As Daniel Castro and Eline Chivot write for the International Association of Privacy Professionals (IAPP), it is increasingly clear that the European Union’s data-processing regulations will limit the potential of artificial intelligence (AI) in Europe. The EU's General Data Protection Regulation (GDPR), which came into force a year ago, will affect the use of AI in at least three ways: by limiting the collection and use of data, restricting automated decision-making, and increasing compliance costs and risks. Unless the EU reforms the GDPR, Europe will fall behind others, such as the United States and China, in the development and use of AI.
Fortunately, there are steps policymakers can take to make targeted reforms without undermining the goals of the regulation. The EU should reform the GDPR for the algorithmic economy by expanding authorized uses of AI in the public interest, allowing the repurposing of data posing minimal risk, removing penalties for automated decision-making, permitting basic explanations of automated decisions, and making fines proportional to harm.
