Cybersecurity » Conundrum For Companies: The GDPR’s “Right To An Explanation”

Conundrum For Companies: The GDPR’s “Right To An Explanation”

July 31, 2018

Europe’s General Data Protection Regulation includes the right to an explanation regarding automated decisions that affect clients and consumers. The term “right to an explanation” itself is never used, but the concept is addressed in a variety of contexts: Specifically, Articles 13-15 provide rights to “meaningful information about the logic involved” in automated decisions. Companies now have the task of figuring out what that means as applied to their own processes, and how to do that is the subject of an article by Kathryn Hume in the Harvard Business Review. She says it’s important to understand that some machine-learned processes are of no interest to privacy regulators (e.g., e-discovery programs that comb through documents), while others – e.g. algorithms that determine who gets a credit card – are ripe for scrutiny. Companies need to determine where a particular machine learning model sits in the entire business process, with the understanding that one process may include many machine learning models, each with own explainability requirements. Where it’s determined that an explanation is required, the technical, business, and compliance teams should meet regularly “to review performance and adjust the model to achieve fair outcomes.”

Read full article at:

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top