The General Data Protection Regulation applies to any AI system that processes personal data of individuals in the EU, regardless of where the organization is based. GDPR was not written specifically for AI, but its principles create binding constraints on how machine learning models are trained, deployed, and maintained. Organizations building AI systems must understand where GDPR intersects with their ML workflows and what compliance requires in practice.

Lawful Basis for AI Data Processing

Every use of personal data in an AI system requires a lawful basis under Article 6 of GDPR. The six lawful bases are consent, contract, legal obligation, vital interests, public task, and legitimate interest. For AI systems, the most commonly used bases are consent and legitimate interest.

Consent requires specific, informed, and unambiguous agreement from the data subject. Blanket consent through terms of service is insufficient. For AI training data, this means subjects must know their data will be used for model training, what kind of model, and for what purpose. Consent can be withdrawn at any time, which creates operational challenges for models already trained on that data.

Legitimate interest requires a balancing test between the organization’s interest and the rights of the data subject. The European Data Protection Board (EDPB) issued an opinion in 2024 clarifying that legitimate interest can serve as a legal basis for AI model development, but organizations must document the balancing test and demonstrate that the processing is necessary and proportionate.

The EDPB opinion also addressed what happens when an AI model is trained on unlawfully processed data. If the data was unlawful at training time, the resulting model may itself be considered non-compliant, even if the original data is later deleted.

Data Minimization and Purpose Limitation

Article 5 of GDPR requires that personal data be adequate, relevant, and limited to what is necessary. For AI systems, this means collecting only the data required for the specific purpose and not repurposing training data for unrelated models without a fresh legal basis.

Purpose limitation creates significant constraints on AI development workflows. Organizations cannot repurpose training data for new ML projects without proper justification, share datasets across business units without considering original collection purposes, or use data from one AI system to train unrelated models. Each new use of personal data requires its own legal basis.

In practice, data minimization means AI teams should implement data inventories that track what personal data is used in which models, apply anonymization or pseudonymization where possible before training, document why each data field is necessary for the model’s purpose, and establish retention policies that delete training data when no longer needed.

Automated Decision-Making and Article 22

Article 22 gives individuals the right not to be subject to decisions based solely on automated processing that produce legal effects or similarly significant effects. This applies directly to AI systems used for credit scoring, hiring decisions, insurance underwriting, benefit eligibility, and similar use cases.

When Article 22 applies, organizations must provide meaningful information about the logic involved, the significance of the processing, and the envisaged consequences. This is often referred to as the “right to explanation,” though the regulation does not use that exact phrase.

Compliance with Article 22 requires either obtaining explicit consent, establishing that the decision is necessary for a contract, or finding authorization in EU or member state law. In all cases, the organization must implement suitable safeguards including the right to obtain human intervention, express a point of view, and contest the decision.

For AI systems, this means maintaining the ability to explain individual decisions in terms a non-technical person can understand, providing a mechanism for human review of automated decisions, and documenting the decision logic in a way that can be communicated to data subjects on request.

Data Protection Impact Assessments for AI

Article 35 requires a Data Protection Impact Assessment (DPIA) when processing is likely to result in a high risk to the rights and freedoms of individuals. AI systems that process personal data at scale, use profiling, or make automated decisions almost always trigger this requirement.

A DPIA for an AI system must describe the processing operations and their purposes, assess the necessity and proportionality of the processing, evaluate risks to data subjects, and identify measures to address those risks. The assessment should be conducted before the system goes into production and updated when the processing changes materially.

The EDPB Position on AI Models

The EDPB’s 2024 opinion examined whether AI models themselves can be considered anonymous. If a model cannot be used to extract or reconstruct personal data about individuals in its training set, it may be treated as anonymous data. However, this requires demonstrating that the model does not memorize or leak training data, which is not straightforward for large language models or other systems trained on personal data.

This creates a practical framework: if an organization can demonstrate that its trained model is effectively anonymous, GDPR obligations may not apply to the model itself, even if they applied to the training data. However, the burden of proof lies with the organization.

Enforcement Landscape

GDPR penalties reach up to 4% of global annual revenue or 20 million euros, whichever is higher. As of 2025, GDPR is being used as the primary enforcement tool for AI regulation while AI-specific rules under the EU AI Act are still being phased in. Data protection authorities across the EU have increased scrutiny of AI systems, with several enforcement actions targeting AI companies for insufficient legal basis, inadequate transparency, or failure to conduct DPIAs.

Organizations should treat GDPR compliance not as a one-time project but as a continuous obligation that evolves alongside their AI systems.