Skip to main content

Towards Legal Compliance by Correlating Standards and Laws with a Semi-automated Methodology

Part of the Communications in Computer and Information Science book series (CCIS,volume 765)

Abstract

Since generally legal regulations do not provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. The adoption of standards could help create an argument of compliance in favour of the implementing party, provided there is a clear correspondence between the provisions of a specific standard and the regulation’s requirements. However, identifying such correspondences is a complex process which is complicated further by the fact that the established correlations may be overridden in time e.g., because newer court decisions change the interpretation of certain legal provisions. To help solve these problems, we present a framework that supports legal experts in recognizing correlations between provisions in a standard and requirements in a given law. The framework relies on state-of-the-art Natural Language Semantics techniques to process the linguistic terms of the two documents, and maintains a knowledge base of the logic representations of the terms, together with their defeasible correlations, both formal and substantive. An application of the framework is shown by comparing a provision of the European General Data Protection Regulation with the ISO/IEC 27018:2014 standard.

Keywords

  • Legal compliance
  • Legal requirements
  • Security standards
  • General data protection regulation

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-67468-1_4
  • Chapter length: 16 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-67468-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   74.99
Price excludes VAT (USA)
Fig. 1.

Notes

  1. 1.

    Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

  2. 2.

    GDPR, Article 83.

  3. 3.

    https://info.openlaws.com/openlaws-eu/.

  4. 4.

    http://www.liviorobaldo.com/Prolemas.htm.

  5. 5.

    http://www.mirelproject.eu/.

  6. 6.

    http://www.akomantoso.org/.

  7. 7.

    http://eurocases.eu/.

  8. 8.

    http://www.akomantoso.org/.

  9. 9.

    https://www.oasis-open.org/committees/legalruleml.

  10. 10.

    In this context, an event must not be considered as a specific occurrence happening at a given time, but as a wider concept encompassing the whole of the controller’s activity.

  11. 11.

    ISO 27018, Article 0.1: “The cloud service customer, who has the contractual relationship with the public cloud PII processor, can range from a natural person, a ‘PII principal’, processing his or her own PII in the cloud, to an organization, a ‘PII controller’, processing PII relating to many PII principals”.

  12. 12.

    http://www.translationzone.com/products/trados-studio/.

References

  1. Arora, C., Sabetzadeh, M., Briand, L.C., Zimmer, F.: Automated checking of conformance to requirements templates using natural language processing. IEEE Trans. Software Eng. 41(10), 944–968 (2015)

    CrossRef  Google Scholar 

  2. Athan, T., Boley, H., Governatori, G., Palmirani, M., Paschke, A., Wyner, A.: OASIS LegalRuleML. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law (ICAIL), pp. 3–12. Association for Computing Machinery (ACM), June 2013

    Google Scholar 

  3. Athan, T., Governatori, G., Palmirani, M., Paschke, A., Wyner, A.: LegalRuleML: design principles and foundations. In: Faber, W., Paschke, A. (eds.) Reasoning Web 2015. LNCS, vol. 9203, pp. 151–188. Springer, Cham (2015). doi:10.1007/978-3-319-21768-0_6

    CrossRef  Google Scholar 

  4. Bartolini, C., Muthuri, R., Santos, C.: Using ontologies to model data protection requirements in workflows. In: Proceedings of the 9th International Working on Juris-informatics (JURISIN). pp. 27–40, extended version to be published in LNAI book, November 2015

    Google Scholar 

  5. Benjamins, V.R., Casanovas, P., Breuker, J., Gangemi, A. (eds.): Law and the Semantic Web: Legal Ontologies, Methodologies, Legal Information Retrieval, and Applications. LNCS (LNAI), vol. 3369. Springer, Heidelberg (2005)

    Google Scholar 

  6. Boella, G., Di Caro, L., Humphreys, L., Robaldo, L., Rossi, R., van der Torre, L.: Eunomos, a legal document and knowledge management system for the web to provide relevant, reliable and up-to-date information on the law. Artificial Intelligence and Law to appear (2016)

    Google Scholar 

  7. Boella, G., Di Caro, L., Graziadei, M., Cupi, L., Salaroglio, C.E., Humphreys, L., Konstantinov, H., Marko, K., Robaldo, L., Ruffini, C., Simov, K., Violato, A., Stroetmann, V.: Linking legal open data: breaking the accessibility and language barrier in European legislation and case law. In: Proceedings of the 15th International Conference on Artificial Intelligence and Law. ICAIL 2015, pp. 171–175. ACM, New York (2015)

    Google Scholar 

  8. Boella, G., Di Caro, L., Rispoli, D., Robaldo, L.: A system for classifying multi-label text into eurovoc. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law. ICAIL 2013, pp. 239–240. ACM, New York (2013)

    Google Scholar 

  9. Copestake, A., Flickinger, D., Pollard, C., Sag, I.A.: Minimal recursion semantics: an introduction. Res. Lang. Comput. 3(2), 281–332 (2005)

    CrossRef  Google Scholar 

  10. Davidson, D.: The logical form of action sentences. In: Rescher, N. (ed.) The Logic of Decision and Action. University of Pittsburgh Press, Pittsburgh (1967)

    Google Scholar 

  11. De Hert, P., Papakonstantinou, V., Kamara, I.: The cloud computing standard ISO/IEC 27018 through the lens of the EU legislation on data protection. Comput. Law Secur. Rev. 32(1), 16–30 (2016)

    CrossRef  Google Scholar 

  12. Dimyadi, J., Governatori, G., Amor, R.: Evaluating legaldocml and legalruleml as a standard for sharing normative information in the AEC/FM domain. In: Proceedings of the Lean and Computing in Construction Congress (LC3) (to appear, 2017)

    Google Scholar 

  13. Giurgiu, A., Lommel, G.: A new approach to EU data protection. Crit. Q. Legislation Law 97(1), 10–27 (2014)

    Google Scholar 

  14. Governatori, G., Olivieri, F., Rotolo, A., Scannapieco, S.: Computing strong and weak permissions in defeasible logic. J. Philos. Logic 42(6), 799–829 (2013). http://dx.doi.org/10.1007/s10992-013-9295-1

    MathSciNet  CrossRef  MATH  Google Scholar 

  15. Governatori, G., Rotolo, A., Sartor, G.: Deontic defeasible reasoning in legal interpretation. In: Atkinson, K. (ed.) The 15th International Conference on Artificial Intelligence & Law, San Diego, USA (2015)

    Google Scholar 

  16. Hansen, J.: Prioritized conditional imperatives: problems and a new proposal. Auton. Agent. Multi-Agent Syst. 17(1), 11–35 (2008)

    CrossRef  Google Scholar 

  17. Hobbs, J.R.: Toward a useful notion of causality for lexical semantics. J. Semant. 22, 181–209 (2005)

    CrossRef  Google Scholar 

  18. Hobbs, J.R.: Deep lexical semantics. In: Gelbukh, A. (ed.) CICLing 2008. LNCS, vol. 4919, pp. 183–193. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78135-6_16

    CrossRef  Google Scholar 

  19. Hobbs, J.: The logical notation: ontological promiscuity. In: Chapter 2 of Discourse and Inference (1998). http://www.isi.edu/~hobbs/disinf-tc.html

  20. Horty, J.: Agency and Deontic Logic. Oxford University Press, New York (2001)

    CrossRef  MATH  Google Scholar 

  21. Horty, J.: Reasons as Defaults. Oxford University Press, New York (2012)

    CrossRef  Google Scholar 

  22. Jørgensen, J.: Imperatives and logic. Erkenntnis 7, 288–296 (1937)

    Google Scholar 

  23. Kamp, H., Reyle, U.: From Discourse to Logic: An Introduction to Model-Theoretic Semantics, Formal Logic and Discourse Representation Theory. Kluwer Academic Publishers, Dordrecht (1993)

    Google Scholar 

  24. Makinson, D., van der Torre, L.W.N.: Input/output logics. J. Philos. Logic 29(4), 383–408 (2000)

    MathSciNet  CrossRef  MATH  Google Scholar 

  25. Makinson, D., van der Torre, L.: Permission from an input/output perspective. J. Philos. Logic 32, 391–416 (2003)

    MathSciNet  CrossRef  MATH  Google Scholar 

  26. McCarthy, J.: Circumscription: A form of nonmonotonic reasoning. Artif. Intell. 13, 27–39 (1980)

    MathSciNet  CrossRef  MATH  Google Scholar 

  27. van der Meyden, R.: The dynamic logic of permission. J. Logic Comput. 6, 465–479 (1996)

    MathSciNet  CrossRef  MATH  Google Scholar 

  28. Mihalcea, R., Corley, C., Strapparava, C.: Corpus-based and knowledge-based measures of text semantic similarity. In: Proceedings of the 21st National Conference on Artificial Intelligence. AAAI 2006, vol. 1, pp. 775–780. AAAI Press (2006).http://dl.acm.org/citation.cfm?id=1597538.1597662

  29. Parent, X.: Moral particularism in the light of deontic logic. Artif. Intell. Law 19(2–3), 75–98 (2011)

    CrossRef  Google Scholar 

  30. Reding, V.: The upcoming data protection reform for the European Union. Int. Data Priv. Law 1(1), 3–5 (2011)

    CrossRef  Google Scholar 

  31. Robaldo, L.: Independent set readings and generalized quantifiers. J. Philos. Logic 39(1), 23–58 (2010)

    MathSciNet  CrossRef  MATH  Google Scholar 

  32. Robaldo, L.: Interpretation and inference with maximal referential terms. J. Comput. Syst. Sci. 76(5), 373–388 (2010)

    MathSciNet  CrossRef  MATH  Google Scholar 

  33. Robaldo, L.: Distributivity, collectivity, and cumulativity in terms of (in)dependence and maximality. J. Logic, Lang. Inf. 20(2), 233–271 (2011)

    MathSciNet  CrossRef  MATH  Google Scholar 

  34. Robaldo, L., Humphreys, L., Sun, L., Cupi, L., Santos, C., Muthuri, R.: Combining input/output logic and reification for representing real-world obligations. In: Post-proceedings of the 9th International Workiung on Juris-informatics. Lecture Notes in Artificial Intelligence (2016)

    Google Scholar 

  35. Robaldo, L., Miltsakaki, E.: Corpus-driven semantics of concession: where do expectations come from? Dialogue Discourse 5(1), 1–36 (2014)

    Google Scholar 

  36. Robaldo, L., Sun, X.: Reified input/output logic: Combining input/output logic and reification to represent norms coming from existing legislation. J. Logic Comput. (to appear, 2017)

    Google Scholar 

  37. Robaldo, L., Caselli, T., Russo, I., Grella, M.: From Italian text to TimeML document via dependency parsing. In: Gelbukh, A. (ed.) CICLing 2011. LNCS, vol. 6609, pp. 177–187. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19437-5_14

    CrossRef  Google Scholar 

  38. Schuler, K.K.: Verbnet: a broad-coverage, comprehensive verb lexicon. Ph.D. thesis, Philadelphia, PA, USA, aAI3179808(2005)

    Google Scholar 

  39. Sun, X., Robaldo, L.: On the complexity of input/output logic. J. Appl. Logic (to appear, 2017)

    Google Scholar 

  40. Vibert, H., Jouvelot, P., Pin, B.: Legivoc - connectings laws in a changing world. J. Open Access Law 1(1), 165–174 (2013)

    Google Scholar 

Download references

Acknowledgments

This work is financed by the Luxembourg National Research Fund (FNR) CORE project C16/IS/11333956 “DAPRECO: DAta Protection REgulation COmpliance”. Robaldo has received funding from the EU Horizon 2020 Programme for Research and Innovation under the Marie Skłodowska-Curie grant agreement No. 690974 for the project “MIREL: MIning and REasoning with Legal texts”.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Cesare Bartolini .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Bartolini, C., Giurgiu, A., Lenzini, G., Robaldo, L. (2017). Towards Legal Compliance by Correlating Standards and Laws with a Semi-automated Methodology. In: Bosse, T., Bredeweg, B. (eds) BNAIC 2016: Artificial Intelligence. BNAIC 2016. Communications in Computer and Information Science, vol 765. Springer, Cham. https://doi.org/10.1007/978-3-319-67468-1_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67468-1_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67467-4

  • Online ISBN: 978-3-319-67468-1

  • eBook Packages: Computer ScienceComputer Science (R0)