Explaining Data Deletion : Bridging Explainability, Semantic summaries and GDPR’s right to be forgotten
Akter, Marjia (2025)
2025
Master's Programme in Computing Sciences and Electrical Engineering
Informaatioteknologian ja viestinnän tiedekunta - Faculty of Information Technology and Communication Sciences
Hyväksymispäivämäärä
2025-12-17
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:tuni-2025121611775
https://urn.fi/URN:NBN:fi:tuni-2025121611775
Tiivistelmä
The rapid growth of data-driven systems has intensified concerns over privacy, accountability, and compliance with data protection regulations. Central to this discourse is the General Data Protection Regulation (GDPR) and its provision of the Right to Be Forgotten, which grants individuals the ability to request the erasure of their personal data. While the legal framework is well established, significant technical and organizational challenges continue to hinder its full implementation.
This thesis explores how data deletion can be made explainable and interpretable by integrating formal compliance guarantees, semantic summarization, and user-centric explainability. The research builds on three core pillars: (1) formal models of deletion compliance, (2) explainable deletion paradigms, and (3) semantic graph-based summarization methods.
A conceptual framework is developed to bridge these perspectives, enabling deletion processes that are both verifiable and understandable. Prototype implementations combine compliance-oriented deletion with semantic summaries that provide concise, meaningful descriptions of what data has been removed, how dependencies are managed, and why certain information cannot be deleted. Additionally, large language models are explored to translate these summaries into natural, user-friendly narratives.
Evaluation strategies include technical verification of deletion compliance, assessment of semantic summary quality using established metrics such as coverage, precision, and representativeness, and user-centred evaluation of trust and interpretability. The findings reveal trade-offs between technical assurance and explanatory clarity and propose pathways for integrating explainable deletion into machine unlearning practices and future regulatory frameworks.
This work contributes to the ongoing discourse on bridging legal, technical, and human-centred perspectives on data deletion. It offers a step toward accountable, transparent, and GDPR-compliant practices for the digital age.
This thesis explores how data deletion can be made explainable and interpretable by integrating formal compliance guarantees, semantic summarization, and user-centric explainability. The research builds on three core pillars: (1) formal models of deletion compliance, (2) explainable deletion paradigms, and (3) semantic graph-based summarization methods.
A conceptual framework is developed to bridge these perspectives, enabling deletion processes that are both verifiable and understandable. Prototype implementations combine compliance-oriented deletion with semantic summaries that provide concise, meaningful descriptions of what data has been removed, how dependencies are managed, and why certain information cannot be deleted. Additionally, large language models are explored to translate these summaries into natural, user-friendly narratives.
Evaluation strategies include technical verification of deletion compliance, assessment of semantic summary quality using established metrics such as coverage, precision, and representativeness, and user-centred evaluation of trust and interpretability. The findings reveal trade-offs between technical assurance and explanatory clarity and propose pathways for integrating explainable deletion into machine unlearning practices and future regulatory frameworks.
This work contributes to the ongoing discourse on bridging legal, technical, and human-centred perspectives on data deletion. It offers a step toward accountable, transparent, and GDPR-compliant practices for the digital age.