Loading

Blog details

Profiling and the GDPR —here’s what you need to know

Profiling and the GDPR —here’s what you need to know

In todays blog we take a deeper look into profiling and the GDPR.

Given the highly automated technological world that we live in, were pretty certain that by now youve heard the term profiling once, twice, thrice—who knows, maybe even hundreds of times. But what is it really? How is it used by organizations? Could it affect individualsrights? What measures are in place by the GDPR to limit and regulate any possible unethical or discriminatory effects of profiling?

According to the ICO  profiling is a means of analysing aspects of an individuals personality, behaviour, interests and habits to make predictions or decisions about them. This can be achieved through the use of algorithms to find correlations between separate datasets.

The ICO notes that organizations generally use profiling to:     

find something out about individualspreferences;
predict their behaviour; and/or
make decisions about them.”

Expounding further, the following are offered by the ICO as examples of profiling:

The collection and analysis of personal data on a large scale, using algorithms, AI or machine-learning;
The identification of associations to build links between different behaviours and attributes;
The creation of profiles that you apply to individuals; or
The prediction of individualsbehaviour based on their assigned profiles.

In our latest YouTube VlogI use AI: Do I need to worry about GDPR? FAQs Part 2 we delve further into profiling. We present real life scenarios and offer answers to some of the most frequently asked questions about profiling & the GDPR. Click here to take a look.

Plus, if you believe you have been unfairly profiled, the GDPR might provide a remedy for you. According to Dr Bostjan Makarovic, Aphaia’s Managing Partner, “individuals have the right to object to profiling. If the data controller believes their profiling operation is subject to an exception or ignores their request, theindividual may launch a complaint to the supervisory authority, plus may be entitled to compensation.”

Does your company utilize Artificial Intelligence and algorithms to conduct profiling or automated decision making? Aphaias AI ethics assessments  will assist in ensuring that it falls within the scope of the EUs and UKs ethical framework. Aphaia also provides both GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing.  Contact us today.

Prev post
ICO launches consultation on draft right of access guidance
December 11, 2019
Next post
EDPB issues opinion on UK Supervisory Authority draft accreditation for a code of conduct monitoring body
December 18, 2019

Leave a Comment