1. What counts as a “reputation algorithm”?

A reputation algorithm is any system that:

• Scores users or entities (trust score, seller rating)
• Ranks visibility (search ranking, feed ranking)
• Filters content (shadow bans, moderation suppression)
• Assigns credibility labels (“verified”, “risky”, “low quality”)
• Generates predictive reputation (fraud risk, trustworthiness)

Common examples include:

• Marketplace seller ratings
• Social media engagement ranking systems
• Search engine ranking systems
• Gig economy worker scoring systems
• Fraud risk scoring in fintech systems

In Denmark, these systems become legally sensitive when they:

• influence economic opportunity
• affect public reputation
• rely on personal data profiling

2. Why liability disputes arise in Denmark

Reputation algorithm disputes usually arise due to:

A. Hidden scoring logic

Users do not know why they were downgraded or suppressed.

B. Automated decision-making (GDPR Article 22)

Fully automated systems affecting individuals can be restricted.

C. Defamation-like effects

Algorithmic rankings can imply dishonesty or low trustworthiness.

D. Lack of transparency

Users cannot challenge or correct algorithmic reputation outcomes.

3. Legal framework in Denmark

These claims are governed by:

• GDPR (especially Articles 5, 6, 15, 22)
• Danish marketing and media liability principles
• Data protection enforcement by Datatilsynet
• EU Court of Justice jurisprudence (binding in Denmark)

4. Key case law shaping reputation algorithm liability (6+ cases)

Even though “reputation algorithm” is not a single legal category, EU case law on profiling, ranking, and automated processing directly governs these disputes.

(1) Google Spain

Principle:

Search engines are data controllers responsible for indexing personal information.

Relevance:

Search ranking algorithms directly affect reputation.

Impact:

• Individuals can demand de-ranking of harmful results
• Algorithmic visibility = legal responsibility

This is foundational for algorithmic reputation liability.

(2) Google LLC v CNIL

Principle:

Right to be forgotten does not automatically apply globally.

Relevance:

Reputation harm caused by algorithms must be balanced with jurisdictional limits.

Impact:

• Platforms must manage reputation correction requests in EU-specific contexts
• Algorithmic suppression disputes are geographically limited

(3) Wirtschaftsakademie Schleswig-Holstein

Principle:

Page administrators are joint controllers of analytics data.

Relevance:

Any entity benefiting from reputation analytics (engagement scores, page ranking) is responsible for data processing.

Impact:

• Businesses using engagement ranking tools may share liability
• Reputation metrics are legally “processed data”

(4) Fashion ID

Principle:

Embedding third-party tracking makes the host jointly responsible.

Relevance:

Websites using embedded rating systems or reputation widgets are jointly liable for:

• user profiling
• reputation scoring outcomes

(5) Schrems II

Principle:

Personal data transfers outside the EU require strict safeguards.

Relevance:

Reputation algorithms often rely on cloud-based AI systems outside the EU.

Impact:

• Algorithmic scoring systems hosted in the US can be unlawful without safeguards
• Reputation profiling datasets may be invalid if improperly transferred

(6) Meta Platforms Ireland v Bundeskartellamt

Principle:

Strict limits on combining datasets for profiling.

Relevance:

Reputation algorithms often combine:

• behavioral data
• social media activity
• transaction history

Impact:

• Cross-platform reputation scoring requires strong legal basis
• “Unified reputation scores” are highly regulated

(7) Orange România

Principle:

Consent must be freely given and specific.

Relevance:

Reputation systems cannot rely on bundled consent for:

• profiling
• scoring
• behavioral ranking

5. How Danish liability claims typically arise

Under enforcement practice by Datatilsynet, disputes usually follow this pattern:

Step 1: Reputation harm occurs

Examples:

• seller account downgraded
• user shadow-banned
• trust score reduced
• search ranking demoted

Step 2: User challenges algorithm

Claims include:

• “I was unfairly profiled”
• “No explanation given”
• “Automated decision harmed me economically”

Step 3: Legal assessment

Authorities examine:

• whether automated decision-making was used
• whether transparency was provided
• whether profiling was lawful

Step 4: Liability determination

Responsibility may fall on:

• platform operator (controller)
• data processor (AI vendor)
• joint controllers (embedded systems)

6. Core legal conflicts in reputation algorithm cases

1. Transparency vs trade secrets

Platforms argue algorithms are proprietary.

2. Automation vs human review

GDPR restricts fully automated harmful decisions.

3. Ranking vs defamation

Downranking can function as reputational harm.

4. Data combination risks

Cross-platform profiling increases liability exposure.

5. Cross-border AI systems

Cloud-based scoring tools complicate jurisdiction.

7. Danish legal conclusion

In Denmark:

Reputation algorithms are legally treated as profiling systems that can produce real-world legal harm, not neutral technical tools.

Under EU case law such as Google Spain and enforcement oversight by Datatilsynet, liability depends on whether:

• the system processes personal data
• the outcome affects rights or reputation
• the user has meaningful transparency and control

The key principle is:

If an algorithm shapes reputation in a way that affects access, visibility, or trust, it is legally accountable under GDPR and related liability doctrines.