Hello community.

We have some concerns regarding the anonymization of data collected from the AI Search queries. In the table sys_search_event it is possible to match the userid with a specific query.

From Advanced AI Search Management Tools we get a few dashboards:

- AI Search Analytics dashboard https://docs.servicenow.com/bundle/vancouver-platform-administration/page/use/dashboards/application...
This one is accessed through the User Experience Analytics dashboard. All userids are hashed. All fine here.

- Platform Analytics Solution for Advanced AI Search Management Tools https://docs.servicenow.com/bundle/washingtondc-platform-administration/page/use/dashboards/applicat...
From these, we have access in the backend to two dashboards Search Profile Analytics and Search Indext Analytics.
From both of them it is possible to drill down to the table "sys_search_event".

- Is GDPR compliant? Because when a user makes an order in a service portal he knows that it has to be tracked. But a search is something that a user is not aware that can be tracked. By documentation we know that this tracking on the service portals is turned on by default. If we turn it off, will it impact the data collection for the AI Search Analytics dashboard ?

- Is there a way to also hash the userids in the sys_search_event table ? Or there is an alternative way to hide this without major impact? For example would be safe and low impact to have a read ACL on table.field sys_search_event.name ? So we could set that no user would access to this information?

Thank you.