Rethinking Explainable Machines: The GDPR's 'Right to Explanation' Debate and the Rise of Algorithmic Audits in Enterprise

45 Pages Posted: 22 Mar 2018 Last revised: 17 Apr 2019

See all articles by Bryan Casey

Bryan Casey

Stanford Law School

Ashkon Farhangi

Stanford University - Stanford Codex Center

Roland Vogl

Stanford Law School

Date Written: February 19, 2018

Abstract

The public debate surrounding the General Data Protection Regulation’s (GDPR) “right to explanation” has sparked a global conversation of profound social and economic significance. But from a practical perspective, the debate’s participants have gotten ahead of themselves. In their search for a revolutionary new data protection within the provisions of a single chapter of the GDPR, many prominent contributors to the debate have lost sight of the most revolutionary change ushered in by the Regulation: the sweeping new enforcement powers given to European data protection authorities (DPAs) by Chapters 6 and 8 of the Regulation. Unlike the 1995 Data Protection Directive that it replaced, the GDPR’s potent new investigatory, advisory, corrective, and punitive powers granted by Chapters 6 and 8 render DPAs de facto interpretive authorities of the Regulation’s controversial “right to explanation.” Now that the DPAs responsible for enforcing the right have officially weighed in, this Article argues that at least one matter of fierce public debate can be laid to rest. The GDPR provides a muscular “right to explanation” with sweeping legal implications for the design, prototyping, field testing, and deployment of automated data processing systems. The protections enshrined within the right may not mandate transparency in the form of a complete individualized explanation. But a holistic understanding of the interpretation by DPAs reveals that the right’s true power derives from its synergistic effects when combined with the algorithmic auditing and “data protection by design” methodologies codified by the Regulation’s subsequent chapters. Accordingly, this Article predicts that algorithmic auditing and “data protection by design” practices will likely become the new gold standard for enterprises deploying machine learning systems both inside and outside of the European Union.

Keywords: Automated, Decision, Decision-Making, Profiling, Data, Processing, Protection, Explanation, XAI, Explicability, Explainable, Interpretability, Machine, Learning, AI, Artificial, Intelligence, Algorithm

Suggested Citation

Casey, Bryan and Farhangi, Ashkon and Vogl, Roland, Rethinking Explainable Machines: The GDPR's 'Right to Explanation' Debate and the Rise of Algorithmic Audits in Enterprise (February 19, 2018). Berkeley Technology Law Journal, Vol. 34, 2019, Available at SSRN: https://ssrn.com/abstract=3143325

Bryan Casey (Contact Author)

Stanford Law School ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Ashkon Farhangi

Stanford University - Stanford Codex Center ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Roland Vogl

Stanford Law School ( email )

559 Nathan Abbott Way
Stanford, CA 94305-8610
United States

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
1,499
Abstract Views
5,775
Rank
23,394
PlumX Metrics