Automated Decision Making and Personal Data Protection in Intelligent Tutoring Systems: Design Guidelines

This paper analyzes the importance of Indonesia's comprehensive legal framework on automated decision-making empowered by Artificial Intelligence, comparing it to the European Union, the United States, and China. Specifically, this paper inquires about the status quo of the legal protection of automated decision-making In Indonesia. The analysis highlights profiling in an automated decision-making system with the following discussion about personal data protection. In this context, the European Union's member states set out the General Data Protection Regulation (GDPR) that prohibits automated decision-making to a certain extent. In the United States, the practice of automated decision-making is rather usual. Simultaneously, China takes an exceptional measure instead and develops this automation through a social credit system. The analysis concludes that Indonesia has weak legal protection towards personal data and profiling, which later becomes the basis in facilitating automated decision-making. The provision of automated decision-making and profiling is the absolute bare minimum to Indonesia's Personal Data Protection Bill due to insufficient legal certainty. In the end, it is paramount for lawmakers to consider a comprehensive regulation on automated decision-making by adopting the European Union's GDPR framework. KEYWORDS: Artificial Intelligence, Automated Decision-Making, Personal Data Protection.

Download Full-text

Personal Data Protection in the Decision-Making of the CJEU Before and After the Lisbon Treaty

TalTech Journal of European Studies ◽

10.2478/bjes-2021-0020 ◽

2021 ◽

Vol 11 (2) ◽

pp. 167-188

Author(s):

Ondřej Pavelek ◽

Drahomíra Zajíčková

Keyword(s):

Decision Making ◽

Data Protection ◽

Online Communication ◽

Personal Data ◽

The European Union ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

Eu Legislation ◽

Before And After ◽

Long Time

Abstract Personal data protection is one of the important areas of the EU’s operation and the general public is especially aware of the General Data Protection Regulation (GDPR). However, personal data protection has been an issue in the EU for a long time. The Court of Justice of the European Union (CJEU) plays a major role in personal data protection as their function is to interpret EU law and thus also EU legislation related to personal data protection. Until now, research papers have tackled specific issues related to interpreting EU legislation or analyses of specific decisions made by the CJEU. However, no comprehensive empirical legal study has been published so far which would evaluate the decision-making of the CJEU in the area of personal data protection using a combination of quantitative and qualitative methods. Therefore, no analysis has been carried out to determine how many decisions of the CJEU have been related to personal data protection, how their number has increased, or which participants and from which areas have participated in the proceedings. The results of the analysis presented here can be used as a basis for studying the future development of the CJEU’s decision-making in the area of personal data protection in relation to digitization and especially to the COVID-19 pandemic, which undoubtedly has contributed to a significant increase in online communication, posing new challenges towards a more efficient personal data protection in the online world.

Download Full-text

AUTOMATED DECISION MAKING IN ADMINISTRATIVE PROCEDURE – MYTH OR REALITY?

Nauka bezbednost policija ◽

10.5937/nabepo25-28953 ◽

2021 ◽

Vol 25 (3) ◽

Author(s):

Zoran R. Jovanovic ◽

Stefan Andonović

Keyword(s):

Decision Making ◽

Personal Data ◽

Legal Framework ◽

Electronic Government ◽

Personal Data Protection ◽

Administrative Procedure ◽

The Law ◽

The Republic ◽

Automated Decision Making ◽

Near Future

In this paper the authors analyze the possibility of automated decision making in the administrative procedure, as one of the aspects of the development of e-administration. Services of e-administration are developing and expanding to numerous aspects of administrative work, with administrative decision-making being one of the most important and intriguing aspect. Having that in mind, the authors defined the term automated decision making and researched the question whether the legal framework of the Republic of Serbia enables the implementation of new, digital forms of administrative decision making. For that purpose, relevant provisions of the Law on General Administrative Procedure, the Law on Electronic Government and the Law on Personal Data Protection have been analyzed. The authors identified the situations of general administrative procedure within which it would be possible to consider practically, and in the near future normatively as well, the introduction of an automated decision making in the administrative procedure. A lesser portion of the paper is dedicated to the prerequisites and risks related to human rights and liberties when it comes to automated decision making in the administrative procedure.

Download Full-text

Article 4(4). Profiling

The EU General Data Protection Regulation (GDPR) ◽

10.1093/oso/9780198826491.003.0010 ◽

2020 ◽

Author(s):

Lee A. Bygrave

Keyword(s):

Decision Making ◽

Impact Assessment ◽

Data Protection ◽

Information Society ◽

Personal Data ◽

Article 5 ◽

Automated Decision Making ◽

Right Of Access ◽

Legal Grounds

Article 3(2)(b) (Monitoring of data subjects’ behaviour); Article 5 (Principles relating to processing of personal data); Article 6 (Legal grounds for processing of personal data); Article 8 (Conditions applicable to children’s consent in relation to information society services) (see also recital 38); Article 13(2)(f) (Information on the existence of automated decision-making, including profiling) (see also recital 60); Article 14(2)(g) (Information on the existence of automated decision-making, including profiling) (see also recital 60); Article 15(1)(h) (Right of access regarding automated decision-making, including profiling) (see also recital 63); Article 21 (Right to object) (see also recital 70); Article 22 (Automated decision-making, including profiling) (see also recital 71); Article 23 (Restrictions) (see also recital 73); Article 35(3)(a) (Data protection impact assessment) (see also recital 91); Article 47(2)(e) (Binding corporate rules); Article 70(1)(f) (EDPB guidelines on automated decisions based on profiling)/

Download Full-text

Contributions of minimax theory to instructional decision making in intelligent tutoring systems

Computers in Human Behavior ◽

10.1016/s0747-5632(99)00035-7 ◽

1999 ◽

Vol 15 (5) ◽

pp. 531-548 ◽

Cited By ~ 1

Author(s):

H.J. Vos

Keyword(s):

Decision Making ◽

Intelligent Tutoring Systems ◽

Intelligent Tutoring ◽

Tutoring Systems ◽

Instructional Decision Making ◽

Minimax Theory ◽

Instructional Decision

Download Full-text

Article 22 Automated individual decision-making, including profiling

The EU General Data Protection Regulation (GDPR) ◽

10.1093/oso/9780198826491.003.0055 ◽

2020 ◽

Author(s):

Lee A. Bygrave

Keyword(s):

Decision Making ◽

Impact Assessment ◽

Data Protection ◽

Personal Data ◽

Individual Decision Making ◽

Definition Of ◽

Article 5 ◽

Automated Decision Making ◽

Right Of Access ◽

Legal Grounds

Article 3(2)(b) (Monitoring of data subjects’ behaviour); Article 4(4) (Definition of ‘profiling’); Article 5(1)(a) (Fair and transparent processing) (see also recitals 39 and 60); Article 5(2) (Accountability); Article 6 (Legal grounds for processing of personal data); Article 8 (Conditions applicable to children’s consent in relation to information society services); Article 12 (see too recital 58); Article 13(2)(f) (Information on the existence of automated decision-making); Article 14(2)(g) (Information on the existence of automated decision-making); Article 15(1)(h) (Right of access regarding automated decision-making); Article 21 (Right to object) (see also recital 70); Article 23 (Restrictions); Article 35(3)(a) (Data protection impact assessment) (see too recital 84); Article 47(2)(e) (Binding corporate rules); Article 70(1)(f) (EDPB guidelines on automated decisions based on profiling).

Download Full-text