data processing

Necessity of confrontation with coronavirus pandemic has moved governments toward taking a variety of actions in the field of defeating coronavirus (including data processing) which have influenced different aspects of life of citizens and caused many legal challenges in relation to the privacy of citizens in the time of corona outbreak. Comparative and descriptive-analytical method study of legal frameworks governing the right to privacy in the U.S., China, France, and Iran reveals that governments on the basis of special authorizations have taken actions during the pandemic which would be considered as violations to privacy in normal circumstances. French legal system has protected privacy in a centralized and transparent manner and based on accountability and responsibility which mostly is due to the existence of a controller entity. China law because of comprehensive legislations and regulations and citizens’ trust in legal and political systems faced few challenges. Iranian law despite the legal and jurisprudential foundations for the protection of privacy is faced with legislation lack and absence of a controller and accountable entity for data processing, and in U.S. law there have been serious legal challenges because of the dual nature of federal and state system and lack of a holistic approach toward the right to privacy and lack of a supervisor entity on data processing. Furthermore, courts have limited the scope of the government's authority in dealing with the coronavirus in relation to privacy matters. In China and France, the government's entry into the field of privacy has been more serious, with the difference that transparency and compliance with the principles of citizen's rights have been in a better state in France. On the other hand, in American law, the least invasion of privacy has been done. In Iran, the lack of clear laws and guidelines can cause privacy concerns.

Artificial intelligence is built on technologies such as machine learning and deep learning neural networks, whose performance relies on a vast amount of high-quality data. Personal data is an indispensable resource for the development of artificial intelligence and the improvement of the efficiency of AI algorithms. Personal data is attributed to individuals and part of an individual's rights and obligations in the analog space can, depending on the case, have a close connection with its proper processing, which ensures the benefits for the data subject and prevents harm against them. Before the advent of artificial intelligence, the volume of personal data processing was relatively small and limited compared to AI; thus, the General Data Protection Regulations (2016) has mandated duties for each instance of personal data processing for the controller and has also determined rights for the data subject regarding each instance of personal data processing. However, considering the technical nature of artificial intelligence, the application of these rules to the algorithmic processing of personal data is fraught with difficulties. This article examines the challenges of the GDPR in protecting personal data under the processing of AI systems and analyzes legislative solutions for protecting personal data in the field of artificial intelligence. The major question of this article is, what is the legislative solution to overcome the challenge of personal data protection in algorithmic processes? This research is conducted using a descriptive-analytical method.