Why a Right to Legibility of Automated Decision-Making Exists in the General Data Protection Regulation

The aim of this contribution is to analyse the real borderlines of the 'right to explanation' in the GDPR and to discretely distinguish between dif ferent levels of information and of consumers' awareness in the 'black box society. In order to combine transparency and comprehensibility we propose the new concept of algorithm 'legibility'. We argue that a systemic interpretation is needed in this field, since it can be beneficial not only for individuals but also for businesses. This may be an opportunity for auditing algorithms and correcting unknown machine biases, thus similarly enhancing the quality of decision-making outputs. Accordingly, we show how a systemic interpretation of Articles 13-15 and 22 GDPR is necessary, considering in particular that: The threshold of minimum human intervention required so that the decision-making is 'solely' automated (Article 22(1)) can also include nominal human intervention; the envisaged 'significant effects' on individuals (Article 22(1)) can encompass as well marketing manipulation, price discrimination, etc; 'meaningful information' that should be pro-vided to data subjects about the logic, signifi-cance and consequences of decision-making (Article 15(1 )(h)> should be read as 'legibility' of 'architecture' and 'implementation' of algorith-mic processing; trade secret protection might limit the right of access of data subjects, but there is a general legal favour for data protection rights that should reduce the impact of trade secrets protection. In addition, we recommend a 'legibility test' that data controllers should perform in order to com-ply with the duty to provide meaningful information about the logic involved in an automated decision-making. ©The Author 2017. Published by Oxford University Press.