"This leaves Europe with a massive accountability gap, and great uncertainty. Uncertainty for individuals that do not yet have clearly defined rights, and uncertainty for data controllers who have no clear understanding of their duties."
Dr Sandra Wachter of The Alan Turing Institute
Rational and deep review of a vital topic that will help or hinder application of machine learning, AI and automated advice.
Best to read and join the debate
All our research led me to conclude that the GDPR is likely to only grant a ‘right to be informed’ about the existence of automated decision-making, (the fact that these methods are being used) and about system functionality (logic involved) as well as the significance (scope) and the envisioned consequences (intended purpose e.g. setting credit rates which can impact payment options) rather than offering reasons for how a decision was reached. In practice, this could mean that as a customer, a data controller such as an insurance company has to inform you that algorithmic methods are used to assess your creditworthiness, and that this assessment could have an influence on whether you can pay with a credit card or cash, but not how this assessment was made