Inferensys

Glossary

Right to Erasure

A legal right compelling data controllers to delete personal data without undue delay, posing a significant technical challenge for retraining AI models that have memorized the data.
Data scientist building training data pipeline on laptop, data preprocessing visible, technical workspace.
DATA PRIVACY COMPLIANCE

What is Right to Erasure?

The Right to Erasure, commonly known as the 'right to be forgotten,' is a legal mandate under Article 17 of the GDPR that compels data controllers to delete personal data without undue delay upon a valid request from the data subject.

The Right to Erasure is not an absolute right; it applies specifically when the personal data is no longer necessary for its original purpose, the data subject withdraws consent, or the processing was unlawful. For AI systems, this creates a profound technical conflict: traditional deletion from a database is trivial, but removing the influence of specific data points from the weights of a trained foundation model is a complex, unsolved challenge known as machine unlearning.

Compliance requires organizations to extend deletion requests beyond live databases to backup systems, logs, and training corpora. The technical difficulty lies in the fact that neural networks do not store discrete records but rather encode statistical patterns. Retraining a model from scratch without the deleted data is often computationally prohibitive, driving research into approximate unlearning techniques that seek to scrub the data's influence without full retraining.

GDPR Article 17

Key Characteristics of the Right to Erasure

The Right to Erasure, or 'right to be forgotten,' is not an absolute right. It applies under specific conditions and presents unique technical challenges when applied to machine learning models that have memorized data rather than simply stored it.

01

Legal Grounds for Erasure

The right is not automatic; it must be invoked under one of six specific legal bases defined in GDPR Article 17(1).

  • Consent Withdrawal: The data subject withdraws consent and no other legal basis for processing exists.
  • Objection to Processing: The data subject objects under Article 21(1) and there are no overriding legitimate grounds.
  • Unlawful Processing: The personal data was processed in violation of GDPR.
  • Legal Obligation: Erasure is required to comply with a Union or Member State legal obligation.
  • Purpose Expiration: The data is no longer necessary for the original collection purpose.
  • Child Data: Data collected in relation to information society services offered to a child.
02

The Memorization Problem

Unlike databases where records can be deleted, neural networks memorize training data within their weights. Erasure requires addressing this fundamental technical challenge.

  • Weight-Level Memorization: Large language models can verbatim reproduce training sequences, including PII, when prompted adversarially.
  • No Direct Deletion: There is no SQL DELETE equivalent for a trained model; the influence of a data point is distributed across millions of parameters.
  • Exact vs. Approximate Unlearning: Exact unlearning requires proving the model is indistinguishable from one trained without the data. Approximate unlearning aims to remove the data's influence to a statistically negligible level.
03

Technical Unlearning Methods

Machine unlearning is an active research area with several emerging techniques to comply with erasure requests without full retraining.

  • SISA (Sharded, Isolated, Sliced, Aggregated): Training data is partitioned into isolated shards. Erasure requires retraining only the affected shard, dramatically reducing compute cost.
  • Gradient Ascent: Reversing the training process by applying the negative of the original gradient updates for the target data, effectively 'unlearning' it.
  • Differential Privacy Unlearning: Training with DP guarantees ensures that no single data point significantly influences the model, making certified removal feasible.
  • Scrubbing: Post-hoc techniques that identify and suppress specific knowledge within model weights without retraining.
04

Exemptions and Limitations

Article 17(3) carves out critical exceptions where the right to erasure does not apply, balancing privacy with other fundamental rights.

  • Freedom of Expression: Erasure cannot override the right to freedom of expression and information, particularly relevant for journalistic or artistic content.
  • Legal Claims: Processing necessary for the establishment, exercise, or defense of legal claims is exempt.
  • Public Interest: Archiving purposes in the public interest, scientific or historical research, or statistical purposes where erasure would render impossible or seriously impair the achievement of those objectives.
  • Public Health: Processing necessary for reasons of public interest in the area of public health.
05

Controller Obligations & Timelines

Data controllers face strict procedural requirements when a valid erasure request is received.

  • Response Deadline: The controller must act without undue delay and at the latest within one month of receiving the request.
  • Extension: This period may be extended by two further months where necessary, taking into account the complexity and number of requests.
  • Notification Duty: The controller must communicate the erasure to each recipient to whom the data was disclosed, unless this proves impossible or involves disproportionate effort.
  • Verification: Controllers must take reasonable steps to verify the identity of the requester before proceeding with erasure.
06

Model Retraining vs. Data Deletion

A critical distinction exists between deleting data from storage and removing its influence from a model. Compliance requires both.

  • Storage Deletion: Removing the raw personal data from databases, data lakes, and backup systems is the straightforward first step.
  • Model Retraining: The complex second step involves retraining the model from scratch without the deleted data or applying machine unlearning techniques.
  • Cascade Effect: If a model trained on deleted data was used to generate synthetic data or fine-tune downstream models, those derivative artifacts may also require remediation.
  • Audit Trail: Controllers must maintain a Record of Processing Activities (RoPA) documenting the erasure process to demonstrate compliance to supervisory authorities.
RIGHT TO ERASURE

Frequently Asked Questions

Explore the technical and legal intricacies of the 'right to be forgotten' as it applies to machine learning models, covering the challenges of deleting memorized data from trained weights.

The Right to Erasure, also known as the 'right to be forgotten,' is a legal right under regulations like GDPR Article 17 that compels data controllers to delete personal data without undue delay. In the context of artificial intelligence, this right poses a profound technical challenge because it extends beyond deleting records from a database. It requires removing the influence of specific data points from the parameters of a trained machine learning model. Since models do not store data in a literal sense but rather encode statistical patterns within their weights, true erasure necessitates computationally expensive processes like model unlearning or complete retraining from a cleansed corpus to ensure the data is no longer represented in the model's decision-making logic or generative outputs.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.