California AI Compliance Checker Logo
← Back to Articles

CCPA for AI: How AB 1008 Changes Data Deletion Requests in 2025

Can an AI 'forget' personal data? AB 1008 says you better find a way. 🧠

The Right to be Forgotten in the Age of AI

The CCPA granted Californians the right to delete their personal data. AB 1008 extends this to data used to train AI models. This presents a massive technical challenge: Machine Unlearning.

The Challenge

Once a model is trained, the data is "baked in" to the weights. Simply deleting the database record doesn't remove the influence of that data on the model.

Compliance Strategies

  • Retraining: Regularly retraining models from scratch without the deleted data (expensive).
  • Machine Unlearning Algorithms: Emerging techniques to update model weights to "forget" specific samples.
  • Filtering: Implementing output filters to prevent the model from regurgitating the deleted PII.

Conclusion

Data deletion is no longer just a database operation. It's an ML ops problem.

Previous ArticleSB 243: Compliance Rules for Companion ChatbotsNext ArticleAB 2905 Checklist: Are Your Marketing Bots Legal?

Is Your AI Compliant?

Don't guess. Use our free calculator to check your AB 489 & AB 3030 status in minutes.

Start Free Compliance Check

2026 Legislative Tracker

Live status of California AI regulations.

SB 53Enacted

Transparency in Frontier AI

Effective: Jan 1, 2026
AB 2013Deadline Approaching

Training Data Transparency

Effective: Jan 1, 2026
SB 942Enacted

AI Watermarking

Effective: Jan 1, 2026
SB 1047Vetoed

Safe & Secure Innovation

Effective: N/A
View Full Compliance Roadmap →