Binary Governance: Lessons from the GDPR's Approach to Algorithmic Accountability
77 Pages Posted: 3 Apr 2019 Last revised: 9 Apr 2019
Date Written: March 12, 2019
Algorithms are used to make significant decisions about individuals, from credit determinations to hiring and firing. But they are largely unregulated under U.S. law. I identify three categories of concerns behind calls for regulating algorithmic decision-making: dignitary, justificatory, and instrumental. Dignitary concerns lead to proposals that we regulate algorithms to protect human dignity and autonomy; justificatory concerns caution that we must assess the legitimacy of algorithmic reasoning; and instrumental concerns lead to calls for regulation to prevent consequent problems such as error and bias. No one regulatory approach can effectively address all three.
I therefore propose a two-pronged approach to algorithmic governance: a system of individual due process rights, combined with collaborative governance (the use of private-public partnerships to govern). Only through this binary approach can we effectively address all three concerns raised by algorithmic, or AI, decision-making. The interplay between the two approaches will be complex; sometimes the two systems will be complimentary, and at other times they will be in tension. I identify that the EU’s General Data Protection Regulation (GDPR) is one such binary system. I explore the extensive collaborative governance aspects of the GDPR and how they interact with its individual rights regime. Understanding the GDPR in this way both illuminates its strengths and weaknesses, and provides a model for how to construct a better binary governance regime for algorithmic, or AI, decision-making.
Keywords: algorithmic accountability, AI, privacy, GDPR, comparative privacy law, data privacy
Suggested Citation: Suggested Citation