The right to be forgotten is included in the proposed regulation on data protection published by the European Commission in January 2012.
Despite the debates about this topic, related to the fact that in an open system like internet, the right to be forgotten cannot be enforced by technical means alone (see ENISA report about Right to be forgotten), I would like to demonstrate a theoretical model to address this regulation.
The model is inspired by the "Chain-link confidentiality approach" which can realistically be applied to the User-Managed Access (UMA) protocol.
A chain-link confidentiality regime would contractually link the disclosure of personal information to obligations to protect that information as the information moves downstream.The system would focus on the relationships not only between the discloser of information and the initial recipient, but also between the initial recipient and subsequent recipients.
UMA defines how resource owners (an individual) can control protected-resource (personal information) access by clients operated by arbitrary requesting parties (the recipients), where the resources reside on any number of resource servers (the provider of the personal information), and where a centralized authorization server governs access based on resource owner policy.
The assumption here is that the personal information at each chain node are exposed as web resource.
As result, an individual has the possibility to control where information are stored at the initial recipient, and track all the copies of information derived from it, following the chain of protection.
Through the UMA's Authorization Server, an individual has the possibility to manage the right to remove data from the resource servers, and delete any relationship with them.
The diagram below show how the proposed model addresses the complexity to represent the relationships and the control on the individual’s personal information distributed among different initial recipients and subsequent recipients. In the example is showed (in dotted line) a chain of protection, where the Bank (resource server) is the initial recipient for bank account information, and the Employer and the Loan Service are requesting parties as subsequent recipients which become protected resources.