The use of artificial intelligence (AI) and other algorithmic systems in recruitment may offer employers cost and efficiency benefits. However, the use of such algorithmic recruitment systems (ARS) introduces significant legal challenges and risks, particularly where ARSs support or automate decision-making. Despite increasing regulatory and scholarly attention, a comprehensive and systematic legal analysis of how EU legislation constrains and shapes the use of ARSs and protects job applicants from associated risks had not been conducted. This dissertation addresses that gap by examining two research questions. First, this dissertation examines how EU legislation constrains and shapes employers’ use of ARSs that involve AI and algorithmic decision-making. Second, it analyses what legal safeguards EU legislation provides to protect job applicants against data protection infringements and discrimination arising from the use of such ARSs, and assesses their adequacy. Drawing on the findings, I argue that despite the multiple constraints and conditions imposed on employers’ use of ARSs, the EU level legal framework is inadequate to protect job applicants from the risks posed by ARSs that involve AI or algorithmic decision-making. The inadequacy stems primarily from vague legal parameters, limited ex-ante oversight, structural barriers to enforcement by job applicants, and inherent limitations of available remedies. This dissertation adopts a primarily legal dogmatic approach, interpreting and systematising relevant provisions across multiple EU legal instruments. This analysis produces a framework of key legal parameters for ARS use, categorising applicable norms into bans, obligations, specific duties and actionable rights. The framework reveals that only a few specific ARS use cases are categorically banned, such as social scoring in AI-based recruitment systems. Most ARSs remain permissible but are subject to multiple vague legal parameters concerning data protection, non-discrimination and transparency. While the vaguely formulated legal parameters grant employers considerable leeway in deploying ARSs, they also create significant uncertainty, making it challenging for employers to ensure compliance with EU legislation. However, even if the legal parameters were clear, ensuring compliance could be difficult as the ARSs are complex and opaque, and employers may struggle to sufficiently understand and affect their workings to adhere to the legal parameters. These compliance difficulties pose risks to employers, as sanctions for non-compliance may be substantial. However, under the current legal framework, there is no systematic ex-ante oversight of ARSs, which emphasises the role of ex-post enforcement. If supervisory authorities do not have sufficient resources to investigate ARSs and enforce the legislation, the primary responsibility for detecting faults and breaches and making employers accountable for those falls on job applicants and the organisations representing them. Yet, the ex-post enforcement faces several obstacles. Due to the vague legal parameters and limited access to unmediated information about the ARSs, job applicants often lack the information needed to detect rights violations. Even when rights infringements are suspected, proving such allegations in judicial proceedings poses a further challenge. The modest probability of successful enforcement also weakens the deterrent effect of the legal parameters in practice, reducing employers’ incentive to ensure compliance and leaving job applicants with limited assurance that the legal parameters will be observed. Judicial interpretation of the existing legal framework could partially mitigate the problems job applicants face. Courts could, for instance, shift the burden of proof to the employer at a lower evidentiary threshold where the ARS used is opaque and technically complex. Such interpretations could also strengthen the preventive effects of the legislation by creating incentives for employers to deploy more transparent and compliant systems or, in extreme cases, to refrain from using certain ARSs altogether. The interpretative solutions, however, are contingent on applicants’ ability to initiate proceedings in the first place and do not resolve the limitations of the available remedies. Even where a violation is successfully demonstrated, the available remedies may amount to only monetary compensation, while the loss of a job opportunity remains irreversible. Taken together, these findings indicate that the EU’s legal framework concerning the use of ARSs creates compliance challenges for employers and leaves job applicants insufficiently protected. While employers’ compliance challenges could be alleviated by future case law and guidance from authorities, adequate protection for job applicants would require further legislative development. In the meantime, the framework of key legal parameters serves as a practical tool to help various stakeholders navigate the fragmented, constantly evolving regulatory environment surrounding ARSs.