Inferensys

Glossary

Right to be Forgotten

A privacy right under GDPR allowing individuals to request the deletion of their personal data, extending to the removal of such data's influence from trained machine learning models.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
GDPR DATA ERASURE

What is Right to be Forgotten?

The Right to be Forgotten is a privacy right under the General Data Protection Regulation (GDPR) that allows individuals to request the deletion of their personal data, extending to the removal of such data's influence from trained machine learning models.

The Right to be Forgotten (RTBF), codified in Article 17 of the GDPR, grants individuals the right to obtain from a data controller the erasure of personal data concerning them without undue delay. This right is triggered when the data is no longer necessary for its original purpose, the individual withdraws consent, or the data has been unlawfully processed. In the context of AI, this mandate uniquely extends beyond database deletion to encompass the technical challenge of machine unlearning—the removal of a specific data point's influence from a trained model's weights.

Complying with RTBF in machine learning systems is a non-trivial engineering problem, as models do not store training data in a discrete, queryable format. Techniques like exact unlearning via retraining on a cleansed dataset or approximate unlearning using influence functions and sharded architectures are required. Failure to comply can trigger significant regulatory penalties, making the integration of verifiable data deletion pipelines a critical component of sovereign AI infrastructure and enterprise governance frameworks.

GDPR COMPLIANCE

Core Characteristics of RTBF in AI

The Right to be Forgotten (RTBF) extends beyond database deletion to the complex challenge of removing personal data's influence from trained machine learning models. These core characteristics define the technical and legal dimensions of algorithmic erasure.

01

Data Erasure vs. Model Unlearning

RTBF compliance in AI requires two distinct actions: data erasure from storage systems and model unlearning from trained weights. Data erasure removes raw personal data from databases, data lakes, and backups. Model unlearning removes the influence of that data from the model's parameters without full retraining. This distinction is critical because deleting a database record does not erase its statistical contribution to a deployed model's decision boundaries.

Art. 17
GDPR Provision
30 Days
Max Response Window
02

Exact vs. Approximate Unlearning

Two technical approaches exist for removing data influence from models:

  • Exact unlearning: Retraining the model from scratch on a dataset that excludes the deleted data. This guarantees complete removal but is computationally prohibitive for large foundation models.
  • Approximate unlearning: Using algorithms like SISA (Sharded, Isolated, Sliced, Aggregated) training or gradient-based scrubbing to efficiently reduce a data point's influence to a statistically negligible level without full retraining.

Approximate methods trade mathematical certainty for practical feasibility.

03

Verifiable Erasure Guarantees

Regulators increasingly require demonstrable proof that personal data's influence has been removed, not just a claim of deletion. This demands:

  • Membership inference resistance: After unlearning, an attacker should not be able to determine if a specific record was in the original training set.
  • Differential privacy bounds: The unlearned model's output distribution should be statistically indistinguishable from a model trained without the deleted data.
  • Immutable audit trails: Cryptographic logs recording every step of the unlearning process for regulatory inspection.
04

Scope: Training Data vs. Generated Outputs

RTBF in AI applies to two domains:

  • Training data: Personal data used during pre-training or fine-tuning must be removable upon request. This includes data embedded in model weights through memorization.
  • Generated outputs: If a model has memorized and can regenerate personal data (e.g., a language model reproducing a person's address from training), that capability must be suppressed.

This dual scope means unlearning must address both the model's internal representations and its generative behaviors.

05

The Retraining Cost Paradox

Full retraining for every deletion request creates an economic compliance barrier. For large language models costing millions to train, exact unlearning is financially impossible. This paradox drives research into:

  • Sharded training architectures that isolate data influence to specific model partitions, enabling targeted retraining of only affected shards.
  • Certified removal mechanisms that provide mathematical guarantees of unlearning without retraining, using techniques from differential privacy and statistical query theory.

The tension between regulatory compliance and computational feasibility remains an open challenge.

06

Jurisdictional Conflicts with Model Portability

RTBF requests can conflict with other legal obligations and technical realities:

  • Data retention laws in financial services may require preserving records that a user wants deleted.
  • Model safety requirements may depend on training data that includes personal information critical for fairness or robustness testing.
  • Cross-border model deployment means a model trained globally may need to respect EU RTBF while operating in jurisdictions without equivalent rights.

Resolving these conflicts requires granular data governance that tags personal data with its jurisdictional obligations at ingestion time.

RIGHT TO BE FORGOTTEN

Frequently Asked Questions

Clarifying the technical and legal nuances of applying the GDPR's Right to be Forgotten to complex machine learning systems.

The Right to be Forgotten (RTBF) in AI is a privacy right under Article 17 of the GDPR that allows individuals to request the deletion of their personal data, extending to the removal of that data's influence from trained machine learning models. Unlike deleting a database row, compliance in AI requires addressing the data's embedded contribution to a model's learned parameters. This involves technical processes like machine unlearning, which aims to eliminate the specific data's impact on model weights without the prohibitive cost of full retraining from scratch. The right is not absolute and applies when the data is no longer necessary, consent is withdrawn, or processing was unlawful.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.