EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • According to ECJ, scoring algorithms in breach of GDPR

    According to ECJ, scoring algorithms in breach of GDPR

    Written by
    The Editorial Team
    12.22.23
    Digital Sovereignty
    01
    MIN
    According to ECJ, scoring algorithms in breach of GDPR
    According to ECJ, scoring algorithms in breach of GDPR
    According to ECJ, scoring algorithms in breach of GDPR
    Image European Union to study Mistral AI / Microsoft partnership 
    Digital Sovereignty
    03.08.24 Digital Sovereignty
    Next article
    European Union to study Mistral AI / Microsoft partnership 
    Read
    02
    MIN
    Image Government administration: France and Germany join forces to develop sovereign tools
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    Government administration: France and Germany join forces to develop sovereign tools
    Read
    02
    MIN
    Image Nuclear power: EDF entrusts part of its cloud to AWS
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    Nuclear power: EDF entrusts part of its cloud to AWS
    Read
    02
    MIN
    Image iMessage, Bing and Edge will not be subject to DMA
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    iMessage, Bing and Edge will not be subject to DMA
    Read
    02
    MIN

    Giving “scoring algorithms […] decisive role” in contractual decision-making deemed illegal.

    On December 7, 2023, the European Court of Justice (ECJ) handed down its first decision involving the GDPR’s article on automated individual decision-making. The ruling thus enacts a ban on individual scoring algorithms if they play a “decisive” part in contractual decisions.

    The dispute involved SCHUFA, Germany’s largest private credit bureau. The latter scores its customers according to their solvency; the rating plays a crucial role in loan grants. The ECJ ruled that the use of personal data violated the GDPR, and was thus illegal.

    The decision makes it clear that the GDPR only authorizes the use of automated scoring in three cases: with the explicit consent of individuals or through contractual and/or legal obligation. Commercial or “legitimate interests” therefore do not constitute grounds for this practice.

    The ruling will have significant consequences on the many services that resort to scoring algorithms, particularly in insurance and credit. In France, the national benefits office (CNAF) has been using this particular type of automated algorithm since 2010. It is particularly used to trigger home checks in cases of suspected fraud. The ECJ’s judgment may lead to its ban.

    The Editorial Team
    12.22.23
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image European Union to study Mistral AI / Microsoft partnership 
    Digital Sovereignty
    03.08.24 Digital Sovereignty
    Next article
    European Union to study Mistral AI / Microsoft partnership 
    Read
    02
    MIN
    Image Government administration: France and Germany join forces to develop sovereign tools
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    Government administration: France and Germany join forces to develop sovereign tools
    Read
    02
    MIN
    Image Nuclear power: EDF entrusts part of its cloud to AWS
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    Nuclear power: EDF entrusts part of its cloud to AWS
    Read
    02
    MIN
    Image iMessage, Bing and Edge will not be subject to DMA
    Digital Sovereignty
    03.05.24 Digital Sovereignty
    Next article
    iMessage, Bing and Edge will not be subject to DMA
    Read
    02
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.