AI Models, the Right to Erasure, and the limits of one of GDPR’s biggest promises.
The EDPB stated in its Coordinated Enforcement Report (2025) that the right to erasure/‘right to be forgotten’ under Article 17 GDPR is one of the most frequently exercised rights and one to which Data Protection Authorities frequently receive requests from individuals.
Under Article 17 GDPR, the right to erasure arises when: an individual (data subject) withdraws consent for use of their data; in cases of unlawful processing of data; or where the original reason for data collection has lapsed. In theory this is straightforward but is one of the most technical and unresolved questions in data protection related to AI systems today.
The rationale of this right being included in the GDPR was to strengthen the broader right to privacy and allow individuals control over their digital footprint. But is a practically enforceable right in the now AI heavy online space?
The Erasure Problem
When an individual invokes this right comes the compliance conundrum. Normally, deleting a record from a database is, “access the database, locate the data and remove it”. However, AI systems are fundamentally different in a way that when a model is trained on a dataset such information does not sit in a single database. It is encoded, distributed, and transformed into billions of numerical parameters that become the model itself.
Deleting from such large databases becomes complex due to vastness of the data, differing access, storage, and backup methods that make full deletion of segregated data currently technically impossible. The only sure way to remove particular data at that level is to retrain the model from scratch without that data. So, in strictest interpretation of the GDPR, trained models may still constitute unlawful processing of personal data.
Article 17 GDPR does not specifically address AI training but requires erasure “without undue delay”. The supervisory authority has also not yet issued definitive guidance on the technical standard of ‘deletion/erasure’ in context of AI models or even whether large language model weights constitute personal data.
The Technical Solutions:
A few methods that do not need training AI models afresh have been suggested as options to enforce data protection and privacy without stifling technological developments that include:
Machine Unlearning and Differential Privacy. Broadly speaking, machine unlearning is achieved by retraining models with alternate datasets to “forget” specific data or using of mathematical approximations of what the model would have been had the data never been included, while the latter works by adding “random noise” to the training data making it almost impossible to infer personal data from its outputs.
All these are promising approaches but imperfect due to trade-offs in accuracy of final AI model outputs and even then, EDPB guidance is still necessary on if these deletion methods can satisfy the legal standard of erasure.
Conclusion: What Organisations should do now?
Until clear regulatory guidance arrives on exercising the right in relation to AI models, organisations that carry out training using personal data should consider the following practical steps:
- Implement data minimisation at the training stage as the less personal data used for model training, the smaller the erasure problem.
- Maintain detailed records of which personal data was used in which training datasets, so erasure requests can be assessed effectively.
- Build erasure-aware design workflows so that models can be retrained or fine-tuned if legally required.
- Monitoring EDPB guidance on enforcement of the right to erasure in AI as this is an active area of regulatory development, and the rules on this issue are being discussed now.
At this moment, the continued absence of comprehensive guidance on enforcement of this right to be forgotten regarding AI Models leaves AI Companies with the option to rely on the technical complexities of compliance or the exclusions to this right.
About the Author: Thomas Becket Mulondo, is an attorney-at-law and LL.M. candidate in Intellectual Property and Data Law at the Technische Universität Dresden. He is currently completing an internship with our institute, focusing on data protection and regulatory compliance.
