Capstone Chain · M3Module 3 of 6

The Register

Six weeks to launch. Ninety-day DPIA. Do the maths.

Tuesday 14 July 2026. London. 14:00. The boardroom. Two months since the breach. Imran is still firefighting. Marcus is pushing the AI programme hard — the Series C thesis requires it.

Priya Shah opens her laptop and shows a live demo of Cerulith Clinic AI — an ML model that ingests Pulse biometric streams + patient-typed symptoms and returns a triage recommendation (routine / urgent / emergency) with a confidence score. Training set: 1.8M anonymised UK records. Validation AUC-ROC 0.91. Launch target: 1 September 2026.

Priya's live demo types in: persistent chest tightness + left-arm numbness. The model returns EMERGENCY — confidence 0.94 — call 999. Marcus claps. Fran calculates the ARR delta.

The slide Priya did not show: human review. None in the path. The clinician-in-the-loop is "coming in v2." The intended release is v1.

Learning Objectives

By the end of this module:

Classify AI-feature data flows correctly under Art 30 ROPA including Art 9 special-category and Art 22 automated decision-making.
Design DPIA mitigations that hold under Art 35(7) and the CJEU Schufa line.
Apply the DUAA Arts 22A–D framework while understanding where Art 9 narrows the default-permitted scope.

Incident 1Tue 14 Jul 2026 · 14:12Cerulith Boardroom

The Demo

Boardroom · Pulse AI confidence demo

Priya Shah · CTO

Persistent chest tightness. Left-arm numbness. Onset 30 minutes ago. Model output: EMERGENCY. Confidence 0.94. Recommended: call 999 immediately.

Marcus Vale · CEO

Beautiful. When does it ship?

Priya Shah · CTO

1 September. Validation AUC 0.91. Training set 1.8 million UK records. Fairness-aware pipeline.

Aisha · to herself

No human review in the path. Art 9 health data. Automated decision with legal or similarly significant effects.

Incident 2Tue 14 Jul · 15:30Aisha's office

After the Demo

You open the ROPA. Cerulith Clinic AI has no entry yet.

Priya forwarded the slide deck and a technical brief. The brief uses the word "triage suggestion" seventeen times and the word "decision" zero.

Vikram pings: "How can I support?" Marcus pings: "Investor update is 10 September. Keep me in the loop."

You start with classification. Eight data categories in the Pulse AI flow. Each lands in one of three buckets under Art 30.

ROPA WorksheetTue 14 Jul · 16:12

Cerulith Clinic AI — Data Categories

Classify each category. A = Art 9 special category. B = Art 6 non-special personal data. C = not personal data. Your classification drives the DPIA scope.

0 of 8 classified.

Decision 1 of 3Tue 14 Jul · 16:45

The ROPA Entry

Priya joins your call. She argues the triage output is "just a suggestion — the user decides." She cites the Pulse T&Cs: "AI-assisted triage, not medical advice."

Question: How do you classify Cerulith Clinic AI in the ROPA?

Consequence · +3 Defensibility

The ROPA Entry Filed

Aisha · to Priya

Priya — this is Art 9 health data plus automated decision-making. Under DUAA 22A–D the default is permitted, but because the data is Art 9 we need explicit consent or substantial public interest under 22(2)(g). A DPIA is not optional; it is the instrument by which we design the safeguards.

Priya · CTO

A full DPIA is 60 hours I don't have.

Aisha

It is 60 hours either way — now, or when the ICO asks. My instinct is now. Vikram agrees.

Art 35(3) mandates a DPIA for (a) systematic extensive evaluation including automated decision-making with legal or similarly significant effects and (b) large-scale Art 9 processing. Cerulith Clinic AI hits both triggers.

Schufa (C-634/21) broadened Art 22 reach: a score plays a determining role even if a third party makes the final decision. The same logic narrows Priya's "just a suggestion" argument — when users rely on the triage, the automated component is decisive.

Legal Insight

Why This Was Defensible

Art 30 ROPA must reflect reality. Mislabelling produces systemic criticism in any MPN.
Art 9(1) prohibition is the default; Art 9(2) exceptions are narrow and must be evidenced.
Art 35(1) — where processing is likely to result in high risk, the DPIA is mandatory before processing begins.

Consequence · +1 Defensibility

The 'Suggestion' Framing

Before Schufa (2023), this framing had more room to run. Post-Schufa it is unstable: when the score or triage plays a "determining role," Art 22 applies even if a nominal human step exists downstream.

For a health-triage feature affecting access to emergency care, the "suggestion" framing will not survive ICO scrutiny — especially with DUAA's 22A–D framework which preserves the Art 9 gate.

Legal Insight

Why This Is Mixed

Arguable today, indefensible on first challenge.
You've saved Priya face; you've cost Cerulith its strongest defence if Module 6 arrives.

Consequence · −2 Defensibility

The Deferred DPIA

Art 35(1) requires the DPIA before processing begins. "Post-launch refinement" is a breach, not a schedule choice.

Art 30 mis-classification aggravates under Art 83(2)(d) degree of responsibility — evidence of systemic under-recognition of risk.

Legal Insight

Why This Was Indefensible

DPIA-before-processing is Art 35's core mechanic.
This decision moves Module 6's starting point materially higher.

BreatherFri 24 Jul · 10:00Patient panel — Bishopsgate

The DPIA Workshop

Patient panel · DPIA testimony

Ten days later. You've run a full DPIA workshop. Priya brought her metrics. Imran brought his threat model. Dr Mark Tessaro, your external clinical advisor, sat in for the clinical-risk lens. A patient panel of six (commissioned via Pulse's user council) reviewed the flow and provided consented video testimony.

Mark Tessaro · clinical advisor

The patient panel gave us eight hours of consented testimony. What mattered to them: knowing when an automated system was deciding something about their care, and having a way to ask a human.

Three risks are now named and plotted on the 5×5 matrix:

Risk 1: False negatives leading to delayed emergency care. Priya's model has a 2.3% FN rate overall.
Risk 2: Differential accuracy. The validation set is 78% white British. The ethnicity breakdown of the live population is 62% white British. A fairness audit has not yet been run.
Risk 3: No opt-out route. Users currently cannot use Pulse with the AI triage disabled. Art 22(3) (or DUAA 22D) requires the right to contest and express view.

DPIA WorksheetFri 24 Jul · 14:20

Mitigations — Select per Risk Row

Six residual risks. Three mitigation options per row. Pick the option that brings residual risk below the red band while staying inside a 6-week sprint. Your picks shape what's on the table in Decision 2.

0 of 6 mitigations set.

Audit ReturnsThu 6 Aug · 16:22

The Audit Returns

You commissioned an external fairness audit. Results just landed.

Overall FN

2.3%

Priya's number

White men FN

4.1%

Validation cohort

White women FN

6.2%

Validation cohort

South Asian men FN

7.8%

Validation cohort

South Asian women FN

11.0%

Emergency class: 13.7%

Black women FN

9.4%

Validation cohort

Mark · 17:05 call

An 11% false-negative rate for a triage model on emergency presentations in South Asian women is a clinical-safety signal. It isn't a number. It is someone not getting an ambulance.

Priya · 17:22 call

We can retrain. It'll take eight weeks. We have six.

Decision 2 of 3Thu 6 Aug · 18:00

The Mitigations

Priya has run the numbers: retraining to close the fairness gap is an 8-week project. Launch is in 26 days. Marcus's board update is on 10 September.

Question: What mitigations do you accept for launch?

Consequence · +3 Defensibility

The Safeguards

DPIA worksheet · fairness audit

Aisha · to Priya

Clinician co-signs on urgent and emergency outputs for 90 days. Opt-out to a fully human pathway by launch — not v2. Privacy notice rewrite. Fairness audit published with limitations section. Retraining happens in parallel on the Q4 release train.

Priya

Ninety days of clinician co-sign costs £420k.

Aisha

It costs less than one preventable death.

Art 35(7)(d) requires the DPIA to include measures to mitigate the risks. Clinician-in-the-loop for the stakes-heavy classes addresses Risk 1 and Risk 2 together; opt-out addresses Art 22(3)/22D safeguards.

Art 13(2)(f) transparency — logic, significance, envisaged consequences — is not an optional paragraph.

Legal Insight

Why This Was Defensible

Art 22(3) safeguards include human intervention, right to express view, right to contest.
DUAA 22B–D preserve the same safeguards for Art 9 processing.
Published fairness audit is not a regulatory requirement — it is an Art 83(2)(d)/(f) mitigator that reads well in any future investigation.

Consequence · +1 Defensibility

The Half-Fix

Emergency-only review addresses the top-severity row but leaves urgent-tier presentations (chest pain that isn't cardiac; falls; uncontrolled bleeding) to the model alone — where the fairness gap remains most consequential.

No opt-out for v1 breaches Art 22(3) on any reading — the user must have the right to express view and contest a significant automated decision.

Legal Insight

Why This Is Mixed

Clinical-safety improvement is real. Regulatory posture is not complete.
Module 6's investigator will note the v2 opt-out as "aware-of-gap-but-still-shipped" evidence.

Consequence · −2 Defensibility

The Contract Claim

Art 22(2)(a) contract necessity is read narrowly — it applies where the automated decision is necessary for entering into or performing the contract. A triage feature is not necessary for the Pulse contract in the way Schufa-style credit decisions are for a loan.

Art 22(4) / DUAA 22A(4)-equivalent narrows further for Art 9 data: only 22(2)(a) explicit consent and 22(2)(g) substantial public interest are available.

Priya's T&Cs update does not cure the issue because "AI-assisted triage" is not the bargained-for service.

Legal Insight

Why This Was Indefensible

The "contract necessity" shortcut is the single most cited bad-faith argument in ICO AI enforcement.
Module 6's investigator reads this as Exhibit C: a controller shipping an Art 9 automated decision with no genuine safeguards.

Decision 3 of 3Wed 19 Aug · 09:12

The Art 36 Question

Whatever mitigations you chose, the residual-risk register has rows that still sit in the red or amber band.

Art 36 prior consultation is required where the DPIA shows residual high risk. The ICO has 8 weeks to respond (extendable by 6).

Launch is in 13 days. Marcus's investor update is in 22 days.

Question: Do you file Art 36 prior consultation?

Consequence · +3 Defensibility

The Letter

ICO Wilmslow · envelope · morning

Aisha · to Marcus

Four weeks. The ICO has 8 weeks by statute but their current average on Art 36 for AI-in-healthtech is 5. We launch 1 October.

Marcus

What do I tell investors?

Aisha

That we shipped a feature that will still be running in five years, not five months.

Art 36(1) requires prior consultation where the DPIA shows residual high risk. The correct posture is voluntary, transparent filing with the full DPIA attached.

The 4-week delay becomes an Art 83(2)(f) cooperation credit in Module 6. It also buys Priya time for Q4 retraining.

Legal Insight

Why This Was Defensible

Art 36 is mandatory where residual risk remains high after mitigations.
ICO currently treats Art 36 filings as a positive signal — they would rather talk early than enforce late.

Consequence · +0 Defensibility

The Commissioned View

A defensible position if the mitigations genuinely brought the residual below high — and if decision-2 was choice-a.

If decision-2 was choice-b (half-fix), this reading is strained and the ICO would disagree. Residual-risk categorisation is a controller judgement subject to regulatory second-guess.

Legal Insight

Why This Is Mixed

Arguable. Not the strongest posture.
If the ICO investigation opens for other reasons, this decision is read alongside decision-2.

Consequence · −2 Defensibility

The Ship Date

Art 36 is mandatory where residual high risk remains. Shipping without filing is a breach, not a scheduling choice.

In the M6 binder, this decision is the single strongest piece of evidence that Cerulith chose commercial timing over regulatory process.

Legal Insight

Why This Was Indefensible

Mandatory process missed. Art 83(4) category breach.
Marcus's investor update became the proximate cause.

Computing

Computing Defensibility…

Summing the three decision impacts.

The Launch That Held

Art 36 filed. Clinician co-sign. Fairness audit published. 1 October launch.

Affected · Data subjects

Cerulith Clinic AI launches on 1 October with clinician-in-the-loop for urgent/emergency outputs, a functioning opt-out, and a published fairness audit. In the first six months, 32,800 users opt into a human-first path; 412 adverse events are averted by clinician co-sign. The 11% South Asian women FN rate drops to 6.1% after the Q4 retrain.

Company · Cerulith

Delayed launch costs £1.1M in deferred revenue. 10 Sep investor update presents the Art 36 filing as a differentiator, not a delay. Two NHS ICBs — previously pilot-only — sign production contracts citing the DPIA and Art 36 engagement.

Career · Aisha

Priya co-authors a paper with Mark Tessaro and Aisha for Nature Digital Medicine on "Art 22 compliant clinical AI." Submission: January 2027.

Next 50 incidents

The DPIA template, Art 13(2)(f) notice format, and fairness-audit protocol are adopted as Cerulith's standard for AI releases. Three new features in 2027 go through the same cycle in 6 weeks not 14.

System · Industry

ICO's post-launch review notes Cerulith as an example of clinical-AI done correctly.

The Launch That Held Edges

Partial safeguards. v1.1 patch. Near-miss in NHS bulletin.

Affected · Data subjects

Feature launches on 1 September with partial safeguards. 14,200 users complain about the lack of opt-out in the first three weeks; a v1.1 patch ships on 24 September. No clinical-safety incident is publicly reported, but an anonymised near-miss report surfaces in an NHS safety bulletin in Q1 2027.

Company · Cerulith

No immediate MPN, but the feature is flagged in the ICO's 2027 AI review programme. Cerulith runs a costly reactive comms effort in October.

Career · Aisha

Aisha's DPIA stands up; the mitigation choice is her regret.

Next 50 incidents

v1.1 adds opt-out and tightens Art 13 notice. Future launches run the clinician-in-the-loop by default after this experience.

System · Industry

Internal post-mortem concludes the half-fix was driven by timing, not analysis.

The Launch That Became An Exhibit

Cardiac near-miss. ICO own-volition opens. 14-month pause.

Affected · Data subjects

Feature launches 1 September with contract-necessity framing. On 19 November a user with a cardiac event is triaged as "routine" by the model; she is hospitalised 9 hours later. No fatality, but the case becomes the proximate trigger for an ICO own-volition investigation on 5 December 2026 — the one that lands in Module 6.

Company · Cerulith

Series C lead investor commissions an external governance review. Cerulith's AI programme paused for 14 months. Clinic AI is rebuilt. Direct costs: £9.8M.

Career · Aisha

Aisha's independent Art 38 line is invoked for the second time in the year. Vikram's memo becomes part of the Cerulith defence.

Next 50 incidents

Every AI release is paused pending new governance board. Two senior ML engineers resign. Priya's defence is constrained.

System · Industry

This decision is Exhibit C in Module 6. It feeds directly into the Art 83(5) tier trigger.

Debrief

What M3 Teaches

Key Points

Five things to keep

Art 30 ROPA must classify by what the processing actually is, not by what it feels like.
Art 35 DPIA is before processing, not after.
Schufa narrowed the "not a significant decision" argument. DUAA 22A–D default-permits automated decisions but Art 9 data reverts to explicit consent / substantial public interest.
Fairness audits are not regulatory requirements; they are regulatory-credit generators.
Art 36 prior consultation is mandatory on residual high risk. Filing is cooperation mitigation.

Next module: Six weeks from now, the analytics vendor that powers Pulse's dashboards will tell you they're shutting down. The replacement is in San Francisco. Schrems II is about to be your problem.

Knowledge Check

5 Questions

Five questions on Art 9 / 22 / 30 / 35 / 36 and DUAA 22A–D. Pass mark: 80%.

Module Complete

Module 3 Complete

Defensibility score: — / 9

Quiz: —

Outcome: —

Your result has been recorded. Module 4 unlocked: The Transfer.

Return to Course Continue to Module 4 →