Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NLยทEN
Explainer

AI in housing allocation: access to essential services

Adopted 2026-06-22 ยท ≈ 2 min read ยท Dirk Baaijen

AI that decides who gets access to housing strikes at the core of the high-risk regime. Annex III of the AI Act covers access to essential private and public services; on top of that, the GDPR prohibits discrimination and sets demands on automated decisions.

Short answer: AI in housing allocation sits close to the heart of the high-risk regime. Annex III of the AI Act treats systems that determine access to essential services โ€” such as creditworthiness โ€” as high-risk, and housing allocation and tenant selection lie close to that. At the same time the GDPR prohibits unlawful discrimination and limits automated decisions that directly affect people.

Access to essential services

Annex III classifies AI that evaluates the creditworthiness of natural persons as high-risk, except for fraud detection. For renting and housing allocation this matters: tenant screening often relies on income and credit assessments. A system that co-decides who gets a home, or what rent or deposit applies, touches access to housing as a basic need. That brings the full high-risk obligations into play.

Discrimination

The biggest risk is indirect discrimination. A model trained on historical allocation data can reproduce existing inequality โ€” for example by using postcode, name or income pattern as a proxy for origin. The AI Act therefore requires data quality and bias mitigation for high-risk systems; the GDPR prohibits processing that leads to unlawful distinction. A seemingly neutral feature can turn out discriminatory in the outcome, and that is prohibited.

Automated decisions

If someone is rejected for housing solely on the basis of automated processing, Article 22 GDPR applies: the data subject has the right to human intervention, to an explanation and to contest the decision. In practice this means an AI screening must not be the final decision without meaningful human oversight โ€” a requirement the AI Act also imposes for high-risk systems.

Profiling and transparency

Landlords and agents who use AI for matching or pricing profile candidates. That requires a legal basis, transparency and data minimisation. The combination of access decisions, profiling and vulnerable interests makes this a sensitive domain, comparable to AI in legal services where reliability weighs heavily. Keep prohibited practices in mind too: social scoring is banned.

What to do

  • Classify honestly: if the system determines access to housing, assume high-risk.
  • Test for bias: check for proxies of protected characteristics and document the mitigation.
  • Keep a human in the loop: no final rejection purely on AI, per Art. 22 GDPR.
  • Offer explanation and appeal to rejected candidates.
  • Minimise data: collect only what is needed for the allocation.

In housing allocation AI is rarely innocent. It decides on a basic need, and is held to the strictest demands by the AI Act and GDPR together.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act): Annex III on access to essential private and public services, including creditworthiness assessment.
  2. https://eur-lex.europa.eu/eli/reg/2016/679/oj
    Regulation (EU) 2016/679 (GDPR): Art. 22 automated decision-making and the prohibition of discrimination via special-category data.

Share on LinkedIn

Read next

U

Targeted job advertising with AI: high-risk and a discrimination risk

AI that shows job ads to specific groups falls explicitly under Annex III of the AI Act as high-risk. The biggest risk is discrimination: an algorithm that shows a vacancy mostly to young men invisibly excludes others. The GDPR and the DSA set additional limits.

A

AI in onboarding and internal mobility: where is the line?

Talent marketplaces, skills matching and career paths with AI seem neutral, but they reach the high-risk line as soon as they steer promotion or progression decisions (Annex III, point 4). Then the AI Act, GDPR, transparency and equal opportunity apply internally too.

U

AI financial fraud detection: the Annex III carve-out

AI that detects financial fraud is expressly carved out of the high-risk classification for credit scoring in Annex III. The carve-out is narrow: it covers genuine fraud detection, not credit assessment under a fraud label. The GDPR and governance still apply.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject โ€” programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method โ†’

A project or programme? Work with YRproject โ†’

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.