GDPR Stress-tests by AI: Towards a user-centric data protection approach

download pdf
Written by Christina Varytimidou
Reading Time -
Tags AI, Data, gdpr

The sustainability of the General Data Protection Regulation and its long-term success, relies to a great extent on whether it can be enforced even in disruptive technologies, like artificial intelligence (‘AI’). Failure to address the data protection challenges AI systems raise will not only make the GDPR obsolete, but also deprive data subjects of their fundamental right to data protection. This paper aims to critically identify the biggest data protection challenges artificial intelligence raises and revisits Lessig’s ‘pathetic dot theory’ to prove that humans are included in every AI development process, and thus have still full control and responsibility for any incompliance with the GDPR. By using legal design as a methodology that embraces humanity and focuses on preventing incompliance issues to arise, the paper will then propose ways to ensure a ‘’usable transparency’’ and suggests real-time data protection dashboards as a way to utilize technology and enable dynamic user empowerment that could cope with dynamic technologies.

‘’For every action, there is an equal and opposite reaction’’
Newton, 3rd law state

Christina Varytimidou

Blue book trainee (EDPS)

Christina Varytimidou

About the author

Christina Varytimidou is an emerging tech and legal design enthusiast. Qualified lawyer in Athens, Greece, and Europrivacy auditor. Passionate about data protection, AI, data spaces, metaverse, and cloud computing. She chose to specialise in the most rapidly evolving field of law because nothing compares with the challenge of supporting digital transformation by applying legislation that was not designed for it.