Skip to main content
SpringerLink
Log in

Towards Automated GDPR Compliance Checking

  • Conference paper
  • First Online:
Trustworthy AI - Integrating Learning, Optimization and Reasoning (TAILOR 2020)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 12641))

Abstract

The GDPR is one of many legal texts which can greatly benefit from the support of automated reasoning. Since its introduction, efforts were made to formalize it in order to support various automated operations. Nevertheless, widespread and efficient automated reasoning over the GDPR has not yet been achieved. In this paper, a tool called the NAI suite is being used in order to annotate article 13 of the GDPR. The annotation results in a fully formalized version of the article, which deals with the transparency requirements of data collection and processing. Automated compliance checking is then being demonstrated via several simple queries. By using the public API of the NAI suite, arbitrary tools can use this procedure to support trust management and GDPR compliance functions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    European Commission, Independent High-Level Expert Group on Artificial Intelligence. Ethics Guidelines for Thrustworthy AI. https://ec.europa.eu/futurium/en/ai-alliance-consultation, April 2019.

  2. 2.

    COM(2018)237 and COM(2018)795.

  3. 3.

    https://eur-lex.europa.eu/eli/reg/2016/679/oj.

  4. 4.

    Please login to https://nai.uni.lu using the email address: gdpr@nai.lu and password: nai. Please note that this account is write protected and cannot be changed.

  5. 5.

    Please search for the text “statements51Formula” in https://raw.githubusercontent.com/dapreco/daprecokb/master/gdpr/rioKB_GDPR.xml, of a version no later than 11/2019.

  6. 6.

    https://github.com/normativeai/frontend/issues.

References

  1. Aucher, G., Berbinau, J., Morin, M.L.: Principles for a judgement editor based on binary decision diagrams. IfCoLog J. Log. Appl. 6(5), 781–815 (2019)

    MathSciNet  Google Scholar 

  2. Biagioli, C., Mariani, P., Tiscornia, D.: Esplex: a rule and conceptual model for representing statutes. In: Proceedings of the 1st International Conference on Artificial Intelligence and Law, pp. 240–251. ACM (1987)

    Google Scholar 

  3. Blanchette, J.C., Nipkow, T.: Nitpick: a counterexample generator for higher-order logic based on a relational model finder. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 131–146. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14052-5_11

    Chapter  Google Scholar 

  4. Boella, G., Di Caro, L., Humphreys, L., Robaldo, L., Rossi, P., van der Torre, L.: Eunomos, a legal document and knowledge management system for the web to provide relevant, reliable and up-to-date information on the law. Artif. Intell. Law 24(3), 245–283 (2016)

    Article  Google Scholar 

  5. Bouton, T., Caminha B. de Oliveira, D., Déharbe, D., Fontaine, P.: veriT: an open, trustable and efficient SMT-solver. In: Schmidt, R.A. (ed.) CADE 2009. LNCS (LNAI), vol. 5663, pp. 151–156. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02959-2_12

    Chapter  Google Scholar 

  6. de Bruin, H., Prakken, H., Svensson, J.S.: The use of legal knowledge-based systems in public administration: what can go wrong? In: Evaluation of Legal Reasoning and Problem-Solving Systems, pp. 14–16 (2003)

    Google Scholar 

  7. Governatori, G., Shek, S.: Regorous: a business process compliance checker. In: Proceedings of the 14th International Conference on Artificial Intelligence and Law, pp. 245–246. ACM (2013)

    Google Scholar 

  8. Groothuis, M.M., Svensson, J.S.: Expert system support and juridical quality. In: Proceedings of JURIX, vol. 110. IOS Press, Amsterdam (2000)

    Google Scholar 

  9. Hashmi, M., Governatori, G.: Norms modeling constructs of business process compliance management frameworks: a conceptual evaluation. Artif. Intell. Law 26(3), 251–305 (2018). https://doi.org/10.1007/s10506-017-9215-8

  10. Henrik, G., Wright, V.: Norm and action, a logical enquiry (1963)

    Google Scholar 

  11. Kifer, M.: Nonmonotonic reasoning in FLORA-2. In: Baral, C., Greco, G., Leone, N., Terracina, G. (eds.) LPNMR 2005. LNCS (LNAI), vol. 3662, pp. 1–12. Springer, Heidelberg (2005). https://doi.org/10.1007/11546207_1

    Chapter  MATH  Google Scholar 

  12. Kowalski, R., Satoh, K.: Obligation as optimal goal satisfaction. J. Philos. Logic 47(4), 579–609 (2018)

    Article  MathSciNet  Google Scholar 

  13. Libal, T., Pascucci, M.: Automated reasoning in normative detachment structures with ideal conditions. In: Proceedings of the Seventeenth International Conference on Artificial Intelligence and Law, pp. 63–72. ACM (2019)

    Google Scholar 

  14. Libal, T., Steen, A.: The NAI suite - drafting and reasoning over legal texts. In: JURIX (2019, to appear)

    Google Scholar 

  15. Libal, T., Steen, A.: NAI: the normative reasoner. In: ICAIL, pp. 262–263. ACM (2019)

    Google Scholar 

  16. Makinson, D., Van Der Torre, L.: Input/output logics. J. Philos. Logic 29(4), 383–408 (2000)

    Article  MathSciNet  Google Scholar 

  17. de Montety, C., Antignac, T., Slim, C.: GDPR modelling for log-based compliance checking. In: Meng, W., Cofta, P., Jensen, C.D., Grandison, T. (eds.) IFIPTM 2019. IAICT, vol. 563, pp. 1–18. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-33716-2_1

    Chapter  Google Scholar 

  18. Nanda, R., et al.: Concept recognition in European and national law. In: JURIX, pp. 193–198 (2017)

    Google Scholar 

  19. Oltramari, A., et al.: PrivOnto: a semantic framework for the analysis of privacy policies. Semant. Web 9(2), 185–203 (2018)

    Article  Google Scholar 

  20. Otten, J.: Implementing connection calculi for first-order modal logics. In: IWIL@ LPAR, pp. 18–32 (2012)

    Google Scholar 

  21. Otten, J.: MleanCoP: a connection prover for first-order modal logic. In: Demri, S., Kapur, D., Weidenbach, C. (eds.) IJCAR 2014. LNCS (LNAI), vol. 8562, pp. 269–276. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08587-6_20

    Chapter  Google Scholar 

  22. Palmirani, M., Governatori, G.: Modelling legal knowledge for GDPR compliance checking. In: JURIX, pp. 101–110 (2018)

    Google Scholar 

  23. Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: PrOnto: privacy ontology for legal reasoning. In: Kő, A., Francesconi, E. (eds.) EGOVIS 2018. LNCS, vol. 11032, pp. 139–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98349-3_11

    Chapter  Google Scholar 

  24. Pandit, H.J., Fatema, K., O’Sullivan, D., Lewis, D.: GDPRtEXT - GDPR as a linked data resource. In: Gangemi, A., et al. (eds.) ESWC 2018. LNCS, vol. 10843, pp. 481–495. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93417-4_31

    Chapter  Google Scholar 

  25. Raths, T., Otten, J.: The QMLTP library: Benchmarking theorem provers for modal logics. Technical report, University of Potsdam (2011)

    Google Scholar 

  26. Robaldo, L., Bartolini, C., Palmirani, M., Rossi, A., Martoni, M., Lenzini, G.: Formalizing GDPR provisions in reified I/O logic: the DAPRECO knowledge base. J. Logic Lang. Inf. 29, 401–449 (2020)

    Article  MathSciNet  Google Scholar 

  27. Sergot, M.J., Sadri, F., Kowalski, R.A., Kriwaczek, F., Hammond, P., Cory, H.T.: The British nationality act as a logic program. Commun. ACM 29(5), 370–386 (1986)

    Article  Google Scholar 

  28. Stamper, R.: LEGOL: modelling legal rules by computer. Computer Science and Law, pp. 45–71 (1980)

    Google Scholar 

  29. Suda, M., Weidenbach, C.: A PLTL-prover based on labelled superposition with partial model guidance. In: Gramlich, B., Miller, D., Sattler, U. (eds.) IJCAR 2012. LNCS (LNAI), vol. 7364, pp. 537–543. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31365-3_42

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Luxembourg University, Esch-sur-Alzette, Luxembourg

    Tomer Libal

Authors
  1. Tomer Libal
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tomer Libal .

Editor information

Editors and Affiliations

  1. Department of Computer and Information Science, Linköping University, Linköping, Sweden

    Fredrik Heintz

  2. ALMA-AI Research Institute on Human-Centered AI, University of Bologna, Bologna, Italy

    Michela Milano

  3. Department of Computer Science, University College Cork, Cork, Ireland

    Barry O'Sullivan

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Libal, T. (2021). Towards Automated GDPR Compliance Checking. In: Heintz, F., Milano, M., O'Sullivan, B. (eds) Trustworthy AI - Integrating Learning, Optimization and Reasoning. TAILOR 2020. Lecture Notes in Computer Science(), vol 12641. Springer, Cham. https://doi.org/10.1007/978-3-030-73959-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-73959-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-73958-4

  • Online ISBN: 978-3-030-73959-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation