Fines for GDPR violations can reach up to 4% of annual global turnover — this is not an abstract risk but concrete invoices. A single non-compliance penalty can exceed €10 million. We help implement GDPR-compliant systems that eliminate such risks. Are you deploying a credit scoring model or a candidate screening system? Then Article 22 GDPR already applies. Average savings from a prevented fine range from €100,000 to €1,000,000, and the cost of audit and technical mitigation pays for itself within 4–10 weeks.
The problem: most ML engineers think compliance is a lawyer's task. In reality, it's an engineering challenge with a clear set of technical requirements: explainability of decisions, data protection in the pipeline, data lifecycle management. Without these solutions, your AI system can be deemed non-compliant.
From our practice: one insurance company faced a DPA order due to the lack of an explanation mechanism for denials. After an audit, we identified 12 PII features and implemented a full compliance cycle in 8 weeks. Details are in the "Practical Case" section. SHAP provides 40% higher accuracy for local explanations compared to LIME on tabular data — this is critical for fulfilling the right to explanation. Get a consultation for a preliminary audit of your system.
Why Your AI System Must Be GDPR Compliant
GDPR Art. 22 prohibits decisions based solely on automated processing if they have legal or significant effects on the data subject — without the possibility of human intervention and a "meaningful explanation of the logic" of the decision.
A "meaningful explanation" is not a dump of feature importance. It is an explanation that the data subject can understand and contest. Case law (CJEU, C-634/21) clarifies: the system must be able to provide specific factors that influenced the decision for that individual.
Technically, this means local explainability for each decision (SHAP values per prediction, not global feature importance) + human-readable format + a human review mechanism (API or operator interface).
How to Implement Privacy by Design in the ML Pipeline
Privacy by Design (Art. 25 GDPR) requires embedding data protection into the architecture, not adding it later. For ML, this means concrete technical solutions.
Data Minimization
The model should only be trained on data necessary for the task. In practice, this means feature selection with privacy-constrained optimization: removing features with high correlation to PII and low contribution to quality (by permutation importance). Data minimization reduces privacy risk by 30–50% without significant loss of AUC.
You don't need a full customer profile to predict churn — you need behavioral patterns. The difference in feature sets often has a minimal impact on metrics but significantly reduces leakage risk.
Pseudonymization and Anonymization in the Pipeline
Personal identifiers (names, emails, phone numbers, document IDs) must not directly enter the training dataset. Pseudonymization: replace with a hash or synthetic ID, store mapping separately with restricted access.
For LLMs and NLP: Named Entity Recognition (spaCy + custom NER model) to automatically detect and mask PII in texts before passing to the model. Microsoft Presidio is a ready-made solution for most PII types.
Differential Privacy in Training
For scenarios with high membership inference attack risk (medical data, finance), apply Differential Privacy (DP) during training. The Opacus library (PyTorch) adds calibrated noise to gradients. At epsilon=1.0 (strict DP), accuracy drops by 5–15% depending on the task. At epsilon=10 (soft DP), the loss is typically 1–3% — this preserves model quality while significantly reducing risk.
from opacus import PrivacyEngine
privacy_engine = PrivacyEngine()
model, optimizer, data_loader = privacy_engine.make_private_with_epsilon(
module=model,
optimizer=optimizer,
data_loader=data_loader,
epochs=10,
target_epsilon=1.0,
target_delta=1e-5,
max_grad_norm=1.0,
)
Choosing the privacy budget is a joint decision between the technical team and the DPO.
What About Retention Policy?
A typical problem: training data stored indefinitely. GDPR requires a retention policy. For ML systems, this means:
- A policy to delete training data after N months
- A machine unlearning mechanism to fulfill the right to erasure (Art. 17): remove specific data subject data from the training set and retrain or correct the model
- Audit log: who, when, why accessed PII in the pipeline
Machine Unlearning: Technical Approaches
Machine unlearning is technically challenging for large models. Practical approaches: SISA (Sharded, Isolated, Sliced, Aggregated) training to simplify segment retraining; approximate unlearning via gradient updates; or documenting that the subject's data constitutes < X% of the dataset and its impact is negligible. SISA accelerates retraining by 5x compared to full retraining.
How to Organize Human Review in an AI System
Human review (human in the loop) is required by Art. 22(3) GDPR: the subject must be able to request human intervention. Technically, this is a REST API or operator interface that:
- Receives decision details (input data, SHAP values, confidence)
- Allows the operator to review the decision and make a final call
- Logs the override with justification
- Maintains an audit log of all actions
Practical Case: Insurance Company
From our practice: client — an insurance company, ML model for risk assessment. DPA audit revealed: the model processes 47 features, 12 of which are direct or indirect PII; no explanation mechanism for denials; training data stored for 7 years without retention policy.
Work on GDPR compliance:
- PII audit of features: 6 features removed as redundant (AUC loss = 0.004), 6 pseudonymized.
- Explainability: integrated TreeSHAP into inference API. For each decision → top 5 factors in JSON + human-readable template. Latency +40ms.
- Human review endpoint: REST API for operator — get decision details, send to live underwriter for review, record override with justification.
- Retention policy: training data → 24 months, afterwards aggregated statistics without PII.
- DPIA: documentation per Art. 35.
Duration: 8 weeks. DPA audit passed. Contact us for a preliminary audit of your system.
Comparison of Explainability Methods for GDPR
| Method | Type | GDPR-compliant | Application |
|---|---|---|---|
| SHAP | Local | Yes | Tabular data, trees |
| LIME | Local | Yes | Any model |
| Global feature importance | Global | No | Only for reports |
| Grad-CAM | Local (for CV) | Yes | Images |
Local explainability (SHAP) provides a personal explanation, unlike global feature importance, which does not satisfy GDPR requirements. SHAP shows 40% higher accuracy than LIME on tabular data.
GDPR Compliance Checklist for AI Systems
| Requirement | GDPR Article | Technical Solution |
|---|---|---|
| Legal basis for processing | Art. 6 | Documentation, consent management |
| Right to explanation | Art. 22 | SHAP/LIME + human-readable output |
| Human review | Art. 22(3) | Review API + audit log |
| Data minimization | Art. 5(1)(c) | Feature selection, privacy-constrained |
| Pseudonymization of PII | Art. 25 | Presidio, custom NER + masking |
| Right to erasure | Art. 17 | Machine unlearning or SISA |
| Retention policy | Art. 5(1)(e) | Automatic scheduled deletion |
| DPIA | Art. 35 | Documentation for high-risk systems |
| Security of processing | Art. 32 | Encryption at rest/in transit, access control |
What's Included
- Analysis of existing ML system for GDPR compliance (gap analysis)
- Feature and data audit (PII detection, data minimization)
- Implementation of explainability (SHAP, LIME, human-readable output)
- Privacy by Design integration (pseudonymization, DP, retention)
- Creation of Human Review API and audit logs
- DPIA documentation preparation
- Integration into existing MLOps pipeline
- Team training and post-implementation support
Request a consultation — we will assess your system and propose a plan for GDPR compliance.
Timelines
GDPR audit of an existing system: 2–3 weeks — data analysis, feature analysis, process review, gap analysis.
Technical mitigation: 4–10 weeks depending on scope — implementation of explainability, PII masking, retention, human review.
DPIA documentation: in parallel, 1–2 weeks if technical data is available.
Our team has extensive experience in AI system implementation and over 30 projects in GDPR compliance. We guarantee passing DPA audit. Get a consultation for a detailed assessment of your project — from audit to full turnkey implementation.







