The curious case of automated decision-making in IndiaA comparative analysis of automated decision-making under the General Data Protection Regulation in the European Union and the Personal Data Protection Bill in India

被引：0

作者：

Pratiksha Ashok

机构：

[1] UC Louvain,Faculty of Law

来源：

International Cybersecurity Law Review | 2023年 / 4卷 / 2期

关键词：

General Data Protection Regulation; Personal Data Protection Bill; European Union; India; Automated decision-making;

D O I：

10.1365/s43439-022-00078-3

中图分类号：

学科分类号：

摘要：

India is on the cusp of enacting legislation on data protection. India drafted its Personal Data Protection Bill (PDPB), considering the various data protection legislations across the globe, including the General Data Protection Regulation (GDPR) in the European Union (EU). The GDPR stands as a torchbearer in data protection legislation. In EU law, the GDPR is the Regulation on data protection and privacy as well as the transfer of personal data, providing individuals control of their data and streamlining business use of data. One of the rights of data subjects under the GDPR is the right against automated decision-making. The GDPR provides that an individual has the right that their data is not subject to automatic decision-making. There is a need for human intervention to prevent any unintended discrimination. One of the principles that is different in the PDPB is the absence of such a right. The arguments presented in the documents préparatoires state that the Bill recognises privacy by design and is monitored by the data processing authority. If discrimination has ensued due to lawful yet discriminatory automated processing, individuals are always at liberty to go to courts for a breach of fiduciary duties. It is important to highlight and research this crucial difference as the globe moves to an online realm where the personal touch in the physical world is replaced by algorithms making decisions based on the data collected from users. This paper analyses the right against automated decision-making in detail and then examines why India argued not to provide such a right. The two contrasting perspectives would provide an insight into the vast ocean of data protection. As the PDPB seeks to stand as the torchbearer for the global south, this research would also help in comprehending the presence or absence of such a right signal for businesses across the globe.

引用

页码：235 / 248

页数：13

共 13 条

[1]

Alpert D(2020)Beyond request-and-respond Columbia Law Rev 120 1215-1254

[2]

Ashok P(2019)India’s personal data protection bill, 2019—A comparative analysis with the EU GDPR Rev Eur Droit Consomm 1 101-117

[3]

Dass R(2011)Unique identification for indians: a divine dream or a miscalculated heroism? Vikalpa 36 1-14

[4]

Eder N(2021)Beyond automation: machine learning-based systems and human behaviour in the personalization economy Common Market Law Review 54 7-15

[5]

Victor MJ(2013)The EU general data protection regulation: toward a property regime for protecting data privacy Yale Law Journal 123 513-523

[6]

Malgieri G(2017)Why a right to legibility of automated decision-making exists in the general data protection regulation International Data Privacy Law 74 243-265

[7]

Comandé G(2015)Why fairness cannot be automated—bridging the gap between EU—nondiscrimination law and AI Computer Law & Security Review 41 7-9

[8]

Wachter S(2018)‘Counterfactual Explanations Without Opening the Black Box: Automated Decisions and the GDPR’ Harvard Journal of Law and Technology 31 842-887

[9]

Mittelstadt B(undefined)undefined undefined undefined undefined-undefined

[10]

Russell C(undefined)undefined undefined undefined undefined-undefined

← 1 2 →