The Right to Erasure, codified in Article 17 of the General Data Protection Regulation (GDPR) , grants data subjects the authority to compel data controllers to delete their personal information without undue delay. This right applies when the data is no longer necessary for its original purpose, the individual withdraws consent, or the processing was unlawful. In the context of federated learning, this requirement becomes technically formidable because a patient's data is not simply a deletable row in a centralized database—it is a mathematical influence distributed across the global model weights that have been aggregated from multiple participating institutions.
Glossary
Right to Erasure

What is Right to Erasure?
The Right to Erasure, commonly known as the 'right to be forgotten,' is a GDPR-mandated legal provision that empowers individuals to request the complete deletion of their personal data, creating a profound technical challenge for machine learning systems where that data's influence is embedded within trained model weights.
Complying with the Right to Erasure in decentralized AI systems necessitates advanced machine unlearning techniques that can surgically remove a specific data subject's contribution from a trained neural network without requiring costly full retraining from scratch. Approaches such as SISA (Sharded, Isolated, Sliced, Aggregated) training, which partitions data into isolated shards to limit the blast radius of deletion requests, and certified removal mechanisms that provide verifiable guarantees of data deletion are emerging as essential compliance tools. For federated regulatory compliance, this right intersects with blockchain audit trails to cryptographically prove that erasure has been executed across all nodes while maintaining the integrity of the collaborative model.
Frequently Asked Questions
Addressing the technical and legal complexities of implementing GDPR's right to erasure within decentralized machine learning systems, where data influence is embedded in distributed model weights.
The right to erasure, codified in Article 17 of the GDPR, is a legal mandate that allows individuals to request the complete deletion of their personal data when specific conditions apply—such as when the data is no longer necessary for its original purpose or consent is withdrawn. In traditional databases, this is straightforward: delete the row. In machine learning, however, the challenge is profound because a model's parameters encode statistical patterns learned from training data. A neural network does not store raw patient records; it stores weighted associations. Complying with erasure therefore requires machine unlearning—the technical process of removing the influence of a specific individual's data from a trained model's weights without full retraining, which is computationally prohibitive in federated networks spanning dozens of hospitals.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Core Compliance Requirements
The Right to Erasure (Article 17 GDPR) presents a fundamental tension in federated learning: how to delete an individual's influence from a trained model when that model's weights are an aggregate of thousands of distributed updates. These cards outline the technical and procedural mechanisms required to operationalize deletion requests across decentralized healthcare networks.
The Machine Unlearning Problem
Unlike deleting a database row, removing a patient's data from a trained neural network requires selectively reversing the contribution of that data to the model's learned parameters. In federated settings, this is compounded by the fact that the global model is an aggregate of updates from multiple institutions.
- Exact unlearning requires retraining from scratch without the deleted data—computationally prohibitive for large models
- Approximate unlearning uses techniques like influence functions to estimate and subtract the data's impact
- Sharded, isolated training allows deletion by discarding only the affected sub-model
In healthcare, the challenge is acute: a single patient's MRI may have subtly shaped feature detectors across dozens of convolutional layers.
Verifiable Deletion with Zero-Knowledge Proofs
Regulators require demonstrable proof that erasure has been executed, not merely a promise. Zero-knowledge proofs (ZKPs) enable a node to cryptographically attest that it has removed specific data and recomputed its model contributions—without revealing the data itself.
- Succinct non-interactive arguments (SNARKs) can prove correct retraining was performed
- Merkle tree commitments to training data allow proving a specific record is no longer in the set
- Verifiable computation ensures the unlearning algorithm was executed faithfully
This creates a tamper-evident audit trail where a regulator can verify deletion without accessing any protected health information.
Data Provenance and Lineage Tracking
Effective erasure requires knowing exactly which model updates were influenced by a specific patient's data. This demands rigorous provenance tracking across the federated lifecycle.
- Immutable lineage graphs record which local datasets contributed to each training round
- Cryptographic hashing of training data enables later verification of inclusion or exclusion
- Versioned model checkpoints allow rollback to states before the deleted data was introduced
Without this infrastructure, an institution cannot confidently assert that a patient's data has been fully excised from the global model. Blockchain audit trails are often deployed to maintain this lineage in a tamper-evident manner.
Consent Orchestration and Deletion Workflows
The Right to Erasure is not a one-time technical fix—it requires an automated, ongoing workflow that spans legal, administrative, and technical domains.
- Dynamic consent dashboards allow patients to revoke permissions in real time
- Event-driven triggers propagate deletion requests to all federated nodes within mandated timeframes (typically 30 days under GDPR)
- Partial erasure support: Patients may withdraw consent for specific use cases while permitting others
- Conflict resolution: When one institution's deletion request conflicts with another's legal obligation to retain data
This orchestration layer must integrate with existing FHIR-based consent resources and institutional identity management systems.
Approximate Unlearning via Differential Privacy
When exact unlearning is infeasible, differential privacy (DP) provides a statistical guarantee that the model's outputs are nearly indistinguishable from one trained without the deleted data.
- By training with a sufficiently small privacy budget (ε), the influence of any single record is mathematically bounded
- Deletion can be approximated by continuing to decay the privacy guarantee until the record's influence is negligible
- This approach satisfies the spirit of erasure when combined with data minimization protocols that limit how much individual information enters the model
DP-based unlearning is particularly relevant for cross-silo federated learning where full retraining would disrupt ongoing clinical operations.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us