Skip to content

Legal Tag Deletion Clarification

The purpose of this issue is to clarify some of the intended behavior for Legal Tags in relation to Storage Records.

Currently, when a Legal Tag expires, all Storage Records associated with that Legal Tag are soft-deleted (the data is still there, but is no longer searchable). Storage Records can have multiple Legal Tags associated with them. There are some possibilities for confusion with this behavior.

Multiple Legal Tags

Multiple Legal Tags Scenario

What is the correct behavior when a Storage Record has multiple Legal Tags and one of the Legal Tags expire?

All Legal Tags Must Be Valid

In the above option, all of the Legal Tags associated with a Storage Record must be valid. When one of them is invalid, then the Storage Record is invalid. This seems to be the expected behavior, but it has not been formalized anywhere from what I can find. The justification for all Legal Tags must be valid are if the Storage Record is comprised of multiple pieces of data with different Legal Tags associated with those different pieces of data.

Any Legal Tag Must Be Valid

In the above option, only when all of the Legal Tags are expired will the Storage Record be invalid. This is the unexpected behavior, but could be understandable if one piece of data has multiple Legal Tags giving legal access to that single atomic piece. In this case, because there are different ways of validly access that Storage Record, when one of the Legal Tags expires, the other should still allow the Storage Record to be searchable.

Expired and Re-Created Legal Tags

Legal Tag Expired and Re-Created Scenario

What is the correct behavior when a Legal Tag expires and is then re-created?

Records with that Legal Tag are Re-Validated

In the above option, the Legal Tag having the expiration pushed into the future now makes the Storage Record searchable. This is currently the expected behavior, and would follow with the intent that Storage Records are only soft-deleted when the Legal Tag expires.

Records with that Legal Tag are NOT Re-Validated

In the above option, the Legal Tag having the expiration pushed into the future does NOT make the Storage Record searchable. This is unexpected behavior, but could make sense if the Legal Tag associated with the Storage Record are only for the Legal Tag that was valid when the Storage Record was created/updated with that Legal Tag.

Explicitly Deleted and Re-Created Legal Tags

Explicitly Deleted and Re-Created Legal Tag Scenario

Currently explicitly deleting the Legal Tags behaves exactly as expiring the Legal Tag. This might not be intentional behavior as explicitly deleting a Legal Tag indicates a full voiding of the contract associated with the Legal Tag. Should there be some indication of a hard delete for Legal Tags (as there is for Storage Records) that will cause the Storage Records to not be searchable even when another Legal Tag with the same name is created?

Records with the Re-Created Legal Tag are Re-Validated

In the above option, when the Legal Tag is re-created the Storage Record with that Legal Tag's name are automatically re-validated. Should this be the expected behavior? What if the newly created Legal Tag is intended to be associated with new Storage Records and not with any existing Storage Records?

Records with the Re-Created Legal Tag are not Re-Validated

In the above option, when the Legal Tag is re-created the Storage Record with that Legal Tag's name are NOT automatically re-validated. This might be the safer option, but would force the implementation to treat Invalid Legal Tags differently than Deleted Legal Tags and would force users to re-ingest data if they delete a Legal Tag and re-create it, with the expectation that simply re-creating the Legal Tag will re-validate all of the Storage Records with that Legal Tag's name.