The Big Data phenomenon first, and AI most recently, have significantly changed the way in which credit scoring takes place and creditworthiness is evaluated by lenders. Beside traditional credit data, the creation of consumers’ credit-scores now involves also non-traditional data and is based on the predictions that lenders can make on the basis of those data. The use of AI, coupled with the availability of extensive amounts of ‘alternative’ data, poses several questions as to the level of protection granted to consumers in relation to the discriminatory effects that an ungoverned used of such technology can generate. The article addresses the suitability of the Proposal for a new Directive on Consumer Credit to protect consumers that enter into credit agreements where access to credit is determined by AI-based credit scoring systems. In doing so, it also takes into consideration other rules within the EU legal framework that can provide, albeit indirectly, protection to consumers, such as antidiscrimination law and Article 22 of the GDPR. It concludes that in a technologically complicated scenario such as the one of AI credit scoring, consumers can be effectively protected only by introducing an ecosystem of rules that while empowering consumers also regulates the use of AI on the business side of the credit agreement.