Artificial intelligence in educational games and consent under general data protection regulation
Eirini Mougiakou, Spyros Papadimitriou, Konstantina Chrysafiadi, Maria Virvou
Intelligent Decision Technologies, 18 March 2025
Abstract
As Artificial Intelligence becomes increasingly integrated into educational games, conforming with the General Data Protection Regulation (GDPR)—a legal framework governing data protection and privacy in the European Union—remains an important yet complex challenge, particularly when minors are involved. Users are required to provide consent multiple times, often unexpectedly, at different game levels. This process is further complicated by the varying durations for which consent remains valid. As a result, users—especially minors—may become confused about the consent they have given. Additional concerns arise when the educational game is AI-equipped. If AI is not involved, no new data is generated. However, if AI is present, new data is continuously produced, necessitating ongoing consent. For example, a user may consent to personalisation, which could lead the game to categorise them in unintended ways, such as labelling them a ‘poor student’. This paper explores GDPR challenges in AI-empowered educational games, focusing on user consent, AI-inferred data, and compliance gaps. Intelligent educational games rely on adaptive decision-making algorithms to personalise learning experiences, making them a subset of Intelligent Decision Technologies. Our research is based on a fuzzy-based educational game developed as a testbed for studying GDPR compliance in AI-driven decision-making. The findings provide insights into ethical AI governance, dynamic consent management, and the intersection of regulatory compliance with adaptive, data-driven decision systems in intelligent educational technologies. Based on our research, not all personal data exist from the beginning and upon original consent granting, as personal data are also generated throughout the process.
Editor’s note: we recognise that the proposals in this article are at odds with a number of regulatory structures.
Center for Informed Consent Integrity 