We are, then, in the age of Big Data. Our activities generate yottabytes of data that is stored, mined and analysed by artificial intelligence systems. These systems are used by various types of organisations, both governmental and private, for a variety of purposes, from public management to commercial purposes.

As for digitisation, i.e. the transfer of physical data to digital format, we've been living with it for several decades. It underpins the implementation of artificial intelligence (AI) by creating the huge databases that allow AI to learn, operate and produce content, recommendations and decisions.

The massive use we make of digital devices to access the Internet and social networks, electronic cards and various types of sensors and identifiers leaves a huge and complete trail of data that makes it possible to know and reconstitute our movements, preferences and choices. In other words, it knows almost every step of our lives.

This immense capacity for collecting and analysing data provided by the use of digitalisation and artificial intelligence poses a number of problems for the protection of individual privacy.

Some of the issues raised by digitalisation and the use of AI :

• How willing are we to trade our privacy for access to faster, more personalised services?
• What impact does the digitalisation of public administration have on citizens' privacy?

• Tracking our presence online, in particular through the use of cookies. What data is collected? Who accesses it? For what purpose?
• Growth in the use of biometrics and mass collection of our biometric data. Who has access? Where is it stored? What is it used for?

The European Union has been concerned with regulating these issues of privacy and fundamental rights, notably with the entry into force in 2016 of the General Data Protection Regulation and in 2024 of the European Union's Artificial Intelligence Regulation (AI Act).

Without a doubt, the AI Act is a fundamental milestone in defining the future of artificial intelligence (“AI”), being the first comprehensive regulatory initiative in this field.

Even before that, the labour legislator showed concern about these matters, which is evidenced by the normative references to the use of algorithms and AI systems in the Labour Code, which provides for a set of rules that must be respected throughout the employment relationship, from contracting to its execution and termination.

First of all, the use of algorithms, AI and related matters is included in the list of legal rules that can only be overridden by a collective bargaining agreement that is more favourable to workers.

Decision-making based on algorithms or other AI systems must also respect the principles laid down in the Labour Code regarding equal access to employment and work (including in terms of training, promotion or professional career, remuneration and other working conditions, criteria for selecting workers to be made redundant), etc.).

In addition, the parameters, criteria, rules and instructions on which algorithms or other AI systems are based, which affect decision-making on access to and maintenance of employment, as well as working conditions, including profiling and monitoring of professional activity, are also: (i) the subject of the employer's duty to inform, which must be carried out in writing and within the prescribed legal time limits; (ii) an integral part of the scope of the right to information of the works council and the right to information and consultation of the shop stewards.

Returning to the AI Act, with relevance to the labour market, it should be noted that this Regulation establishes an obligation (already applicable) for employers who implement or use AI to ensure a sufficient level of literacy in this area for their employees, so that they acquire technical and legal knowledge about these systems and, above all, so that they become aware of the opportunities and risks inherent in them.

The European regulation also prevents the use of AI systems to infer workers' emotions in the workplace, a prohibition that is already in force and for which violations carry very high fines.

Finally, it should also be noted that the AI Act classifies AI systems used in the fields of employment and employee management as high risk, namely for the purposes of recruiting and selecting staff (to place targeted job advertisements, analyse and filter job applications and evaluate candidates), making decisions affecting the terms of the employment relationship, promoting and terminating employment relationships, assigning tasks based on individual behaviour, personal traits or characteristics, and monitoring or evaluating people in the context of employment relationships. In these cases, one of the most relevant obligations in the labour context is the duty (which will only apply in 2026) for the employer to inform workers' representatives and affected workers in advance that they will be subject to the use of high-risk AI systems in the workplace.

As such, AI literacy and keeping abreast of legislative advances in these matters plays an essential role, as it is unquestionable that AI is one of the biggest challenges facing the labour market today.

Isabel Paredes, Partner & Chief Psychologist, SHL Portugal
Sofia Barros Cortez, Associate Lawyer, VdA

Published in Human Magazine on 5/8/2025