Vulnerability has traditionally been viewed through the lens of specific groups of people, such as ethnic minorities, children, the elderly, or people with disabilities. With the rise of digital media, our perceptions of vulnerable groups and individuals have been reshaped as new vulnerabilities and different vulnerable sub-groups of users, consumers, citizens, and data subjects emerge.
Vulnerability and Data Protection Law depicts these problems and offers an investigation of the concept of data subjects and a reconceptualisation of the notion of vulnerability within the General Data Protection Regulation. The regulation offers a forward-facing set of tools that - though largely underexplored - are essential in rebalancing power asymmetries and mitigating induced vulnerabilities in the age of artificial intelligence. Considering the new risks and potentialities of the digital market, the new awareness about cognitive weaknesses, and the new philosophical sensitivity about the condition of human vulnerability, the author looks for a more general and layered definition of the data subject's vulnerability that goes beyond traditional labels. In doing so, he seeks to promote a 'vulnerability-aware' interpretation of the GDPR.