The right to be forgotten: Building trust in the AI future

AI remembers, privacy leaks

A few months ago, a woman named Pruthvi Mehta asked ChatGPT for advice on how to care for her ailing peacock plant. She was shocked when the chatbot revealed in its response someone else’s personal details, including a full CV and contact details.

In a post on LinkedIn, Ms Mehta said: “I just wanted to save a dying leaf. Not accidentally download someone's entire career.”

This leak highlights the growing privacy risks of artificial intelligence (AI), showing how easily sensitive data can be exposed by these systems. It also underscores the challenge of ensuring that AI can "forget" data, especially when it’s no longer needed or accidentally absorbed.

When you give data to train an AI, it does not just save it like a file in a folder. The AI algorithm learns from the data and continually mixes it with all its other knowledge into how it works. So even if the original data is deleted, the AI model can still retain and reveal information it learned from that data.

This can cause big problems for our privacy. For example, studies have found that AI can sometimes accidentally leak private information like names or addresses from the data it was trained on even if that information wasn’t supposed to be saved. In places like hospitals, courts, or schools, a data leak of this kind could have severe consequences for privacy and safety.

But an emerging technique known as “machine unlearning” offers a promising solution to this challenge.

What is machine unlearning and can we trust AI to truly forget?

Machine unlearning algorithms are designed to remove specific data and its effects from an AI model without the need to rebuild the entire system. It could help organisations respond to privacy requests faster and with fewer resources.

It’s not just about targeted deletion of individual files. It’s about deleting the model’s memory so that it no longer uses, stores, or is influenced by specific data points.

However, a critical question remains once our data has purportedly been deleted: How can we confirm for sure that it has truly been deleted? If a person asks an AI system to forget them, what proof can we offer for assurance that the system no longer remembers?

Researchers are working on ways that can audit and verify unlearning. Some propose the use of formal guarantees or certificates of deletion. For now, machine unlearning remains more of a technical ambition than an everyday reality. But as AI becomes more embedded into privacy-sensitive areas such as healthcare, education, and law enforcement, the right to be forgotten – and to prove it – will become an even greater technological, legal, and ethical necessity.

How is research addressing the problem?

Scientists are working hard to teach AI systems how to “forget” without starting from scratch. Right now, the most obvious solution is to retrain the model entirely without the unwanted data. But that’s not cheap - training GPT-4 alone cost over US$100 million, as OpenAI CEO Sam Altman revealed.

To avoid full retraining, researchers are testing smarter alternatives. One method adjusts the model’s internal parameters to reduce how much it “remembers” certain pieces of training data. This way, AI can forget specific information without losing everything it has learned.

Researchers at the Tokyo University of Science have developed another technique that skips retraining altogether. Instead, their method tweaks how the model responds to prompts, allowing it to "unlearn" certain facts while keeping the rest of its knowledge intact to selectively forget unnecessary or sensitive data.

New approaches to help AI forget include federated learning, which keeps data on users' devices instead of storing it on a central server, and differential privacy, which adds random noise to the data to protect privacy while still allowing the AI to learn useful patterns.

The goal across all these efforts is the same: to give users more control over what AI remembers and to bring real data privacy closer to reality.

Why this matters for Vietnam

In Vietnam today, people are using online transactions daily, from ordering a meal to paying utility bills. AI is mostly quietly working in the background. It collects and processes our names, addresses, payment card details, and even our medical records. But when that information is misused or accidentally leaked, the consequences can be devastating, like lost money, damaged reputations, and deep emotional harm.

Vietnam’s new Law on Personal Data Protection (effective from 1 January 2026) is a step in the right direction, but laws alone can’t protect us from every risk. If AI can’t truly “forget” what it has learned, we risk building systems that carry fragments of our private lives forever.

Trust isn’t built on promises but on proof. If Vietnam wants a digital future people can believe in, it must ensure AI can forget as well as it learns. It’s how we protect privacy and build systems that serve people, not just data.

Story: Dr James Kang, Senior Lecturer in Computer Science, School of Science, Engineering & Technology, RMIT University Vietnam

Thumbnail image: Elnur – stock.adobe.com | Masthead image: tippapatt – stock.adobe.com