Ethical Reflections on the Principle of Explainability in the GDPR and AI Act

In recent years, the significant increase in the use of big data and artificial intelligence systems has triggered a profound transformation in our society. To address this phenomenon, various new regulations have been introduced in Europe, including the GDPR and the AI Act, aimed at governing these changes. This thesis seeks to explore how the principle of "explainability" is regulated and ensured within the framework of European data protection laws, particularly when personal data is processed through automated procedures, and on artificial intelligence systems. The first chapter examines the right to explanation as regulated by the GDPR (Regulation (EU) No. 2016/679). In this context, the "right to explanation" refers to the user’s right to understand the mechanisms through which their personal data is processed. This right must be upheld by companies handling such data and should be safeguarded when users' personal data is processed by artificial intelligence systems, requiring the algorithms involved to be explainable. The second chapter analyses the right to explainability as governed by the AI Act (EU Artificial Intelligence Act). In this framework, the right to explainability pertains to ensuring that artificial intelligence systems, especially high-risk ones, are transparent and comprehensible to users. In the third and final chapter of the thesis, I develop an ethical reflection on the principle of explainability by referencing the content of the European regulations previously examined, specifically the AI Act and the GDPR. In particular, I focus on the ethical justifications underlying the principle of explainability and analyses the ethical challenges stemming from the current regulatory framework established by the GDPR and the AI Act.