The European Union’s (EU) General Data Protection Regulation (GDPR) is a comprehensive data privacy and security law that imposes an array of obligations onto organizations that target the European market and collect personal data related to people residing in the EU. Article 17 of the GDPR, also known as the “right to be forgotten,” is one of its key provisions, allowing EU individuals to request that organizations delete their personal data if they no longer want it to be held and processed.
By MALLIKA DARGAN and GAVIN GEORGE, Haynes and Boone, LLP