Self-response: the article does consider this (section 6), argues that the exceptions to restrictions on the use of publicly available data in GDPR are exactly in places where it makes sense to prevent AI usage, and further argues it makes sense to consider AI profiling a more severe breach because of the higher potential for harm.