Picture this, a student who left school years ago reaches out with a request. They’d like their personal data removed from your records. Not just from the admissions system, but everything; emails, reports, maybe even that long-forgotten incident log from Year 9. They’ve moved on and want their past to do the same.
It’s a request that might feel particularly familiar as we approach the end of the academic year. Leavers are saying their goodbyes, staff are wrapping up reports, and across schools and universities, inboxes are starting to fill with data requests of all kinds. One that stands out: the Right to Be Forgotten.
Under the UK GDPR, individuals have the “Right to Be Forgotten,” meaning they can request the deletion of their personal data when it’s no longer necessary. On the surface, it’s empowering. People should have a say in how long their data is kept, and it makes sense that someone might want to shed parts of their past as they grow older.
But in education, where records aren’t just about individuals, they’re about safeguarding, progress, accountability, and shared experiences, it’s not always a straightforward decision.
When Forgetting Isn’t That Simple
Educators are natural record-keepers. Whether it’s for safeguarding, special educational needs, or even just tracking progress over time, information often needs to be preserved for years, sometimes decades. Deleting a student’s file isn’t like clearing out an old inbox, it could mean losing context, closing the door on long-term support, or even creating gaps that matter later on.
Take safeguarding, for instance. A school may need to retain certain records well into adulthood because they could one day form part of a disclosure or investigation. It’s not about holding on to the past unnecessarily, it’s about being prepared for the future.
So when a deletion request lands, it’s not simply a matter of yes or no. It’s about finding the balance between respecting someone’s right to move on, and the very real need to preserve records for legal, ethical, or pastoral reasons.
The Growing Digital Trail
Another challenge? The sheer amount of digital space education now occupies. Emails, learning platforms, CCTV, behaviour tracking software, it all adds up. And each of those systems might hold fragments of someone’s personal story.
In practice, this means schools and universities need to have a clear idea of where data lives, how long it needs to be kept, and when it can safely be deleted. That’s easier said than done, especially when older systems weren’t designed with the right to erasure in mind.
Still, we’re seeing encouraging progress. A number of schools have created systems for reviewing and safely deleting old data, ensuring they don’t keep more than they need to. Some universities have designed workflows that let them honour deletion requests without compromising core records like transcripts or misconduct reports. What’s key is having a clear, fair process and communicating it openly.
Conversations, Not Just Policies
The most effective responses to RTBF requests tend to start with a conversation, not a policy document. The best examples we’ve seen involve staff explaining clearly why some records must be kept, while also doing everything they can to remove unnecessary data. It’s about approaching each request with care and respect, rather than defensiveness or bureaucracy.
That human touch really matters. After all, people often ask to be “forgotten” not just out of privacy concerns, but because they want to close a chapter, sometimes after difficult experiences. Even when we can’t grant a full erasure, we can usually find ways to meet the spirit of the request with kindness and clarity.
So, Where Does That Leave Us?
The Right to Be Forgotten is both powerful and complex. It asks important questions about memory, responsibility, and care. And while it might feel tricky to navigate, it’s also a chance for schools and universities to reflect on the data they hold and why they hold it.
Are we keeping things because we need to? Or because we always have? Are we making space for people to move on? Or unintentionally anchoring them to a version of themselves they’ve long outgrown?
There are no perfect answers, and each case will be a little different. But what’s clear is that thoughtful, transparent processes and a bit of empathy go a long way. Forgetting, when it’s done well, can be an act of respect. And remembering, when necessary, can be an act of care.
If nothing else, it’s a good reminder that every bit of data we collect today might become part of someone’s story tomorrow. How we hold that story, and when we let it go, matters more than ever.