Binary Governance: Lessons from the GDPR's Approach to Algorithmic Accountability

88 Pages Posted: 3 Apr 2019 Last revised: 11 Nov 2019

See all articles by Margot E. Kaminski

Margot E. Kaminski

University of Colorado Law School; Yale University - Yale Information Society Project; Yale University - Law School; University of Colorado at Boulder - Silicon Flatirons Center for Law, Technology, and Entrepreneurship

Date Written: March 12, 2019

Abstract

Algorithms are now used to make significant decisions about individuals, from credit determinations to hiring and firing. But they are largely unregulated under U.S. law. A quickly growing literature has split on how to address algorithmic decision-making, with individual rights and accountability to nonexpert stakeholders and to the public at the crux of the debate. In this Article, I make the case for why both individual rights and public- and stakeholder-facing accountability are not just goods in and of themselves but crucial components of effective governance. Only individual rights can fully address dignitary and justificatory concerns behind calls for regulating algorithmic decision-making. And without some form of public and stakeholder accountability, collaborative public-private approaches to systemic governance of algorithms will fail.

In this Article, I identify three categories of concern behind calls for regulating algorithmic decision-making: dignitary, justificatory, and instrumental. Dignitary concerns lead to proposals that we regulate algorithms to protect human dignity and autonomy; justificatory concerns caution that we must assess the legitimacy of algorithmic reasoning; and instrumental concerns lead to calls for regulation to prevent consequent problems such as error and bias. No one regulatory approach can effectively address all three. I therefore propose a two-pronged approach to algorithmic governance: a system of individual due process rights combined with systemic regulation achieved through collaborative governance (the use of private-public partnerships). Only through this binary approach can we effectively address all three concerns raised by algorithmic decision-making, or decision-making by Artificial Intelligence (“AI”).

The interplay between the two approaches will be complex. Sometimes the two systems will be complementary, and at other times, they will be in tension. The European Union’s (“EU’s”) General Data Protection Regulation (“GDPR”) is one such binary system. I explore the extensive collaborative governance aspects of the GDPR and how they interact with its individual rights regime. Understanding the GDPR in this way both illuminates its strengths and weaknesses and provides a model for how to construct a better governance regime for accountable algorithmic, or AI, decision-making. It shows, too, that in the absence of public and stakeholder accountability, individual rights can have a significant role to play in establishing the legitimacy of a collaborative regime

Keywords: algorithmic accountability, AI, privacy, GDPR, comparative privacy law, data privacy

Suggested Citation

Kaminski, Margot E., Binary Governance: Lessons from the GDPR's Approach to Algorithmic Accountability (March 12, 2019). Southern California Law Review, Vol. 92, No. 6, 2019 1529, U of Colorado Law Legal Studies Research Paper No. 19-9, Available at SSRN: https://ssrn.com/abstract=3351404 or http://dx.doi.org/10.2139/ssrn.3351404

Margot E. Kaminski (Contact Author)

University of Colorado Law School ( email )

401 UCB
Boulder, CO 80309
United States

Yale University - Yale Information Society Project ( email )

127 Wall Street
New Haven, CT 06511
United States

Yale University - Law School ( email )

P.O. Box 208215
New Haven, CT 06520-8215
United States

University of Colorado at Boulder - Silicon Flatirons Center for Law, Technology, and Entrepreneurship ( email )

Wolf Law Building
2450 Kittredge Loop Road
Boulder, CO
United States

Here is the Coronavirus
related research on SSRN

Paper statistics

Downloads
814
Abstract Views
5,791
rank
33,437
PlumX Metrics