Erase a user's communication data by user ID and tenant ID: soft delete communication logs (retain audit trail), hard delete push tokens (data minimization). Used for GDPR Article 17 (Right to Erasure) compliance. Internal endpoint, uses InternalAPIKeyAuth authentication. References: ePrivacy Directive 2002/58/EC, CAN-SPAM Act.