When government decisions are made about individuals' rights using data processing, it can be hard for an individual to know whether their data were accurate or processed correctly. Transparency and accountability in the adoption and operation of data processing and automated decision-making can help improve trust in such technology and enable it to function more effectively.
This briefing sets out some of the rule of law questions and includes two case study examples of government use of such technology. Following these examples, the briefing considers governance of data processing under the General Data Protection Regulation (GDPR) through Data Protection Impact Assessments, and finally outlines some other features of the regulatory and policy landscape.
Use of data processing by the private sector also raises rule of law questions, including issues of transparency and accountability in decision-making. The GDPR provisions for Data Protection Impact Assessments apply to private sector actors as well as government. Robust Data Protection Impact Assessment processes could not only form part of private sector compliance with the law, but also help to grow public trust and confidence in use of data processing through transparency and explaining data processing use to the public.
13 May 2019
- Dominic Grieve QC MP, Char of the APPG on the Rule of Law
- Roger Taylor, Chair of the Centre for Data Ethics & Innovation