Skip to main content

A Compliance Mechanism for Planning in Privacy Domain Using Policies

  • Conference paper
  • First Online:
New Frontiers in Artificial Intelligence (JSAI-isAI 2021)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 13856))

Included in the following conference series:

  • 266 Accesses

Abstract

As more and more applications relying on the use and processing of personal data grow, privacy protection is becoming increasingly important. With the enforcement of the GDPR, such applications must guarantee compliance with the obligations set forth. Integrating a compliance checking mechanism with AI methods is helpful to fulfill this requirement. Toward this end, we investigate the GDPR automatic compliance checking using a planning system including personal data and an agent with actions that process data. We propose a modular framework that is capable to generate possible plans (sequence of data processing) to satisfy a given goal state, check the compliance of the plan with GDPR regulatory constraints, and provide explanation of missing obligations in case of a non-compliant. We use Answer Set Programming(ASP) and event calculus formalism to model the planning problem and make use of SPECIAL policy language as an existing work to translate GDPR requirements into ASP.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://gitlab.lip6.fr/taheri/planning-compliance-mechanism-policies.git.

  2. 2.

    link to the documentations: https://specialprivacy.ercim.eu/platform/pilots-policies-and-the-formalization-of-the-gdpr.

References

  1. Agarwal, S., Steyskal, S., Antunovic, F., Kirrane, S.: Legislative compliance assessment: framework, model and GDPR instantiation. In: Medina, M., Mitrakas, A., Rannenberg, K., Schweighofer, E., Tsouroulas, N. (eds.) APF 2018. LNCS, vol. 11079, pp. 131–149. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-02547-2_8

    Chapter  Google Scholar 

  2. Bandara, A.K., Lupu, E.C., Russo, A.: Using event calculus to formalise policy specification and analysis. In: Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, pp. 26–39. IEEE (2003)

    Google Scholar 

  3. Berreby, F., Bourgne, G., Ganascia, J.-G.: A declarative modular framework for representing and applying ethical principles. In: 16th Conference on Autonomous Agents and MultiAgent Systems 2017)

    Google Scholar 

  4. Bonatti, P.A., Kirrane, S., Petrova, I.M., Sauro, L.: Machine understandable policies and GDPR compliance checking. KI-Künstliche Intelligenz 34(3), 303–315 (2020)

    Article  Google Scholar 

  5. De Vos, M., Padget, J., Satoh, K.: Legal modelling and reasoning using institutions. In: Onada, T., Bekki, D., McCready, E. (eds.) JSAI-isAI 2010. LNCS (LNAI), vol. 6797, pp. 129–140. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25655-4_12

    Chapter  Google Scholar 

  6. De Vos, M., Kirrane, S., Padget, J., Satoh, K.: ODRL policy modelling and compliance checking. In: Fodor, P., Montali, M., Calvanese, D., Roman, D. (eds.) RuleML+RR 2019. LNCS, vol. 11784, pp. 36–51. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-31095-0_3

    Chapter  Google Scholar 

  7. Gebser, M., Kaminski, R., Kaufmann, B., Schaub, T.: Clingo= asp+ control: preliminary report. arXiv preprint arXiv:1405.3694 (2014)

  8. Kowalski, R., Sergot, M.: A logic-based calculus of events. In: Schmidt, J.W., Thanos, C. (eds.) Foundations of Knowledge base Management, Topics in Information Systems, pp. 23–55. Springer, Berlin (1989)

    Google Scholar 

  9. Le Métayer, D., Rauzy, P.: Capacity: an abstract model of control over personal data. In: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy, pp. 64–75 (2018)

    Google Scholar 

  10. Lifschitz, V.: Answer Set Programming. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-24658-7

    Book  MATH  Google Scholar 

  11. Palmirani, M., Governatori, G., Rotolo, A., Tabet, S., Boley, H., Paschke, A.: LegalRuleML: XML-based rules and norms. In: Olken, F., Palmirani, M., Sottara, D. (eds.) RuleML 2011. LNCS, vol. 7018, pp. 298–312. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24908-2_30

    Chapter  Google Scholar 

  12. Palmirani, M., Martoni, M., Rossi, A., Bartolini, C., Robaldo, L.: Legal ontology for modelling GDPR concepts and norms. In: Legal Knowledge and Information Systems, pp. 91–100. IOS Press (2018)

    Google Scholar 

  13. Pandit, H.J., et al.: Creating a vocabulary for data privacy. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C.A., Meersman, R. (eds.) OTM 2019. LNCS, vol. 11877, pp. 714–730. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-33246-4_44

    Chapter  Google Scholar 

  14. Robaldo, L., Bartolini, C., Palmirani, M., Rossi, A., Martoni, M., Lenzini, G.: Formalizing GDPR provisions in reified i/o logic: the DAPRECO knowledge base. J. Logic Lang. Inf. 29(4), 401–449 (2020)

    Article  MathSciNet  MATH  Google Scholar 

  15. Shanahan, M.: The event calculus explained. In: Wooldridge, M.J., Veloso, M. (eds.) Artificial Intelligence Today. LNCS (LNAI), vol. 1600, pp. 409–430. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48317-9_17

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Yousef Taheri .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2023 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Taheri, Y., Bourgne, G., Ganascia, JG. (2023). A Compliance Mechanism for Planning in Privacy Domain Using Policies. In: Yada, K., Takama, Y., Mineshima, K., Satoh, K. (eds) New Frontiers in Artificial Intelligence. JSAI-isAI 2021. Lecture Notes in Computer Science(), vol 13856. Springer, Cham. https://doi.org/10.1007/978-3-031-36190-6_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-36190-6_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-36189-0

  • Online ISBN: 978-3-031-36190-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics