European Union regulations on algorithmic decision-making and a "right to explanation"

Bryce Goodman, Seth Flaxman

Introduction

In April 2016, for the first time in over two decades, the European Parliament adopted a set of comprehensive regulations for the collection, storage and use of personal information, the General Data Protection Regulation (GDPR)Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) OJ L119/1. . The new regulation has been described as a “Copernican Revolution” in data protection law, “seeking to shift its focus away from paper-based, bureaucratic requirements and towards compliance in practice, harmonization of the law, and individual empowerment” . Much of the regulations are clearly aimed at perceived gaps and inconsistencies in the EU’s current approach to data protection. This includes, for example, the codification of the “right to be forgotten” (Article 17), and regulations for foreign companies collecting data from European citizens (Article 44).

However, while the bulk of language deals with how data is collected and stored, the regulation contains Article 22: Automated individual decision-making, including profiling (see figure 1) potentially prohibiting a wide swath of algorithms currently in use in, e.g. recommendation systems, credit and insurance risk assessments, computational advertising, and social networks. This raises important issues that are of particular concern to the machine learning community. In its current form, the GDPR’s requirements could require a complete overhaul of standard and widely used algorithmic techniques. The GDPR’s policy on the right of citizens to receive an explanation for algorithmic decisions highlights the pressing importance of human interpretability in algorithm design. If, as expected, the GDPR takes effect in its current form in mid-2018, there will be a pressing need for effective algorithms which can operate within this new legal framework.

Background

The General Data Protection Regulation is slated to go into effect in April 2018, and will replace the EU’s 1995 Data Protection Directive (DPD). On the surface, the GDPR merely reaffirms the DPD’s right to explanation and restrictions on automated decision-making. However, this reading ignores a number of critical differences between the two pieces of legislation.

First, it is important to note the difference between a Directive and a Regulation. While a Directive “set[s] out general rules to be transferred into national law by each country as they deem appropriate”, a Regulation is “similar to a national law with the difference that it is applicable in all EU countries” . In other words, the 1995 Directive was subject to national interpretation, and was only ever indirectly implemented through subsequent laws passed within individual member states . The GDPR, on the other hand, requires no enabling legislation to take effect. It does not direct the law of EU member states, it simply is the law for member states (or will be, when it takes effect).

Second, the DPD and GDPR are worlds apart in terms of the penalties that can be imposed on violators. Under the DPD, there are no explicit maximum fines. Instead, fines are determined on a country by country basis. By contrast, the GDPR introduces EU-wide maximum penalties of 20 million euro or 4%4\% of global revenue, whichever is greater (Article 83, Paragraph 5). For companies like Google and Facebook, this could mean fines in the billions.

Third, the scope of the GDPR is explicitly global (cf. Article 3, Paragraph 1). Its requirements do not just apply to companies that are headquartered in the EU but, rather, to any companies processing EU residents’ personal data. For the purposes of determining jurisdiction, it is irrelevant whether that data is processed within the EU territory, or abroad.

Before proceeding with analysis, we summarize some of the key terms employed in the GDPR as defined in Article 4: Definitions:

Personal data is “any information relating to an identified or identifiable natural person”

Data subject is the natural person to whom data relates

Processing is “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means”

Profiling is “any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person”

Thus profiling should be construed as a subset of processing, under two conditions: the processing is automated, and the processing is for the purposes of evaluation.

The GDPR calls particular attention to profiling aimed at “analys[ing] or predict[ing] aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements” (Article 4, Paragraph 4). Given the breadth of categories, it stands to reason that the GDPR’s desideratum for profiling errs on the side of inclusion, to say the least.

Article 22: Automated individual decision-making, including profiling, paragraph 1 (see figure 1) prohibits any “decision based solely on automated processing, including profiling” which “significantly affects” a data subject. Paragraph 2 specifies that exceptions can be made “if necessary for entering into, or performance of, a contract”, authorized by “Union or Member State law” or “based on the data subject’s explicit consent.” However, paragraph 3 states that, even in the case of exceptions, data controllers must “provide appropriate safeguards” including “the right to obtain human intervention…to express his or her point of view and to contest the decision.” . Paragraph 4 specifically prohibits automated processing “based on special categories of personal data” unless “suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests are in place”.

Note that this section does not address the conditions under which it is ethically permissible to access sensitive data—this is dealt with elsewhere (e.g. Article 7). Rather, it is implicitly assumed in this section that the data is legitimately obtained. Thus the provisions for algorithmic profiling are an additional constraint that apply even if the data processor has informed consent from data subjects.Cf. “consent of the data subject should not provide in itself a legal ground for processing such sensitive data”

These provisions present a number of practical challenges for the design and deployment of machine learning algorithms. This paper focuses on two: issues raised by the GDPR’s stance on discrimination and the GDPR’s “right to explanation.” Throughout, we highlight opportunities for researchers.

Non-discrimination

In general, discrimination might be defined as the unfair treatment of an individual because of his or her membership in a particular group, e.g. race, gender, etc. . The right to non-discrimination is deeply embedded in the normative framework that underlies the EU, and can be found in Article 21 of the Charter of Fundamental Rights of the European Union, Article 14 of the European Convention on Human Rights, and in Articles 18-25 of the Treaty on the Functioning of the European Union.

The use of algorithmic profiling for the allocation of resources is, in a certain sense, inherently discriminatory: profiling takes place when data subjects are grouped in categories according to various variables, and decisions are made on the basis of subjects falling within so-defined groups. It is thus not surprising that concerns over discrimination have begun to take root in discussions over the ethics of big data. Barocas and Selbst sum the problem up succinctly: “Big data claims to be neutral. It isn’t” . As the authors point out, machine learning depends upon data that has been collected from society, and to the extent that society contains inequality, exclusion or other traces of discrimination, so too will the data. Consequently, “unthinking reliance on data mining can deny members of vulnerable groups full participation in society” . Indeed, machine learning can reify existing patterns of discrimination—if they are found in the training dataset, then by design an accurate classifier will reproduce them. In this way, biased decisions are presented as the outcome of an ’objective’ algorithm.

Paragraph 71 of the recitals (the preamble to the GDPR, which explains the rationale behind it but is not itself law) explicitly requires data controllers to “implement appropriate technical and organizational measures” that “prevents, inter alia, discriminatory effects” on the basis of processing sensitive data. According to Article 9: Processing of special categories of personal data, sensitive data includes:

personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation…

It is important to note that paragraph 71 and Article 22 paragraph 4 specifically address discrimination from profiling that makes use of sensitive data. In unpacking this mandate, we must distinguish between two potential interpretations. The first minimal interpretation is that this directive only pertains to cases where an algorithm is making direct use of data that is explicitly sensitive. This would include, for example, variables that code for race, finances, or any of the other categories of sensitive information referred to in Article 9. However, it is widely acknowledged that simply removing certain variables from a model does not ensure predictions that are, in effect, uncorrelated to those variables (e.g. ). For example, if a certain geographic region has a high number of low income or minority residents, an algorithm that employs geographic data to determine loan eligibility is likely to produce results that are, in effect, informed by race and income.

Thus a second maximal interpretation, takes a broader view of ‘sensitive data’ to include not only those variables which are explicitly named, but also any variables with which they are correlated. This would put the onus on a data processor to ensure that algorithms are not provided with datasets containing variables that are correlated with the “special categories of personal data” in Article 9.

However, this interpretation also suffers from a number of complications in practice. With relatively small datasets it may be possible to both identify and account for correlations between sensitive and ‘non-sensitive’ variables. However, removing all data correlated with sensitive variables may make the resulting predictor virtually useless. As Calders and Verwer note, ”postal code can reveal racial information and yet at the same time, still give useful, non-discriminatory information on loan defaulting” .

Furthermore, as datasets become increasingly large, correlations can become increasingly complex and difficult to detect. The link between geography and income may be obvious, but less obvious correlations—say between IP address and race—are likely to exist within large enough datasets and could lead to discriminatory effects. For example, at an annual conference of actuaries, consultants from Deloitte explained that they can now “use thousands of ‘non-traditional’ third party data sources, such as consumer buying history, to predict a life insurance applicant’s health status with an accuracy comparable to a medical exam” . With sufficiently large data sets, the task of exhaustively identifying and excluding data features correlated with “sensitive categories” a priori may be impossible. Companies may also be reluctant to exclude certain covariates—web-browsing patterns are a very good predictor for various recommendation systems, but they are also correlated with sensitive categories.

A final challenge, which purging variables from the dataset does not address, is posed by what we term uncertainty bias. This bias arises when two conditions are met:

One group is underrepresented in the sampleNote that the underrepresentation of a minority in a sample can arise through historical discrimination or less access to technology, but it is also a feature of a random sample in which groups are by construction represented at their population rates. In public health and public policy research, minorities are sometimes oversampled to address this problem., so there is more uncertainty associated with predictions about that group

The algorithm is risk averse, so it will ceteris paribus prefer to make decisions based on predictions about which they are more confident (i.e. those with smaller confidence intervals )

In practice, this could mean that predictive algorithms (e.g. for loan approval) favor groups that are better represented in the training data, since there will be less uncertainty associated with those predictions. Uncertainty bias is illustrated in Figure 2. The population consists of two groups, white and non-whites. An algorithm is used to decide whether to extend a loan, based on the predicted probability that the individual will repay the loan. We repeatedly generated synthetic datasets of size 500, varying the true proportion of non-whites in the population. In every case, we set the true probability of repayment to be independent of group membership: all individuals have a 95% probability of repayment regardless of race. Using a logistic regression classifier, we consider a case in which loan decisions are made in a risk averse manner, by using the following decision rule: check whether the lower end of the 95% confidence interval for an individual is above a fixed “approval threshold” of 90%. In all cases, all white individuals will be offered credit since the true probability is 95% and the sample size is large enough for the confidence interval to be small. However, when the non-white population is any fraction less than 30% of the total population, they will not be extended credit due to the uncertainty inherent in the small sample.

Note that in practice, more complicated combinations of categories (occupation, location, consumption patterns, etc.) would be considered by a classifier and rare combinations will have very few observations. This issue is compounded in an active learning setting: consider the same setting, where non-whites and whites are equally likely to default. A small initial bias towards the better represented groups due will be compounded over time as the active learning acquires more examples of the better represented group and their overrepresentation grows.

The GDPR thus presents us with a dilemma with two horns: under the minimal interpretation the non-discrimination requirement is ineffective, under the maximal interpretation it is infeasible. However it would be premature to conclude that non-discrimination measures are without merit. Rather, the complexity and multifaceted nature of algorithmic discrimination suggests that appropriate solutions will require an understanding of how it arises in practice. This highlights the need for human-intelligible explanations of algorithmic decision making.

Right to explanation

The provisions outlined in Articles 13-15 specify that data subjects have the right to access information collected about them, and also requires data processors to ensure data subjects are notified about the data collected. However, it is important to distinguish between these rights, which may be termed the right to access and notification, and additional “safeguards for the rights and freedoms of the data subject” required under Article 22 when profiling takes place. Although the Article does not elaborate what these safeguards are beyond “the right to obtain human intervention”The exact meaning and nature of the intended intervention is unspecified, and the requirement raises a number of important questions that are beyond our current scope., Articles 13 and 14 state that, when profiling takes place, a data subject has the right to “meaningful information about the logic involved.” This requirement prompts the question: what does it mean, and what is required, to explain an algorithm’s decision?

Standard supervised machine learning algorithms for regression or classification are inherently based on discovering reliable associations / correlations to aid in accurate out-of-sample prediction, with no concern for causal reasoning or “explanation” beyond the statistical sense in which it is possible to measure the amount of variance explained by a predictor. As Mildebrandt writes, “correlations stand for a probability that things will turn out the same in the future. What they do not reveal is why this should be the case” . The use of algorithmic decisions in an increasingly wider range of applications has led some (e.g. ) to caution against the rise of a “black box” society and demand increased transparency in algorithmic decision-making. The nature of this requirement, however, is not always clear.

Burrell distinguishes between three barriers to transparency :

Intentional concealment on the part of corporations or other institutions, where decision making procedures are kept from public scrutiny

Gaps in technical literacy which mean that, for most people, simply having access to underlying code is insufficient

A “mismatch between the mathematical optimization in high-dimensionality characteristic of machine learning and the demands of human-scale reasoning and styles of interpretation”

Within the GDPR, Article 13: Information to be made available or given to the data subject goes some wayIt is not clear whether companies will be required to disclose their learning algorithms or training datasets and, if so, whether that information will be made public. towards the first barrier, stipulating that data processors inform data subjects when and why data is collected, processed, etc. Article 12: Communication and modalities for exercising the rights of the data subject attempts to solve the second by requiring that communication with data subjects is in “concise, intelligible and easily accessible form.” The third barrier, however, poses additional challenges that are particularly relevant to algorithmic selection and design. As Lisboa notes, “machine learning approaches are alone in the spectrum in their lack of interpretability” .

Putting aside any barriers arising from technical fluency, and also ignoring the importance of training the model, it stands to reason that an algorithm can only be explained if the trained model can be articulated and understood by a human. It is reasonable to suppose that any adequate explanation would, at a minimum, provide an account of how input features relate to predictions, allowing one to answer questions such as: Is the model more or less likely to recommend a loan if the applicant is a minority? Which features play the largest role in prediction?

There is of course a tradeoff between the representational capacity of a model and its interpretability, ranging from linear models (which can only represent simple relationships but are easy to interpret) to nonparametric methods like support vector machines and Gaussian processes (which can represent a rich class of functions but are hard to interpret). Ensemble methods like random forests pose a particular challenge, as predictions result from an aggregation or averaging procedure. Neural networks, especially with the rise of deep learning, pose perhaps the biggest challenge—what hope is there of explaining the weights learned in a multilayer neural net with a complex architecture? These issues have recently gained attention within the machine learning community and are becoming an active area of research . One promising avenue of research concerns developing algorithms to quantify the degree of influence of input variables on outputs, given black-box access to a trained prediction algorithm .

Conclusion

This paper has focused on two sets of issues raised by the forthcoming GDPR that are directly relevant to machine learning: the right to non-discrimination and the right to explanation. This is by no means a comprehensive overview of the potential challenges that will be faced by engineers as they adapt to the new framework. The ability of humans to intervene in algorithmic decision making, or for data subjects to provide input to the decision-making process, will also likely impose requirements on algorithmic design and require further investigation.

While the GDPR presents a number of problems for current applications in machine learning they are, we believe, good problems to have. The challenges described in this paper emphasize the importance of work that ensures that algorithms are not merely efficient, but transparent and fair. Research is underway in pursuit of rendering algorithms more amenable to ex post and ex ante inspection . Furthermore, a number of recent studies have attempted to tackle the issue of discrimination within algorithms by introducing tools to both identify and rectify cases of unwanted bias. It remains to be seen whether these techniques are adopted in practice. One silver lining of this research is to show that, for certain types of algorithmic profiling, it is possible to both identify and implement interventions to correct for discrimination. This is in contrast to cases where discrimination arises from human judgment. The role of extraneous and ethically inappropriate factors in human decision making is well documented (e.g., ), and discriminatory decision making is pervasive in many of the sectors where algorithmic profiling might be introduced (e.g. ). We believe that, properly applied, algorithms can not only make more accurate predictions, but offer increased transparency and fairness over their human counterparts (cf. ).

Above all else, the GDPR is a vital acknowledgement that, when algorithms are deployed in society, few if any decisions are purely “technical”. Rather, the ethical design of algorithms requires coordination between technical and philosophical resources of the highest caliber. A start has been made, but there is far to go. And, with less than two years until the GDPR takes effect, the clock is ticking.

References and Notes