Bertelsmann Stiftung (ed.)

Stephan Dreyer and Wolfgang Schulz

The General Data Protection Regulation and Automated Decision-making: Will it deliver?

Format Type
Date of publication
50 pages, PDF


Free of charge


Wolfgang Schulz and Stephan Dreyer analyze in detail the relevant articles of the GDPR and elucidate whether the new regulation can promote more comprehensible and verifiable algorithmic decision-making systems. They examine to what extent the new regulation can safeguard individual interests such as personality rights on the one hand and societal goals such as non-discrimination and social inclusion on the other. In addition to this, they explore certain additions to the GDPR and alternative regulatory tools, which could complement its provisions. Such additional approaches are needed for algorithmic systems. The regulation has a restricted area of application and in view of its focus on safeguarding individual rights it is not capable of safeguarding group interests and societal values such as non-discrimination. In order to broaden the scope of what is possible within the framework of the GDPR, there is above all a need for a more active data protection supervisory authority which is prepared to look at the societal risks of ADM systems. Moreover, beyond the GDPR’s scope, there is a need for additional approaches which can facilitate a more far-reaching evaluation and rectification of automated decisions. Besides provisions to open ADM systems to scrutiny by independent third parties, consumer protection law provides additional regulatory starting points.

Related projects

Cover Ethik der Algorithmen

Im Projekt Ethik der Algorithmen setzen wir uns mit den gesellschaftlichen Folgen algorithmischer Entscheidungsfindung auseinander. Wir wollen zu einer Gestaltung algorithmischer Systeme beitragen, die zu mehr Teilhabe für alle führt. Nicht das technisch Mögliche, sondern das gesellschaftlich Sinnvolle muss Leitbild sein.