I just read the various posts and I think there are some things that need to be clarified:
there is absolutely no need to anonymize personal data in production platforms by default. Personal datas may of course be needed “in plain text” in a production site, but:
the site owner must make a list of the personal datas he has stored in the platform, why, and for how long (no longer than necessary). He must also secure this data and allow users to access and delete it.
When the duration of a personal data storing is over, it is necessary to:
- remove it
- or archive it (i. e. outside the website)
- or anonymize it
There is also another reason to anonymize the personal datas of a website: on testing or development platforms.
- ask the customer to provide an anonymized dataset
- or anonymise the personal datas
Personal datas can be found in any table of the database, it really depends on each project, and also in files, located in different places of the fileadmin.
What might be interesting is perhaps an extension that would make it possible to define the tables, fields and folders containing personal datas, and assign them a storage period, as well as the chosen treatment at the end of the duration (deletion, archiving, anonymization).
For the data of the fe_users, if they are used by the user himself, for example to display his personal space, the duration of validity may be the unsubscription + n months for example. Mails sent via a contact form and that can be stored in a database, may have a duration of 1 month for example (this really depends on each organization, and the datas goals).
I hope that answers some questions.