Ethical Dimensions of the GDPR, AI Regulation, and Beyond

Abstract

Our digital society is changing rapidly, with emerging new technologies such as artificial intelligence (AI) and machine learning, robotics, and the internet of things. These changes trigger new fundamental ethical questions relating to privacy, data protection and other values, including human rights and the way they are affected by the extensive and intensive use of data for analytical and practical innovations. This article explores these ethical dimensions and the extent to which the European Union’s General Data Protection Regulation (GDPR) of 2018 takes ethics into account in relation to these socio-technical developments. More briefly, it looks similarly but more selectively at the EU’s proposed AI Act of 2021, which aims to regulate AI in relation to levels of risk.It concludes with some observations on desirable institutional arrangements for making and applying ethical judgements in the regulation of advanced technologies that use personal data.