Comparing definitions of data and information in data protection law and machine learning: A useful way forward to meaningfully regulate algorithms?

Abstract

The notion of information is central to data protection law, and to algorithms/machine learning. This centrality gives the impressions that algorithms are just yet another data processing operation to be regulated. A more careful analysis reveals a number of issues. The notion of personal data is notoriously under-defined, and attempts at clarification from an information theory perspective are also equivocal. The paper therefore attempts a clarification of the meaning of data and information in the context of information theory, which it uses in order to clarify the notion of personal data. In doing so, it shows that data protection law is grounded in the logic of knowledge communication, which stands in stark contrast with machine learning, which is predicated upon the logic of knowledge production, and hence, upon different definitions of data and information. This is what ultimately explains the failure of data protection to adequately regulate machine learning algorithms.