Deletion-Compliance in the Absence of Privacy

by   Jonathan Godin, et al.

Garg, Goldwasser and Vasudevan (Eurocrypt 2020) invented the notion of deletion-compliance to formally model the "right to be forgotten", a concept that confers individuals more control over their digital data. A requirement of deletion-compliance is strong privacy for the deletion requesters since no outside observer must be able to tell if deleted data was ever present in the first place. Naturally, many real world systems where information can flow across users are automatically ruled out. The main thesis of this paper is that deletion-compliance is a standalone notion, distinct from privacy. We present an alternative definition that meaningfully captures deletion-compliance without any privacy implications. This allows broader class of data collectors to demonstrate compliance to deletion requests and to be paired with various notions of privacy. Our new definition has several appealing properties: - It is implied by the stronger definition of Garg et al. under natural conditions, and is equivalent when we add a privacy requirement. - It is naturally composable with minimal assumptions. - Its requirements are met by data structure implementations that do not reveal the order of operations, a concept known as history-independence. Along the way, we discuss the many challenges that remain in providing a universal definition of compliance to the "right to be forgotten."


page 1

page 2

page 3

page 4


ExD: Explainable Deletion

This paper focuses on a critical yet often overlooked aspect of data in ...

Deletion Inference, Reconstruction, and Compliance in Machine (Un)Learning

Privacy attacks on machine learning models aim to identify the data that...

Forget Unlearning: Towards True Data-Deletion in Machine Learning

Unlearning has emerged as a technique to efficiently erase information o...

Formalizing Data Deletion in the Context of the Right to be Forgotten

The right of an individual to request the deletion of their personal dat...

ACE: A Consent-Embedded privacy-preserving search on genomic database

In this paper, we introduce ACE, a consent-embedded searchable encryptio...

Identifying Practical Challenges in the Implementation of Technical Measures for Data Privacy Compliance

Modern privacy regulations provide a strict mandate for data processing ...

"My Friend Wanted to Talk About It and I Didn't": Understanding Perceptions of Deletion Privacy in Social Platforms

There is a growing concern and awareness about the right-to-be-forgotten...

Please sign up or login with your details

Forgot password? Click here to reset