Data regulations such as the GDPR mandate compliant data deletion; however, the semantics of “deletion” remain ambiguous—especially in relational databases with functional dependencies and foreign keys—where residual data may still enable inference of deleted records, resulting in factual leakage. Method: We formally define Dependence-Aware Secure Erasure (DASE), a novel notion ensuring that post-erasure data reveal no additional knowledge about erased tuples. Our approach integrates dependency graph modeling, propagation-aware erasure semantics, and a dynamic cost-optimization algorithm supporting batch deletion and configurable retention policies. Contribution/Results: DASE enables tunable trade-offs between security guarantees and system overhead. Experiments on real-world and synthetic datasets demonstrate that our method significantly reduces inference-based leakage risk while maintaining low latency and high scalability.

Data regulations like GDPR require systems to support data erasure but leave the definition of "erasure" open to interpretation. This ambiguity makes compliance challenging, especially in databases where data dependencies can lead to erased data being inferred from remaining data. We formally define a precise notion of data erasure that ensures any inference about deleted data, through dependencies, remains bounded to what could have been inferred before its insertion. We design erasure mechanisms that enforce this guarantee at minimal cost. Additionally, we explore strategies to balance cost and throughput, batch multiple erasures, and proactively compute data retention times when possible. We demonstrate the practicality and scalability of our algorithms using both real and synthetic datasets.