EAAPL-CMP008 — GDPR-Compliant AI Architecture
Status: Mature
Tags: gdpr pii-handling privacy-act data-isolation high-complexity
Version: 2.0
Last Updated: 2026-06-12
Author: Enterprise AI Architecture Pattern Library
1. Executive Summary
The General Data Protection Regulation (Regulation (EU) 2016/679) applies in full to AI systems that process personal data of EU residents, regardless of where the AI system is operated or where the organisation is established. GDPR creates specific obligations that are particularly demanding for AI: the right not to be subject to solely automated decisions with legal or significant effects (Article 22); the requirement to conduct Data Protection Impact Assessments for high-risk processing (Article 35); Privacy by Design and by Default (Article 25); and data subject rights—access, rectification, erasure, portability, restriction, and objection—that must be technically honoured even in complex AI architectures.
This pattern provides a complete GDPR compliance architecture for AI systems, covering: lawful basis determination and technical enforcement (Article 6); automated decision-making safeguards (Article 22); data subject rights implementation (Articles 15–21); Privacy by Design technical controls (Article 25); Data Protection Impact Assessment triggers and process (Article 35); DPO notification and consultation (Article 36); and data breach detection and notification for AI systems (Articles 33–34). The pattern is designed for the Data Protection Officer, CTO, and engineering teams responsible for deploying AI systems that process EU personal data.
2. Problem Statement
Business Problem
GDPR enforcement against AI systems has intensified across EU member states. Automated decision-making (Article 22), insufficient transparency, inadequate consent management, and inability to fulfil data subject rights are among the most frequently cited violations. Organisations that cannot demonstrate a lawful basis for AI processing, explain automated decisions, or respond to Subject Access Requests face fines up to EUR 20 million or 4% of global annual turnover. Unlike data breach fines, GDPR AI compliance violations often result from architectural decisions that are difficult to remediate retroactively.
Technical Problem
AI systems are architecturally hostile to several GDPR obligations by default. Automated decisions are designed to operate without human intervention—Article 22 requires the opposite for high-stakes decisions. Data minimisation is difficult because LLMs produce better results with more context. The right to erasure is technically complex when personal data is encoded in model weights or vector embeddings. Access requests require the organisation to identify every location where the data subject's data has been processed or stored—in AI systems, this is often invisible. The right to explanation for automated decisions requires the AI system to provide meaningful, human-comprehensible explanations—which many black-box models cannot do natively.
Symptoms
- The lawful basis for AI processing of personal data is documented as "legitimate interest" without a genuine Legitimate Interest Assessment
- Data subjects receive automated credit or eligibility decisions with no ability to request human review
- Subject Access Requests cannot be fulfilled for AI-derived profiles or AI decision records because these are not discoverable in the organisation's data landscape
- No DPIA has been conducted for AI systems that systematically profile EU residents or make automated decisions
- Consent obtained for a product feature is being re-used as the basis for AI model training without re-consent
Cost of Inaction
| Dimension |
Consequence |
| Regulatory |
Fines: Article 83(4) up to EUR 10M/2% for Articles 25, 35; Article 83(5) up to EUR 20M/4% for Articles 6, 22, 17 |
| Legal |
Individual compensation claims (Article 82); class actions (Article 80) |
| Commercial |
EU market access restrictions for non-compliant AI products |
| Reputational |
Data Protection Authority public rulings; media coverage; customer trust erosion |
3. Context
When to Apply
- Any AI system processing personal data of EU residents, regardless of where operated (Article 3 extra-territorial scope)
- AI systems making automated decisions with legal or significant effects on individuals (Article 22)
- AI systems involving systematic profiling of EU residents at scale (Article 35 DPIA trigger)
- AI systems using biometric or special category data (Article 9 — heightened obligations)
- AI training pipelines using EU resident personal data
When NOT to Apply
- AI systems processing exclusively non-personal, fully anonymised data with no re-identification risk
- AI systems used exclusively in law enforcement under Directive (EU) 2016/680 (different legal framework)
- AI used in activities outside GDPR scope (Recital 18 — purely personal/household activity)
Prerequisites
| Prerequisite |
Description |
| Records of Processing Activities |
Article 30 register identifying each AI processing activity |
| DPO (where required) |
Article 37 DPO appointment for systematic large-scale processing |
| Lawful Basis Assessment |
Legal determination of available lawful basis for each AI use case |
| Data Flow Mapping |
Map of all personal data flows into, through, and out of the AI system |
| Consent Management Platform |
Required if consent is chosen as lawful basis |
Industry Applicability
| Industry |
Key Article 22 Risk |
DPIA Required |
| Financial Services |
Credit scoring, fraud detection, insurance risk — all potential Article 22 |
Almost always — large-scale automated decisions |
| Healthcare |
Clinical AI decision support, triage AI — severe individual impact |
Always — special category data + automated decisions |
| HR Technology |
CV screening, performance assessment, redundancy selection |
Almost always — employment decisions with significant effect |
| Marketing Technology |
Programmatic advertising profiling, churn prediction |
Often — large-scale systematic profiling |
| Public Sector |
Benefit eligibility, public services allocation |
Always — public authorities; systematic processing |
| Education |
Student assessment AI, admission decisions |
Yes — large-scale; impacts minors |
4. Architecture Overview
The GDPR-Compliant AI Architecture addresses six distinct GDPR obligation clusters, each implemented as a technical layer or governance process.
Obligation Cluster 1 — Lawful Basis Management (Article 6)
Every AI processing activity must have a documented, technically enforced lawful basis. The architecture implements a Lawful Basis Registry that maps each AI use case to its lawful basis (consent, contract, legal obligation, vital interests, public task, or legitimate interest). For legitimate interest (the most commonly claimed basis), the registry requires a completed Legitimate Interest Assessment (LIA) documenting the processing necessity, the balance against data subject rights, and the mitigating safeguards applied. The Lawful Basis Registry feeds a processing gate in the AI pipeline: before executing any AI processing activity, the pipeline checks the registry for a valid lawful basis. If no valid basis is recorded, the processing is blocked. This creates a technical enforcement point that prevents unauthorised processing even if an engineer deploys a new AI feature without completing the governance process.
Obligation Cluster 2 — Automated Decisions and Profiling (Article 22)
Article 22 prohibits solely automated decisions that produce legal or significant effects, unless: the decision is necessary for a contract; authorised by Union or Member State law; or based on explicit consent. Where automated decisions are permitted, individuals must have: the right to obtain human review; the right to express their point of view; and the right to contest the decision. The AI Decision Layer implements this through three controls: a Decision Impact Classifier that categorises each AI decision by its effect level (informational / significant / legal); a Human Review Gate that blocks the execution of automated decisions classified as "significant" or "legal" until a human reviewer approves the decision or the data subject has been offered the right to request human review; and a Decision Record system that retains the AI decision, the factors considered, the confidence score, and any human review action for fulfilment of data subject access requests and Article 22(3) explanations.
Obligation Cluster 3 — Data Subject Rights (Articles 15–21)
Six data subject rights apply to AI systems with technical implications: Right of Access (Article 15) — data subjects can request all information held about them including AI-derived profiles and decision records. Right to Rectification (Article 16) — erroneous personal data used in AI processing must be correctable and the correction must propagate to AI-derived outputs. Right to Erasure (Article 17) — personal data must be deleted including from AI logs, vector stores, and (to the extent technically feasible) model weights. Right to Restriction (Article 18) — processing must be halted on request pending dispute resolution. Right to Portability (Article 20) — data provided by the subject must be exportable in machine-readable format. Right to Object (Article 21) — objection to processing must be honoured, including objection to profiling. The architecture implements a Data Subject Rights Portal with automated workflows for each right type, linked to every AI data store.
Obligation Cluster 4 — Privacy by Design (Article 25)
Privacy by Design requires that data protection is embedded into AI system design from the outset, not added as an overlay. Technical measures include: data minimisation (only the minimum personal data required is used); pseudonymisation (personal identifiers replaced in AI pipelines where possible); purpose limitation technical controls; default privacy settings (the most privacy-protective option is the default); and access minimisation (the AI system has access only to personal data required for its specific function). Privacy by Default requires that, absent a user choice, the default configuration processes the least personal data possible.
Obligation Cluster 5 — Data Protection Impact Assessment (Article 35)
DPIA is mandatory where AI processing is likely to result in high risk to the rights and freedoms of individuals. Mandatory DPIA triggers for AI include: systematic and extensive profiling with significant effects (Article 35(3)(a)); large-scale processing of special category data (Article 35(3)(b)); and systematic monitoring of publicly accessible areas (Article 35(3)(c)). The DPIA Trigger Engine evaluates each new AI use case against these criteria and initiates the DPIA process for qualifying systems. Where the DPIA cannot demonstrate sufficient residual risk mitigation, the DPO must consult the supervisory authority (Article 36) before processing commences.
Obligation Cluster 6 — Data Breach Detection and Notification (Articles 33–34)
Personal data breaches involving AI systems—including model exfiltration, unauthorised inference log access, and training data exposure—must be detected and reported to the supervisory authority within 72 hours of becoming aware (Article 33). If the breach is likely to result in high risk to individuals, those individuals must be notified without undue delay (Article 34). The Breach Detection Layer monitors AI system components for signs of breach and integrates with the organisation's incident response process to trigger GDPR notification workflows.
5. Architecture Diagram
flowchart TD
subgraph Input["Request Layer"]
A[Personal Data Input]
B{Lawful Basis Gate}
end
subgraph Core["AI Processing Core"]
C[Data Minimiser]
D[AI Inference Engine]
E{Decision Impact Check}
end
subgraph Rights["Data Subject Rights"]
F[Rights Portal]
G[(Decision Record Store)]
end
A --> B
B -->|no basis| A
B -->|valid basis| C
C --> D
D --> E
E -->|informational| A
E -->|significant/legal| G
G --> F
D --> G
F -->|erasure or restrict| B
style A fill:#dbeafe,stroke:#3b82f6
style B fill:#f3e8ff,stroke:#a855f7
style C fill:#f0fdf4,stroke:#22c55e
style D fill:#f0fdf4,stroke:#22c55e
style E fill:#f3e8ff,stroke:#a855f7
style F fill:#d1fae5,stroke:#10b981
style G fill:#fef9c3,stroke:#eab308
6. Components
| Component |
Type |
Responsibility |
Technology Options |
Criticality |
| Lawful Basis Registry |
Governance |
Map AI processing activities to lawful basis; enforce at processing gate |
Confluence + structured template; OneTrust; custom database |
Critical |
| Legitimate Interest Assessment |
Governance |
Document necessity, balancing, and safeguards for LI claims |
Custom form; OneTrust; Ketch |
High |
| Processing Gate |
Processing |
Block AI processing if no valid lawful basis; honour objections and restrictions |
Custom middleware; Lambda; API Management policy |
Critical |
| Decision Impact Classifier |
Processing |
Classify AI decision by effect level: informational / significant / legal |
Custom logic; ML classifier; rule engine |
Critical |
| Human Review Gate |
Processing |
Block significant/legal automated decisions for human review or data subject opt-in |
Custom workflow; ServiceNow; Salesforce workflow |
Critical |
| Decision Record Store |
Storage |
Immutable record of each AI decision with factors, confidence, human action |
PostgreSQL; DynamoDB; Cosmos DB — immutable append-only |
Critical |
| Data Subject Rights Portal |
UI + Operations |
Self-service portal for SAR, erasure, portability, objection, restriction |
OneTrust DSR; TrustArc; custom React portal |
High |
| SAR Fulfilment Engine |
Processing |
Discover and compile all AI-processed data about a subject; generate response |
Custom discovery tool; BigQuery SAR queries; OneTrust |
High |
| DPIA Trigger Engine |
Governance |
Evaluate new AI projects against Article 35 criteria; initiate DPIA |
Custom intake form + workflow; OneTrust PIA module |
High |
| Breach Detector |
Security |
Monitor AI system access patterns; detect unauthorised access |
SIEM; CloudTrail + Athena; Azure Sentinel |
High |
| DPO Notification System |
Governance |
Route DPO-relevant events; trigger DPO consultation for high-risk |
Email + ticketing workflow; ServiceNow |
Medium |
| Explanation Engine |
AI |
Generate Article 22(3) explanations for automated decisions |
SHAP; LIME; counterfactual explanations; model cards |
High |
7. Data Flow
Primary Flow
| Step |
Actor |
Action |
Output |
| 1 |
Product/Engineering |
Register new AI processing activity in Lawful Basis Registry |
Registry entry with lawful basis or gap flag |
| 2 |
Legal/Privacy |
Complete LIA if legitimate interest is claimed; DPO reviews |
Completed LIA with documented justification |
| 3 |
DPIA Trigger Engine |
Evaluate processing against Article 35 criteria |
DPIA required / not required determination |
| 4 |
Privacy Officer |
Conduct DPIA if required; DPO consultation if high residual risk |
DPIA report; DPO consultation record |
| 5 |
End User |
Submit request to AI system |
Input with personal data |
| 6 |
Processing Gate |
Verify lawful basis; check for outstanding objections or restrictions |
Proceed or block |
| 7 |
Privacy by Design Layer |
Apply data minimisation; pseudonymise; enforce defaults |
Minimised, pseudonymised input |
| 8 |
AI Inference Engine |
Execute inference; generate explanation |
AI output + explanation factors |
| 9 |
Decision Impact Classifier |
Classify decision impact level |
Informational / significant / legal |
| 10 |
Human Review Gate (if triggered) |
Present to human reviewer or offer data subject opt-in |
Human approval or data subject rights notice |
| 11 |
Decision Record |
Write immutable decision record |
Decision log entry |
| 12 |
Breach Detector |
Monitor for anomalous access patterns |
Alert if breach suspected |
Error Flow
| Step |
Failure |
Detection |
Recovery |
| Processing Gate Bypass |
AI system deployed without gate; processes without lawful basis |
Architecture review; audit; data subject complaint |
Halt processing; implement gate retroactively; assess whether breach notification required |
| Human Review Gate Not Triggered |
Article 22 automated decision made without gate |
Data subject complaint; audit |
Halt affected decision type; implement classifier; review affected decisions |
| SAR Fulfilment Incomplete |
AI decision records not included in Subject Access Request response |
Data subject appeal; supervisory authority investigation |
Improve discovery; resubmit SAR response; document as nonconformity |
| Erasure Not Propagated to Vector Store |
Data subject erasure fulfilled in primary DB but not vector store |
Post-erasure verification; data subject complaint |
Delete from vector store; document near-miss |
8. Security Considerations
GDPR Security Controls
| Domain |
Control |
Article |
Implementation |
| Authentication |
All AI processing requires authenticated identity; no anonymous service accounts |
Article 32 |
IAM with mandatory MFA; service accounts with minimal permissions |
| Authorisation |
Role-based access to AI decision records; data subjects can access only their own records |
Article 32 |
RBAC; subject-scoped query enforcement |
| Pseudonymisation |
Personal identifiers pseudonymised before AI inference |
Article 25 |
Microsoft Presidio; AWS Comprehend; custom NER |
| Encryption |
All personal data encrypted in transit (TLS 1.3) and at rest (AES-256) |
Article 32(1)(a) |
Cloud-native CMEK; VPC encryption |
| Auditability |
All AI access to personal data logged; logs retained per Article 30 |
Article 5(2) accountability |
Immutable audit logs; 7-year retention |
| Breach Detection |
Anomaly detection on AI data access; automated breach response |
Article 33 |
SIEM; UEBA; automated incident response |
OWASP LLM Top 10 — GDPR Mapping
| OWASP LLM Risk |
GDPR Article |
Architectural Control |
Impact |
| LLM01 Prompt Injection |
Article 32 — security measures |
Input validation; WAF; system prompt hardening |
Injection may exfiltrate personal data; breach notification risk |
| LLM02 Insecure Output Handling |
Article 32; Article 5(1)(f) — integrity and confidentiality |
Output validation; schema enforcement |
Personal data in output routed to unauthorised systems |
| LLM03 Training Data Poisoning |
Article 10 — training data quality (EU AI Act synergy); Article 5(1)(d) — accuracy |
Training data provenance; integrity hashing |
Corrupted model produces inaccurate data about individuals; Article 16 rectification triggered |
| LLM04 Model Denial of Service |
Article 32 — availability |
Rate limiting; circuit breakers |
Availability failure may prevent data subject rights fulfilment (time-sensitive) |
| LLM05 Supply Chain Vulnerabilities |
Article 28 — processor obligations |
Vendor DPA; Article 46 transfer mechanisms; supply chain audit |
Third-party processor breach triggers Article 33 notification obligation |
| LLM06 Sensitive Information Disclosure |
Article 9 — special categories; Article 83(5) fine exposure |
Output PII filtering; training data minimisation |
Disclosure of health, biometric, or other special category data |
| LLM07 Insecure Plugin Design |
Article 5(1)(b) — purpose limitation |
Tool whitelisting; least privilege; purpose-limited tool design |
AI tool call shares personal data with system outside original purpose |
| LLM08 Excessive Agency |
Article 22 — automated decisions; Article 5(1)(b) purpose limitation |
Hard limits on autonomous action; human approval gates |
Autonomous AI action constitutes automated decision without Article 22 safeguards |
| LLM09 Overreliance |
Article 22(3) — right to explanation; Article 22(2)(b) — human review |
Confidence scoring; explanation display; human review gate |
Overreliance leads to automated decisions without meaningful human review |
| LLM10 Model Theft |
Article 32; Article 83(5) |
Model weight access control; DLP |
Stolen model may enable extraction of training data containing personal data |
9. Governance Considerations
GDPR AI Governance
| Obligation |
Article |
Governance Control |
Artefact |
| Records of Processing Activities |
Article 30 |
AI processing activities registered; updated on change |
Article 30 Register |
| Lawful Basis Documentation |
Article 6 |
Registry with LIA where applicable |
Lawful Basis Registry |
| DPO Appointment and Consultation |
Articles 37–39 |
DPO designated; consulted on new high-risk AI |
DPO consultation records |
| Data Subject Rights Management |
Articles 15–21 |
DSR portal; 30-day response SLA |
DSR request log |
| DPIA Documentation |
Article 35 |
DPIA for qualifying AI systems; DPO review |
DPIA reports |
| Data Breach Notification |
Articles 33–34 |
72-hour notification workflow; data subject notification process |
Breach log; notification records |
| Data Processor Agreements |
Article 28 |
DPA with all AI vendors who process personal data |
DPA register |
Governance Artefacts
| Artefact |
Description |
Retention |
| Article 30 Register |
All AI processing activities with lawful basis, data categories, retention period, recipients |
Ongoing; current state + 7 years |
| Legitimate Interest Assessments |
Documented LIA for each AI use case relying on legitimate interest |
Duration of processing + 7 years |
| DPIA Reports |
Risk assessment and mitigation for qualifying AI systems |
Lifetime of system + 7 years |
| DPO Consultation Records |
Article 36 consultations with DPO and supervisory authority |
10 years |
| Decision Records |
Immutable log of AI automated decisions with explanation |
7 years (or duration of any challenge period) |
| DSR Request Log |
All data subject requests; responses; outcomes |
7 years |
| Breach Notification Records |
All Article 33/34 notifications; investigation records |
10 years |
10. Operational Considerations
Monitoring and SLOs
| SLO |
Target |
Measurement |
Breach Action |
| SAR Response Time |
100% within 25 days (5-day buffer from 30-day deadline) |
Days from receipt to response |
Escalate to DPO; daily status update |
| Erasure Fulfilment |
100% within 25 days including vector stores and decision records |
Erasure task completion rate |
Alert Privacy Engineering; escalate |
| Article 33 Breach Notification |
100% within 60 hours of breach awareness (12-hour buffer) |
Detection-to-notification timeline |
Legal hold; immediate DPO + Legal escalation |
| Human Review Gate Coverage |
100% of significant/legal automated decisions go through gate |
Gate coverage rate metric |
Halt affected decision type; implement gate |
| DPIA Trigger Coverage |
100% of new AI processing activities evaluated against Article 35 criteria |
Trigger evaluation completeness |
Block deployment pending evaluation |
Disaster Recovery
| Scenario |
GDPR Impact |
Recovery |
| Decision Record Store Outage |
Cannot fulfil SARs; Article 22 explanation right impaired |
Restore from backup within 24 hours; manual SAR fulfilment if time-critical |
| DSR Portal Outage |
Cannot receive or process data subject requests |
Alternative DSR intake channel (email to DPO); communicate extended timelines to supervisory authority if SLA affected |
| Processing Gate Outage |
May process personal data without lawful basis verification |
Halt AI processing until gate restored; do not bypass |
11. Cost Considerations
Cost Drivers
| Cost Driver |
Indicative Cost |
Notes |
| Consent and DSR Management Platform |
EUR 20,000–80,000/year |
OneTrust, TrustArc, Ketch |
| Explanation Engine Development |
EUR 50,000–150,000 (initial) |
One-time; ongoing maintenance EUR 10,000–30,000/year |
| Human Review Workflow |
EUR 30,000–100,000 (initial) |
Depends on decision type complexity |
| DPO (if in-house) |
EUR 100,000–200,000/year |
Fully loaded cost |
| DPIA Conduct |
EUR 15,000–50,000 per major AI system |
Legal + privacy officer time |
| Breach Notification Tooling |
EUR 5,000–20,000/year |
Integrated with incident response |
Indicative Cost Range
| Organisation |
Annual GDPR AI Compliance Cost |
Notes |
| Small EU AI operator (<3 AI products) |
EUR 200,000–500,000 |
Shared DPO; lightweight tooling |
| Mid-size (3–10 AI products, significant EU data) |
EUR 600,000–1,500,000 |
In-house DPO; dedicated privacy engineering |
| Large enterprise (10+ AI products, large-scale EU data) |
EUR 2,000,000–8,000,000 |
Privacy team; enterprise tooling; ongoing DPIA programme |
12. Trade-Off Analysis
Architecture Options
| Option |
Description |
Pros |
Cons |
Recommended For |
| Option A: Consent-First Model |
Use explicit consent as lawful basis for all AI processing |
Clearest legal basis; highest user trust |
High consent-fatigue risk; processing halts on withdrawal; not always appropriate |
Consumer AI products where relationship is consent-based |
| Option B: Legitimate Interest with LIA |
Use legitimate interest with robust LIA and safeguards |
Workable for many B2B and operational AI use cases |
Requires genuine LIA; requires ongoing balancing review |
B2B AI, operational AI, fraud detection, security AI |
| Option C: Contractual Necessity |
AI processing necessary to perform a contract |
No consent required; strong basis for customer-facing AI |
Narrowly applicable; must be genuinely necessary, not merely convenient |
AI-powered product features where processing is core to contracted service |
Architectural Tensions
| Tension |
Trade-Off |
Resolution |
| Article 22 Automation vs Efficiency |
Human review gates slow automated decision processes |
Risk-tier decisions: routine low-impact → automated; significant/legal → gated |
| Erasure Right vs Model Training Investment |
Erasure from model weights is costly; but right must be honoured |
Tiered erasure: immediate from logs/vectors; deferred model unlearning with documented timeline |
| Article 22 Explanation vs Model Complexity |
Complex models (deep neural networks) cannot provide meaningful explanations |
Select explainable models for Article 22-scope decisions; or post-hoc SHAP explanations |
| Purpose Limitation vs Data Utility |
Rich personal data improves AI quality; purpose limitation restricts re-use |
Design AI features with declared purposes; do not build general-purpose personal data pools |
13. Failure Modes
| Failure |
Likelihood |
Impact |
Detection |
Recovery |
| Article 22 Automated Decision Without Gate |
Medium |
Critical — Article 83(5) fine exposure; individual rights violated |
Data subject complaint; supervisory authority audit |
Halt decision automation; implement gate; assess affected individuals |
| DPIA Not Conducted for Qualifying System |
High |
High — Article 83(4) fine; systemic governance gap |
External audit; supervisory authority inquiry |
Conduct retrospective DPIA; implement mitigations; document as nonconformity |
| SAR Response Incomplete (AI Records Missing) |
High |
Medium — GDPR Article 15 breach; data subject complaint |
Data subject challenge; supervisory authority investigation |
Improve SAR discovery; resubmit response; notify data subject |
| Breach Not Notified Within 72 Hours |
Medium |
High — Article 33 violation; significantly increased fine risk |
Post-incident timeline review |
Late notification with explanation; investigate detection failure |
| Lawful Basis Undermined by Purpose Creep |
Medium |
Critical — Article 6 breach invalidates all processing |
Data protection audit; DPO review |
Cease unlawful processing; notify supervisory authority if required |
Cascading Failure Scenario
A marketing AI product is deployed using legitimate interest as the lawful basis. No LIA is completed; legitimate interest is assumed. The product builds detailed profiles of EU residents by aggregating purchase history, browsing behaviour, location data, and inferred demographics. Automated personalisation decisions are made (Article 22 triggers because they have "significant effects" on the content and pricing individuals see). No human review gate is in place; no Article 22 safeguards are implemented. An EU resident files a GDPR complaint. The DPA investigates and finds: no valid LIA (legitimate interest not properly assessed); Article 22 automated decisions without safeguards; no DPIA despite systematic large-scale profiling; SAR response incomplete (profiling data not disclosed). Four simultaneous violations across Articles 6, 22, 35, and 15. Fines issued under Article 83(5) and 83(4). Company required to delete all profiles and cease processing pending remediation. Remediation estimated at 6–12 months.
14. Regulatory Considerations
| Regulation |
Specific Obligation |
Architectural Control |
Reference |
| GDPR Article 6 |
Lawful basis for processing personal data in AI |
Lawful Basis Registry; LIA; Processing Gate |
GDPR Article 6(1) |
| GDPR Article 9 |
Special category data — explicit consent or Article 9(2) exception required |
Additional consent gate for special category data; AI system design avoids special category where possible |
GDPR Article 9 |
| GDPR Article 15 |
Right of access — includes AI-derived profiles and decision logic |
SAR Fulfilment Engine; Decision Record Store |
GDPR Article 15 |
| GDPR Article 17 |
Right to erasure |
Erasure workflow across logs, vector stores, model weights |
GDPR Article 17 |
| GDPR Article 20 |
Right to portability |
Portability export module for AI-processed personal data |
GDPR Article 20 |
| GDPR Article 22 |
Automated decision-making — right to human review, explanation, contest |
Human Review Gate; Decision Impact Classifier; Explanation Engine |
GDPR Article 22 |
| GDPR Article 25 |
Privacy by Design and by Default |
Privacy by Design layer in AI pipeline; data minimisation; pseudonymisation; privacy-protective defaults |
GDPR Article 25 |
| GDPR Article 33 |
Breach notification to supervisory authority within 72 hours |
Breach Detector; Supervisory Authority Notification Workflow |
GDPR Article 33 |
| GDPR Article 34 |
Notification to data subjects where high risk |
Data Subject Notification Workflow triggered by breach risk assessment |
GDPR Article 34 |
| GDPR Article 35 |
DPIA for high-risk processing |
DPIA Trigger Engine; DPIA documentation; DPO consultation |
GDPR Article 35 |
| EU AI Act |
GDPR interoperability for AI processing personal data |
Joint DPA/AI Act compliance architecture |
EU AI Act Recital 9 |
15. Reference Implementations
AWS
| Component |
AWS Service |
| Lawful Basis Registry |
DynamoDB; or OneTrust SaaS |
| Data Minimisation + PII Detection |
Amazon Comprehend + Lambda |
| AI Inference with Explanation |
Amazon SageMaker + Clarify (SHAP) |
| Decision Record Store |
DynamoDB (append-only table) |
| Human Review Gate |
Amazon A2I (Augmented AI) |
| DSR Portal |
Custom React on AWS Amplify |
| SAR Fulfilment Discovery |
AWS Glue + Athena across data stores |
| Breach Detection |
Amazon GuardDuty + Security Hub |
| DPIA Management |
OneTrust SaaS; or custom Jira workflow |
Azure
| Component |
Azure Service |
| Lawful Basis Registry |
SharePoint List; or OneTrust SaaS |
| Data Minimisation + PII Detection |
Azure AI Language PII Detection |
| AI Inference with Explanation |
Azure ML + Responsible AI Dashboard |
| Decision Record Store |
Azure Cosmos DB (append-only container) |
| Human Review Gate |
Azure Logic Apps + Power Apps reviewer portal |
| DSR Portal |
OneTrust DSR; or custom Azure Static Web Apps |
| SAR Fulfilment Discovery |
Azure Purview data map |
| Breach Detection |
Microsoft Sentinel |
GCP
| Component |
GCP Service |
| Lawful Basis Registry |
Google Sheets + Apps Script; or OneTrust SaaS |
| Data Minimisation + PII Detection |
Cloud DLP |
| AI Inference with Explanation |
Vertex AI Explainable AI |
| Decision Record Store |
Firestore (append-only) |
| Human Review Gate |
Cloud Workflows + custom reviewer UI |
| DSR Portal |
Custom app on Cloud Run |
| SAR Fulfilment Discovery |
Dataplex + BigQuery |
| Breach Detection |
Security Command Center + Chronicle |
On-Premises
| Component |
Technology |
| Lawful Basis Registry |
Confluence structured template; custom PostgreSQL |
| PII Detection |
Microsoft Presidio (open source) |
| Explanation Engine |
SHAP; LIME; Alibi Explain |
| Decision Record Store |
PostgreSQL with append-only table + row-level security |
| Human Review Gate |
Temporal workflow engine; custom portal |
| DSR Portal |
Custom web application |
| Breach Detection |
Splunk Enterprise Security |
| Pattern ID |
Pattern Name |
Relationship |
Notes |
| EAAPL-CMP004 |
Privacy-Preserving AI |
PREREQUISITE |
Privacy-preserving controls (PII detection, pseudonymisation) are prerequisites for GDPR compliance |
| EAAPL-CMP007 |
Data Residency for AI |
PREREQUISITE |
GDPR Article 44–46 cross-border transfer controls are provided by the data residency pattern |
| EAAPL-CMP003 |
EU AI Act Compliance |
COMPLEMENTARY |
GDPR and EU AI Act obligations are intertwined; deploy as an integrated architecture |
| EAAPL-AGT003 |
Human-in-the-Loop Oversight |
EXTENSION |
Article 22 human review obligation is implemented through the HITL pattern |
| EAAPL-CMP005 |
ISO 42001 Implementation |
COMPLEMENTARY |
GDPR DPIA process aligns with ISO 42001 AI Impact Assessment (Annex B) |
| EAAPL-SEC002 |
AI Audit Logging |
PREREQUISITE |
Article 5(2) accountability and SAR fulfilment require comprehensive audit logging |
17. Maturity Assessment
Overall Maturity Label: Mature
| Dimension |
Level 1 |
Level 2 |
Level 3 |
Level 4 |
Level 5 |
Current Level |
| Lawful Basis Management |
No documentation |
Ad-hoc claimed lawful basis |
Registry with LIA for all AI processing |
Automated processing gate enforces lawful basis |
Continuous lawful basis monitoring with change detection |
Level 3–4 |
| Article 22 Safeguards |
No safeguards |
Manual process sometimes applied |
Automated Decision Impact Classifier + Human Review Gate |
Gate metrics tracked; explanation quality measured |
AI explanation quality improves via feedback loop |
Level 3 |
| Data Subject Rights |
Cannot fulfil SARs |
Manual SAR fulfilment |
Automated DSR portal covering all AI data stores |
SLA tracked; automated discovery across all stores |
Near-real-time DSR fulfilment |
Level 3 |
| DPIA Programme |
No DPIAs |
DPIAs conducted on request |
Automated trigger for all qualifying AI systems |
DPIA quality assured; DPO review metrics |
DPIA outcomes feed AI risk management system |
Level 3 |
| Breach Response |
Reactive only |
Informal breach process |
72-hour notification workflow drilled |
Automated detection + notification pipeline |
Sub-24-hour breach-to-notify capability |
Level 3 |
18. Revision History
| Version |
Date |
Author |
Changes |
| 1.0 |
2025-02-01 |
EAAPL Working Group |
Initial draft |
| 1.1 |
2025-08-15 |
EAAPL Working Group |
Added Article 22 automated decision detail; expanded DPIA triggers |
| 2.0 |
2026-06-12 |
EAAPL Working Group |
Major revision: added EU AI Act interoperability; updated OWASP mapping; cascading failure scenario; added on-premises reference implementation |