Formalizing Data Deletion in the Context of the Right to be Forgotten

The right of an individual to request the deletion of their personal data by an entity that might be storing it -- referred to as the right to be forgotten -- has been explicitly recognized, legislated, and exercised in several jurisdictions across the world, including the European Union, Argentina, and California. However, much of the discussion surrounding this right offers only an intuitive notion of what it means for it to be fulfilled -- of what it means for such personal data to be deleted. In this work, we provide a formal definitional framework for the right to be forgotten using tools and paradigms from cryptography. In particular, we provide a precise definition of what could be (or should be) expected from an entity that collects individuals' data when a request is made of it to delete some of this data. Our framework captures several, though not all, relevant aspects of typical systems involved in data processing. While it cannot be viewed as expressing the statements of current laws (especially since these are rather vague in this respect), our work offers technically precise definitions that represent possibilities for what the law could reasonably expect, and alternatives for what future versions of the law could explicitly require. Finally, with the goal of demonstrating the applicability of our framework and definitions, we consider various natural and simple scenarios where the right to be forgotten comes up. For each of these scenarios, we highlight the pitfalls that arise even in genuine attempts at implementing systems offering deletion guarantees, and also describe technological solutions that provably satisfy our definitions. These solutions bring together techniques built by various communities

Towards an auditable cryptographic access control to high-value sensitive data

We discuss the challenge of achieving an auditable key management for cryptographic access control to high-value sensitive data. In such settings it is important to be able to audit the key management process - and in particular to be able to provide verifiable proofs of key generation. The auditable key management has several possible use cases in both civilian and military world. In particular, the new regulations for protection of sensitive personal data, such as GDPR, introduce strict requirements for handling of personal data and apply a very restrictive definition of what can be considered a personal data. Cryptographic access control for personal data has a potential to become extremely important for preserving industrial ability to innovate, while protecting subject's privacy, especially in the context of widely deployed modern monitoring, tracking and profiling capabilities, that are used by both governmental institutions and high-tech companies. However, in general, an encrypted data is still considered as personal under GDPR and therefore cannot be, e.g., stored or processed in a public cloud or distributed ledger. In our work we propose an identity-based cryptographic framework that ensures confidentiality, availability, integrity of data while potentially remaining compliant with the GDPR framework

The Application of the Right to be Forgotten in the Machine Learning Context: From the Perspective of European Laws

The right to be forgotten has been evolving for decades along with the progress of different statutes and cases and, finally, independently enacted by the General Data Protection Regulation, making it widely applied across Europe. However, the related provisions in the regulation fail to enable machine learning systems to realistically forget the personal information which is stored and processed therein. This failure is not only because existing European rules do not stipulate standard codes of conduct and corresponding responsibilities for the parties involved, but they also cannot accommodate themselves to the new environment of machine learning, where specific information can hardly be removed from the entire cyberspace. There is also evidence in the technical, legal, and social spheres to elaborate on the mismatch between the rules of the right to be forgotten and the novel machinery background based on the above reasons. To mitigate these issues, this article will draw lessons from the cyberspace regulation theories and expound on their insights into realizing the right and the strategies they offered to reframe a new legal scheme of the right. This innovative framework entails a combination of technological, legal, and possibly social measures taken by online intermediaries which make critical decisions on the personal data given the so-called stewardship responsibilities. Therefore, the application of the right to be forgotten in the machinery landscape will plausibly be more effective