonymized.clientInfo.ipAddress) {
    anonymized.clientInfo.ipAddress = anonymizeIp(
      anonymized.clientInfo.ipAddress
    );
  }

  // Replace DIDs with consistent pseudonyms
  if (anonymized.actorId) {
    anonymized.actorId = generatePseudonym(anonymized.actorId);
  }

  if (anonymized.delegator) {
    anonymized.delegator = generatePseudonym(anonymized.delegator);
  }

  return anonymized;
}