The Right to Explanation mandates that controllers of solely automated decision-making systems, including profiling, must provide data subjects with meaningful information about the logic involved, the significance, and the envisaged consequences. This right is triggered when an algorithmic decision produces legal effects—such as denying a loan application—or similarly significant impacts like e-recruiting without human intervention.
Glossary
Right to Explanation

What is Right to Explanation?
The Right to Explanation is a data subject's legal entitlement under Article 22 of the GDPR to receive meaningful information about the logic involved in an automated decision that produces legal or similarly significant effects on them.
Fulfilling this right requires more than exposing raw model weights or source code. Controllers must provide counterfactual explanations that describe how a change in the subject's input features would have altered the outcome. This intersects with model explainability techniques like SHAP and LIME, and is operationally supported by automated decision logging and contestability mechanisms that allow users to challenge and seek human review of algorithmic determinations.
Core Components of the Right
The fundamental building blocks that constitute a legally compliant and technically meaningful right to explanation under GDPR.
Solely Automated Decision Identification
The trigger condition for the right to explanation. A decision qualifies as solely automated when it is made entirely by an algorithm without any meaningful human intervention. This includes decisions where a human merely rubber-stamps an algorithmic output without the authority or competence to override it. The right applies only when such decisions produce legal effects (e.g., denial of a loan) or similarly significant effects (e.g., e-recruiting rejection).
Meaningful Information About the Logic Involved
The core disclosure obligation. Controllers must provide meaningful information about the reasoning process, which goes beyond a complex mathematical formula. This requires:
- The categories of data used in the decision
- The weighting and relevance of key features
- The general logic of the model in plain language
- Counterfactual explanations showing how changing inputs would alter the outcome This is not a right to full algorithmic transparency or source code disclosure.
Significance and Envisaged Consequences
The forward-looking disclosure component. Data subjects must be informed of the envisaged consequences of the automated processing for their specific situation. This requires the controller to articulate:
- The intended purpose of the decision
- The real-world impact on the individual's rights and freedoms
- Foreseeable outcomes based on the model's output This transforms the explanation from a technical description into a practical, human-understandable narrative about what the decision means for the person.
Safeguards and Contestability
The procedural rights that operationalize the explanation. GDPR Article 22(3) mandates that controllers implement suitable measures to safeguard the data subject, including:
- The right to obtain human intervention from a qualified reviewer
- The ability to express one's point of view and contest the decision
- A clear mechanism for appeal that is accessible and timely These safeguards ensure the explanation is not merely a static document but an active, actionable right.
Ex-Ante vs. Ex-Post Explanation
The temporal dimension of the right. GDPR implies two distinct phases of explanation:
- Ex-ante transparency: Information provided before processing begins, covering the existence of automated decision-making and the logic involved at a general level (Articles 13-14)
- Ex-post explanation: Specific information provided after a decision is made, including the actual reasoning for a particular outcome and the right to contest it (Article 22 and Recital 71) Effective compliance requires both pre-decision notice and post-decision granularity.
Trade Secret Limitations
The legal boundary on disclosure. The right to explanation is not absolute and must be balanced against the controller's legitimate interest in protecting trade secrets and intellectual property. However, Recital 63 clarifies that trade secrets cannot be used to refuse all information to the data subject. Controllers must find a middle ground, providing sufficiently detailed explanations without revealing proprietary model architectures or sensitive business logic that would cause competitive harm.
Frequently Asked Questions
Clear answers to the most common questions about the legal and technical dimensions of algorithmic explainability under GDPR and the EU AI Act.
The Right to Explanation is a data subject's legal entitlement under Articles 13-15 and 22 of the General Data Protection Regulation (GDPR) to receive meaningful information about the logic involved in automated decision-making that produces legal or similarly significant effects. This right mandates that controllers disclose the existence of automated processing, provide meaningful details about the logic used, and explain the significance and envisaged consequences of the processing for the individual. It is not merely a right to see source code; rather, it requires a functional explanation that allows the data subject to understand and contest the decision. The Article 29 Working Party guidelines emphasize that controllers must provide a simple way for individuals to obtain human intervention, express their point of view, and contest the decision. This right is triggered when a decision is solely automated—meaning no meaningful human intervention occurs—and produces a legal effect, such as automatic denial of a credit application, or a similarly significant effect, like e-recruiting practices that filter candidates without human review.
Right to Explanation vs. Related Transparency Mandates
Distinguishing the GDPR Right to Explanation from adjacent algorithmic transparency and accountability obligations under EU law.
| Feature | Right to Explanation (GDPR Art. 22 & 15) | Algorithmic Impact Assessment (EU AI Act) | Model Card Disclosure |
|---|---|---|---|
Primary Legal Basis | GDPR Articles 13-15, 22; Recital 71 | EU AI Act Article 9, Annex IV | Voluntary standard (Meta, Google, Hugging Face) |
Triggering Event | Solely automated decision producing legal or similarly significant effects | Deployment of a high-risk AI system per Annex III classification | Model release or publication |
Target Audience | Individual data subject | Regulatory authority and public | Downstream developers and auditors |
Mandatory Content | Meaningful information about the logic involved, significance, and envisaged consequences | Risk assessment, human oversight measures, accuracy metrics, and fundamental rights impact | Intended use, evaluation results, limitations, and ethical considerations |
Enforceability | Legally binding; fines up to 4% of global annual turnover | Legally binding; fines up to €35M or 7% of global annual turnover | |
Timing of Disclosure | Ex-ante (at time of decision) and ex-post (upon data subject request) | Ex-ante (before market placement or putting into service) | At model release or update |
Technical Depth Required | Layperson-comprehensible explanation of logic | Detailed technical documentation suitable for competent authorities | Semi-technical; benchmarks and intended use cases |
Human Review Requirement |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding the Right to Explanation requires familiarity with the technical mechanisms, legal frameworks, and fairness metrics that make algorithmic decisions auditable and contestable.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us