HOW GDPR TREATS AUTOMATED DECISION-MAKING
HOW GDPR TREATS AUTOMATED DECISION-MAKING
DOI:
https://doi.org/10.46687/jsar.v28i1.435Keywords:
GDPR, Automated decision-making, Profiling, Article 22, Personal data, Artificial intelligence, Data subject rights, Data protection, Algorithms, TransparencyAbstract
This article examines how the General Data Protection Regulation (GDPR) regulates automated decision-making, including profiling, in the context of personal data processing. It analyzes the main provisions of Article 22 of the Regulation, as well as the conditions under which fully automated decisions that produce legal effects or significantly affect data subjects are permitted. The article highlights the rights of data subjects – the right to human intervention, the right to express their point of view, and the right to contest the decision – along with the responsibilities of data controllers. Practical examples and commentary are included, focusing on the application of these rules in the context of modern technologies such as algorithmic profiling, artificial intelligence, and machine learning.
References
Article 29 Working Party. (2018). Guidelines on Automated Individual Decision-Making and Profiling for the Purposes of Regulation 2016/679 (WP251rev.01).https://ec.europa.eu/newsroom/article29/document.cfm?action=display&doc_id=49826.
Boyanov, P., Implementation of TCP SYN flood cyber attack in the computer network and systems. A refereed Journal Scientific and Applied Research, Konstantin Preslavsky University Press, 2019, 17, 36-42, ISSN 1314-6289 (Print), ISSN 2815-4622 (Online), DOI: https://doi.org/10.46687/jsar.v17i1.270.
Boyanov, P., Basic network penetration testing with the network tool Netcat in Linux-based operating systems. A refereed Journal Scientific and Applied Research, Konstantin Preslavsky University Press, Vol. 25, Shumen, 2023, ISSN 1314-6289 (Print), ISSN 2815-4622 (Online), pp. 15-30, DOI: https://doi.org/10.46687/jsar.v25i1.377.
Dimanova, D., Kuzmanov, Z. Development of an Integrated Security and Communication System, International Scientific Referenced Online Journal, issue 63, November 2019, ISSN: 2367-5721, www.sociobrains.com. pp. 83-91.
Dimanova, D., Kuzmanov, Z. Risk Measurement and Assessment. SocioBrains, international scientific online journal, publisher: www.SocioBrains.com, ISSN 2367-5721, pp. 63–69, issue 32, April 2017.
European Data Protection Board (EDPB). (2020). Guidelines 05/2020 on Consent under Regulation 2016/679 (version 1.1).
European Data Protection Board (EDPB) – Guidelines and Opinions.
Goodman, B., & Flaxman, S. (2017). European Union regulations on algorithmic decision-making and the “right to be explained”. AI Magazine, 38(3), 50–57.
Guidelines on Automated Individual Decision-Making and Profiling (WP251 rev.01).
Kuzmanov, Z., Cyberterrorism – definition and forms. SocioBrains, www.sociobrains.com, Published by: Veselina Nikolaeva Ilieva, Bulgaria, issue 76, December 2020, p. 151, ISSN 2367-5721, (online) – (Bulgarian language).
Metodieva, T., "National and Corporate Security," NK with international participation "MATTEX 2018," Shumen University "Bishop Konstantin Preslavski," October 25-27, 2018, Shumen, ISSN: 1314-3921, vol. 2, 2018.
Metodieva, Ts., "Corporate Security and Its Components." Yearbook of Shumen University "Bishop Konstantin Preslavski," pp. 338-341, ISSN 1311-834X, 2020 (Bulgarian language).
Regulation (EU) 2016/679 (GDPR).
Voigt, P., & Von dem Bussche, A. (2017). The EU General Data Protection Regulation (GDPR): A Practical Guide. Springer International Publishing.
Wachter, S., Mittelstadt, B., & Floridi, L. (2017). Why there is no right to be explained to automated decision-making in the General Data Protection Regulation. International Data Protection Law, 7(2), 76–99.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 JOURNAL SCIENTIFIC AND APPLIED RESEARCH
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
https://orcid.org/0000-0003-3668-6713