Algorithmic Creditworthiness and EU Fundamental rights: the Role of the GDPR and the AI Act
(2025) JAEM01 20251Department of Law
Faculty of Law
- Abstract
- This thesis examines how the EU Artificial Intelligence Act and the General
Data Protection Regulation (GDPR)regulate the use of AI in credit assess-
ment, with a focus on protecting fundamental rights such as transpar-
ency and non-discrimination. Using a doctrinal legal method, the analysis ex-
plores key legal obligations under both frameworks, including Article 22
GDPR, the classification of high-risk systems under the AI Act, and the role
of Data Protection Impact Assessments (DPIAs) and Fundamental Rights Im-
pact Assessments (FRIAs).
The findings show that while both legal instruments aim to safeguard individ-
uals from harm, gaps in clarity, enforceability, and oversight standards limit
their effectiveness. In particular,... (More) - This thesis examines how the EU Artificial Intelligence Act and the General
Data Protection Regulation (GDPR)regulate the use of AI in credit assess-
ment, with a focus on protecting fundamental rights such as transpar-
ency and non-discrimination. Using a doctrinal legal method, the analysis ex-
plores key legal obligations under both frameworks, including Article 22
GDPR, the classification of high-risk systems under the AI Act, and the role
of Data Protection Impact Assessments (DPIAs) and Fundamental Rights Im-
pact Assessments (FRIAs).
The findings show that while both legal instruments aim to safeguard individ-
uals from harm, gaps in clarity, enforceability, and oversight standards limit
their effectiveness. In particular, the thesis identifies challenges in defining
automated decision-making, ensuring meaningful human oversight, and op-
erationalising FRIA obligations in practice.
By comparing regulatory mechanisms and highlighting a practical example,
the thesis concludes that the current EU framework forms a strong foundation
but requires further clarification, enforcement coordination, and institutional
support to ensure that AI-driven credit decisions are not only compliant, but
also fair and just. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/9208618
- author
- Smits, Bas LU
- supervisor
-
- Ana Nordberg LU
- organization
- course
- JAEM01 20251
- year
- 2025
- type
- H1 - Master's Degree (One Year)
- subject
- keywords
- Artificial Intelligence, Creditworthiness Assessment, Algorithmic Decision-Making, Automated Credit Scoring, European Union Law, General Data Protection Regulation (GDPR), EU Artificial Intelligence Act, Fundamental Rights, Non-Discrimination, Transparency, Data Protection, Profiling, Article 22 GDPR, High-Risk AI Systems, Fundamental Rights Impact Assessment (FRIA), Data Protection Impact Assessment (DPIA), Human Oversight, Explainable AI (XAI), Algorithmic Bias, AI Regulation in Finance, Financial Services Regulation, Ethical AI, Machine Learning in Lending, Credit Scoring Regulation, Digital Discrimination, AI Accountability, SCHUFA Judgment, AI
- language
- English
- id
- 9208618
- date added to LUP
- 2025-07-09 15:25:59
- date last changed
- 2025-07-09 15:25:59
@misc{9208618,
abstract = {{This thesis examines how the EU Artificial Intelligence Act and the General
Data Protection Regulation (GDPR)regulate the use of AI in credit assess-
ment, with a focus on protecting fundamental rights such as transpar-
ency and non-discrimination. Using a doctrinal legal method, the analysis ex-
plores key legal obligations under both frameworks, including Article 22
GDPR, the classification of high-risk systems under the AI Act, and the role
of Data Protection Impact Assessments (DPIAs) and Fundamental Rights Im-
pact Assessments (FRIAs).
The findings show that while both legal instruments aim to safeguard individ-
uals from harm, gaps in clarity, enforceability, and oversight standards limit
their effectiveness. In particular, the thesis identifies challenges in defining
automated decision-making, ensuring meaningful human oversight, and op-
erationalising FRIA obligations in practice.
By comparing regulatory mechanisms and highlighting a practical example,
the thesis concludes that the current EU framework forms a strong foundation
but requires further clarification, enforcement coordination, and institutional
support to ensure that AI-driven credit decisions are not only compliant, but
also fair and just.}},
author = {{Smits, Bas}},
language = {{eng}},
note = {{Student Paper}},
title = {{Algorithmic Creditworthiness and EU Fundamental rights: the Role of the GDPR and the AI Act}},
year = {{2025}},
}