GDPRbench
We share our effort at introducing GDPR compliance into two modern database systems that are both open source and widely used: Redis, an in-memory NoSQL store and PostgreSQL, a full-featured RDBMS. This compliance effort is guided by recommendations in the official blogs of these systems. While we intend to introduce GDPR compliance into more database systems, and integrate them with GDPRbench, we picked Redis and PostgreSQL as our initial choices as they represent distinct design philosophies, and thus provides a level of generality for our findings. You can find more details on code and configuration changes here.
GDPR-Compliant
Redis


GDPR-Compliant
PostgreSQL
Q1. How do Redis and PostgreSQL perform against GDPR workloads?
We show Redis and PostgreSQL performance against GDPRbench workloads at its default configuration using 100K records, while performing 1K operations (for Redis) & 10K operations (for PostgreSQL).
100%
correctness
3.5X
space overhead

100%
5.95X
correctness
space overhead w/ metadata indices

Q2. What overhead is incurred due to GDPR security features?
We evaluate this effect using the industry-standard Yahoo! Cloud Serving Benchmark. Our results show that Redis experiences significantly higher overhead (5×) compared to PostgreSQL (up to 2×).


Q3. How does an increase in the scale of personal data impact?
Consider a scenario where a company acquires new customers, thereby increasing the overall volume of data in the DB while keeping the data of existing customers unchanged. This experiment then measures how Redis and PostgreSQL perform for queries concerning the original set of customers. Results show that neither systems scale well for GDPR workloads.

GDPR Customer workload

YCSB workload-C

GDPR Customer workload

YCSB workload-C