Abstract
This paper examines the approach under the General Data Protection Regulation (GDPR) to profiling and (automated) decision-making as well as the corresponding legal and ethical implications. The definition of profiling under the GDPR is analysed in relation to different degrees of automation when it comes to decision-making based on the processing of personal or non-personal data. A two-step approach to profiling and decision-making, which can be found in the structure and wording of the GDPR, is described and analysed. It is argued that the use of this model helps understand how profiling and decision-making are conducted and how the two steps are interconnected. Furthermore, the two-step approach allows to identify various legal implications of profiling and the corresponding decision-making, such as those related to privacy and economic freedom. Further, the discussion of ethical aspects draws on two recent and controversial use cases. The first example deals with discriminatory effects that may result from profiling. The second one concerns opaque automated decision-making in the context of credit scoring. This ethical assessment is based on the ethical framework supplied by the wording of the GDPR.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
