The rights in relation to automated decision making
Want to watch this video? Sign up for the course
or enter your email below to watch one free video.
Unlock This Video Now for FREE
This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.
Understanding GDPR Provisions on Automated Decision-Making
Overview
GDPR regulates automated decision-making and profiling, ensuring transparency and fairness in data processing.
Automated Decision-Making
Automated decision-making involves:
- Definition: Decisions made solely by automated means without human intervention.
- Examples: Online loan approvals, recruitment aptitude tests.
GDPR Compliance
Automated decision-making is allowed only under specific circumstances:
- Necessity: For contract entry, explicit consent, or legal authorization.
Responsibilities
Organizations conducting automated decision-making must:
- Transparency: Inform individuals about the processing and their rights.
- Human Intervention: Allow individuals to request human intervention or challenge decisions.
- Regular Checks: Ensure system accuracy and functionality through regular assessments.
Data Protection Impact Assessment (DPIA)
Due to the high risk, organizations must conduct a DPIA:
- Risk Assessment: Identify and address risks associated with automated decision-making.
Privacy Statement
All relevant information should be included in the privacy policy:
- Inclusion: Specify details of processing and lawful basis in the privacy statement.
- Compliance: Ensure alignment with GDPR privacy principles.