|
|
|
|
|
|
by delroth
1598 days ago
|
|
|
Not speaking for my employer, but the actual quote from GDPR is: > The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. Emphasis mine. This would not include the vast majority of automated bans. It's more meant as a way to prevent e.g. automated police action via algorithmic selection. |
|
|
One example of a legal effect is cancellation of a contract. Examples of significant effect include automatic refusal of an online credit application, and e-recruiting practices without any human intervention.
Advertising is in scope too: "For example, someone known or likely to be in financial difficulties who is regularly targeted with high interest loans may sign up for these offers and potentially incur further debt."
Pricing is in scope too: "Automated decision-making that results in differential pricing based on personal data or personal characteristics could also have a significant effect if, for example, prohibitively high prices effectively bar someone from certain goods or services."
Finally, there's an example of profiling reducing a credit card limit. "This could mean that someone is deprived of opportunities based on the actions of others."
Anecdotally, getting kicked out of my email account has had far bigger effects on me than being rejected my credit card application.
https://ec.europa.eu/newsroom/article29/items/612053/en