PII Encryption — Contact Service
Database-level AES-256-GCM encryption for PII fields (name, email, phone, accounts, usernames) in contact-service. Uses the go-utils/crypto single-algorithm method with blind-index fields for exact search and a phased migration path to zero hard downtime.
Scope Changes
- Backend
- Infra
- Data
Initiatives
See rfcs/rfc-pii-encryption.md for the full technical design and remaining task plan.