Abstract
The GDPR aims at strengthening the rights of data subjects and to build trust in the digital single market. This is manifested by the introduction of a new principle of transparency. It is, however, not obvious what this means in practice: What kind of answers can be expected to GDPR requests citing the right to “meaningful information”? This is the question addressed in this article. Seven insurance companies, representing 90–95% of the Swedish home insurance market, were asked by consumers to disclose information about how premiums are set. Results are presented first giving descriptive statistics, then characterizing the pricing information given, and lastly describing the procedural information offered by insurers as part of their answers. Overall, several different approaches to answering the request can be discerned, including different uses of examples, lists, descriptions of logic, legal basis as well as data related to the process of answering the requests. Results are analyzed in light of GDPR requirements. A number of potential improvements are identified—at least three responses are likely to fail the undue delay requirement. The article is concluded with a discussion about future work.
This research was partially supported by Länsförsäkringsgruppens Forsknings- & Utvecklingsfond, agreement no. P4/18.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
These figures are based on the official market statistics of Q4 2018 from Insurance Sweden (https://www.svenskforsakring.se/globalassets/statistik/importerad-statistik/statbranch/branschstatistik/2018/branschstatistik-q4-2018.pdf). Some uncertainty is introduced by the fact that only the 4 largest respondents are separately accounted for in the statistics, while the 3 smaller ones are lumped together in the ‘Other’ category. Furthermore, the statistics differentiate the markets for apartments (where the 4 large respondents had a 94.0% market share between them) and houses (where the 4 large respondents had a 90.3% market share between them).
References
Commission of the European Communities Communication on the protection of individuals in relation to the processing of personal data in the Community and information security. COM(90) p. 314 final
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Official J. Eur. Communities (OJ), L 281, 23.11.1995, pp. 31–50 (1995)
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official J. Eur. Union (OJ) L 119, 4.5. pp. 1–88. (2016). http://data.europa.eu/eli/reg/2016/679/oj
Article 29 data protection working party: guidelines on automated individual decision-making and Profiling for the purposes of Regulation 2016/679. WP251, adopted on 6 February 2018
Awad, N.F., Krishnan, M.S.: The personalization privacy paradox: an empirical evaluation of information transparency and the willingness to be profiled online for personalization. MIS Q. 30(1), 13–28 (2006). https://doi.org/10.2307/25148715
Delade meningar 2018 [Shared opinions 2018]. Technical report insight intelligence (2018). https://www.insightintelligence.se/delade-meningar/delade-meningar-2018
Edwards, L., Veale, M.: Enslaving the algorithm: from a “right to an explanation” to a “right to better decisions” ? IEEE Secur. Priv. 16(3), 46–54 (2018)
European Commission: The Digital Economy & Society Index (DESI) (2019). https://ec.europa.eu/digital-single-market/en/desi. Accessed 14 Jan 2019
European Data Protection Board: Endorsement 1/2018 on the Article 29 Working Party guidelines on the GDPR. adopted 25 May 2018
Fischer-Hübner, S., Angulo, J., Karegar, F., Pulls, T.: Transparency, privacy and trust - technology for tracking and controlling my data disclosures: does this work? In: Habib, S.M., Vassileva, J., Mauw, S., Mühlhäuser, M. (eds.) Trust Manage. X, pp. 3–14. Springer International Publishing, Cham (2016). https://doi.org/10.1007/978-3-319-41354-9_1
Kaminski, M.E.: The right to explanation, explained. Berkeley Technol. Law J. 34, 189 (2019)
Karegar, F.: Towards improving transparency, intervenability, and consent in HCI (2018), the 3. article was in manuscript form at the time of the licentiate defense: Karegar, F. /User Evaluations of an App Interface for Cloud-based Identity Management // Manuskript (preprint)
Kassen, M.: Understanding transparency of government from a Nordic perspective: open government and open data movement as a multidimensional collaborative phenomenon in Sweden. J. Global Inf. Technol. Manage. 20(4), 236–275 (2017). https://doi.org/10.1080/1097198X.2017.1388696
Nord, L.W.: Investigative journalism in Sweden: a not so noticeable noble art. Journalism 8(5), 517–521 (2007). https://doi.org/10.1177/1464884907081045
Öberg, U.: EU citizens’ right to know: the improbable adoption of a European freedom of information act. Cambridge Yearb. Eur. Legal Stud. 2, 303–328 (1999). https://doi.org/10.5235/152888712802815897
OECD: OECD reviews of digital transformation: going digital in Sweden (2018). https://doi.org/10.1787/9789264302259-en
Rossi, A., Palmirani, M.: A visualization approach for adaptive consent in the european data protection framework. In: 2017 Conference for E-Democracy and Open Government (CeDEM), pp. 159–170, May 2017. https://doi.org/10.1109/CeDEM.2017.23
Selbst, A.D., Powles, J.: Meaningful information and the right to explanation. Int. Data Priv. Law 7(4), 233–242 (2017)
Temme, M.: Algorithms and transparency in view of the new general data protection regulation. Eur. Data Prot. Law. Rev. 3, 473 (2017)
Turilli, M., Floridi, L.: The ethics of information transparency. Ethics Inf. Technol. 11(2), 105–112 (2009)
Wachter, S., Mittelstadt, B., Floridi, L.: Why a right to explanation of automated decision-making does not exist in the general data protection regulation. Int. Data Priv. Law 7(2), 76–99 (2017)
Wauters, E., Donoso, V., Lievens, E.: Optimizing transparency for users in social networking sites. Info 16(6), 8–23 (2014). https://doi.org/10.1108/info-06-2014-0026
Zweifel, P., Eisen, R.: Insurance Economics. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-20548-4
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Dexe, J., Ledendal, J., Franke, U. (2020). An Empirical Investigation of the Right to Explanation Under GDPR in Insurance. In: Gritzalis, S., Weippl, E.R., Kotsis, G., Tjoa, A.M., Khalil, I. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2020. Lecture Notes in Computer Science(), vol 12395. Springer, Cham. https://doi.org/10.1007/978-3-030-58986-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-58986-8_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-58985-1
Online ISBN: 978-3-030-58986-8
eBook Packages: Computer ScienceComputer Science (R0)