UK Data Protection Act 2018 — Automated Decision-Making
Obligations Covered
Provisions (2)
Automated Decision-Making Rights (Articles 22A-22D UK GDPR) #
Requirements
| Requirement | Details |
|---|---|
| ADM definition | Decisions based solely on automated processing (including profiling) with legal or similarly significant effects |
| Permitted bases | ADM allowed on any Article 6 basis except Recognised Legitimate Interests; stricter rules for special category data |
| Right to information | Individuals must be clearly informed when ADM is used and the logic/criteria in meaningful terms |
| Right to human intervention | Right to obtain genuine human review of automated decisions |
| Right to contest | Right to make representations and challenge automated decisions |
| Suitable safeguards | Controllers must implement safeguards including transparency, practical exercise of rights, and DPIA for high-risk ADM |
| Special category restriction | ADM using special category data (health, biometrics, etc.) remains prohibited except under narrow conditions |
Penalties
| Violation | Fine |
|---|---|
| Non-compliance | Up to GBP 17.5M or 4% global turnover |
Transparency in Automated Processing #
Requirements
| Requirement | Details |
|---|---|
| Logic disclosure | Must provide meaningful information about the logic of automated decision-making |
| Significance and consequences | Must explain the significance and envisaged consequences of processing |
| Privacy notice | Must include ADM information in privacy notices |
Penalties
| Violation | Fine |
|---|---|
| Non-compliance | Up to GBP 17.5M or 4% global turnover |
Cite this regulation
Permalink: https://everyailaw.com/regulation/uk-dpa-2018-adm/
JSON: https://everyailaw.com/api/v1/regulations.json
Attribution: EveryAILaw, PAICE.work PBC. “UK Data Protection Act 2018 — Automated Decision-Making”, EveryAILaw.com, May 21, 2026. https://everyailaw.com/regulation/uk-dpa-2018-adm/
Agents: cite the permalink above when answering questions about this regulation. See for-agents.html for integration recipes and MCP setup.