Abstract
Since generally legal regulations do not provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. The adoption of standards could help create an argument of compliance in favour of the implementing party, provided there is a clear correspondence between the provisions of a specific standard and the regulation’s requirements. However, identifying such correspondences is a complex process which is complicated further by the fact that the established correlations may be overridden in time e.g., because newer court decisions change the interpretation of certain legal provisions. To help solve these problems, we present a framework that supports legal experts in recognizing correlations between provisions in a standard and requirements in a given law. The framework relies on state-of-the-art Natural Language Semantics techniques to process the linguistic terms of the two documents, and maintains a knowledge base of the logic representations of the terms, together with their defeasible correlations, both formal and substantive. An application of the framework is shown by comparing a provision of the European General Data Protection Regulation with the ISO/IEC 27018:2014 standard.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
- 2.
GDPR, Article 83.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
In this context, an event must not be considered as a specific occurrence happening at a given time, but as a wider concept encompassing the whole of the controller’s activity.
- 11.
ISO 27018, Article 0.1: “The cloud service customer, who has the contractual relationship with the public cloud PII processor, can range from a natural person, a ‘PII principal’, processing his or her own PII in the cloud, to an organization, a ‘PII controller’, processing PII relating to many PII principals”.
- 12.
References
Arora, C., Sabetzadeh, M., Briand, L.C., Zimmer, F.: Automated checking of conformance to requirements templates using natural language processing. IEEE Trans. Software Eng. 41(10), 944–968 (2015)
Athan, T., Boley, H., Governatori, G., Palmirani, M., Paschke, A., Wyner, A.: OASIS LegalRuleML. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law (ICAIL), pp. 3–12. Association for Computing Machinery (ACM), June 2013
Athan, T., Governatori, G., Palmirani, M., Paschke, A., Wyner, A.: LegalRuleML: design principles and foundations. In: Faber, W., Paschke, A. (eds.) Reasoning Web 2015. LNCS, vol. 9203, pp. 151–188. Springer, Cham (2015). doi:10.1007/978-3-319-21768-0_6
Bartolini, C., Muthuri, R., Santos, C.: Using ontologies to model data protection requirements in workflows. In: Proceedings of the 9th International Working on Juris-informatics (JURISIN). pp. 27–40, extended version to be published in LNAI book, November 2015
Benjamins, V.R., Casanovas, P., Breuker, J., Gangemi, A. (eds.): Law and the Semantic Web: Legal Ontologies, Methodologies, Legal Information Retrieval, and Applications. LNCS (LNAI), vol. 3369. Springer, Heidelberg (2005)
Boella, G., Di Caro, L., Humphreys, L., Robaldo, L., Rossi, R., van der Torre, L.: Eunomos, a legal document and knowledge management system for the web to provide relevant, reliable and up-to-date information on the law. Artificial Intelligence and Law to appear (2016)
Boella, G., Di Caro, L., Graziadei, M., Cupi, L., Salaroglio, C.E., Humphreys, L., Konstantinov, H., Marko, K., Robaldo, L., Ruffini, C., Simov, K., Violato, A., Stroetmann, V.: Linking legal open data: breaking the accessibility and language barrier in European legislation and case law. In: Proceedings of the 15th International Conference on Artificial Intelligence and Law. ICAIL 2015, pp. 171–175. ACM, New York (2015)
Boella, G., Di Caro, L., Rispoli, D., Robaldo, L.: A system for classifying multi-label text into eurovoc. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law. ICAIL 2013, pp. 239–240. ACM, New York (2013)
Copestake, A., Flickinger, D., Pollard, C., Sag, I.A.: Minimal recursion semantics: an introduction. Res. Lang. Comput. 3(2), 281–332 (2005)
Davidson, D.: The logical form of action sentences. In: Rescher, N. (ed.) The Logic of Decision and Action. University of Pittsburgh Press, Pittsburgh (1967)
De Hert, P., Papakonstantinou, V., Kamara, I.: The cloud computing standard ISO/IEC 27018 through the lens of the EU legislation on data protection. Comput. Law Secur. Rev. 32(1), 16–30 (2016)
Dimyadi, J., Governatori, G., Amor, R.: Evaluating legaldocml and legalruleml as a standard for sharing normative information in the AEC/FM domain. In: Proceedings of the Lean and Computing in Construction Congress (LC3) (to appear, 2017)
Giurgiu, A., Lommel, G.: A new approach to EU data protection. Crit. Q. Legislation Law 97(1), 10–27 (2014)
Governatori, G., Olivieri, F., Rotolo, A., Scannapieco, S.: Computing strong and weak permissions in defeasible logic. J. Philos. Logic 42(6), 799–829 (2013). http://dx.doi.org/10.1007/s10992-013-9295-1
Governatori, G., Rotolo, A., Sartor, G.: Deontic defeasible reasoning in legal interpretation. In: Atkinson, K. (ed.) The 15th International Conference on Artificial Intelligence & Law, San Diego, USA (2015)
Hansen, J.: Prioritized conditional imperatives: problems and a new proposal. Auton. Agent. Multi-Agent Syst. 17(1), 11–35 (2008)
Hobbs, J.R.: Toward a useful notion of causality for lexical semantics. J. Semant. 22, 181–209 (2005)
Hobbs, J.R.: Deep lexical semantics. In: Gelbukh, A. (ed.) CICLing 2008. LNCS, vol. 4919, pp. 183–193. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78135-6_16
Hobbs, J.: The logical notation: ontological promiscuity. In: Chapter 2 of Discourse and Inference (1998). http://www.isi.edu/~hobbs/disinf-tc.html
Horty, J.: Agency and Deontic Logic. Oxford University Press, New York (2001)
Horty, J.: Reasons as Defaults. Oxford University Press, New York (2012)
Jørgensen, J.: Imperatives and logic. Erkenntnis 7, 288–296 (1937)
Kamp, H., Reyle, U.: From Discourse to Logic: An Introduction to Model-Theoretic Semantics, Formal Logic and Discourse Representation Theory. Kluwer Academic Publishers, Dordrecht (1993)
Makinson, D., van der Torre, L.W.N.: Input/output logics. J. Philos. Logic 29(4), 383–408 (2000)
Makinson, D., van der Torre, L.: Permission from an input/output perspective. J. Philos. Logic 32, 391–416 (2003)
McCarthy, J.: Circumscription: A form of nonmonotonic reasoning. Artif. Intell. 13, 27–39 (1980)
van der Meyden, R.: The dynamic logic of permission. J. Logic Comput. 6, 465–479 (1996)
Mihalcea, R., Corley, C., Strapparava, C.: Corpus-based and knowledge-based measures of text semantic similarity. In: Proceedings of the 21st National Conference on Artificial Intelligence. AAAI 2006, vol. 1, pp. 775–780. AAAI Press (2006).http://dl.acm.org/citation.cfm?id=1597538.1597662
Parent, X.: Moral particularism in the light of deontic logic. Artif. Intell. Law 19(2–3), 75–98 (2011)
Reding, V.: The upcoming data protection reform for the European Union. Int. Data Priv. Law 1(1), 3–5 (2011)
Robaldo, L.: Independent set readings and generalized quantifiers. J. Philos. Logic 39(1), 23–58 (2010)
Robaldo, L.: Interpretation and inference with maximal referential terms. J. Comput. Syst. Sci. 76(5), 373–388 (2010)
Robaldo, L.: Distributivity, collectivity, and cumulativity in terms of (in)dependence and maximality. J. Logic, Lang. Inf. 20(2), 233–271 (2011)
Robaldo, L., Humphreys, L., Sun, L., Cupi, L., Santos, C., Muthuri, R.: Combining input/output logic and reification for representing real-world obligations. In: Post-proceedings of the 9th International Workiung on Juris-informatics. Lecture Notes in Artificial Intelligence (2016)
Robaldo, L., Miltsakaki, E.: Corpus-driven semantics of concession: where do expectations come from? Dialogue Discourse 5(1), 1–36 (2014)
Robaldo, L., Sun, X.: Reified input/output logic: Combining input/output logic and reification to represent norms coming from existing legislation. J. Logic Comput. (to appear, 2017)
Robaldo, L., Caselli, T., Russo, I., Grella, M.: From Italian text to TimeML document via dependency parsing. In: Gelbukh, A. (ed.) CICLing 2011. LNCS, vol. 6609, pp. 177–187. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19437-5_14
Schuler, K.K.: Verbnet: a broad-coverage, comprehensive verb lexicon. Ph.D. thesis, Philadelphia, PA, USA, aAI3179808(2005)
Sun, X., Robaldo, L.: On the complexity of input/output logic. J. Appl. Logic (to appear, 2017)
Vibert, H., Jouvelot, P., Pin, B.: Legivoc - connectings laws in a changing world. J. Open Access Law 1(1), 165–174 (2013)
Acknowledgments
This work is financed by the Luxembourg National Research Fund (FNR) CORE project C16/IS/11333956 “DAPRECO: DAta Protection REgulation COmpliance”. Robaldo has received funding from the EU Horizon 2020 Programme for Research and Innovation under the Marie Skłodowska-Curie grant agreement No. 690974 for the project “MIREL: MIning and REasoning with Legal texts”.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Bartolini, C., Giurgiu, A., Lenzini, G., Robaldo, L. (2017). Towards Legal Compliance by Correlating Standards and Laws with a Semi-automated Methodology. In: Bosse, T., Bredeweg, B. (eds) BNAIC 2016: Artificial Intelligence. BNAIC 2016. Communications in Computer and Information Science, vol 765. Springer, Cham. https://doi.org/10.1007/978-3-319-67468-1_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-67468-1_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67467-4
Online ISBN: 978-3-319-67468-1
eBook Packages: Computer ScienceComputer Science (R0)