Machine Understandable Policies and GDPR Compliance Checking

Ea ch process description is shaped like a formalized business policy consisting of the following set of features: - the file(s) to be processed; - the software that carries out the processing; - the purpose of the processing; - the entities that can access the results of the processing; - the details of where the results are stored and for how long; - the obligations that are fulfilled while (or before) carrying out the processing; - the legal basis of the processing. It is not hard to see that the first five elements in the above list match SPECIAL's usage policy language (UPL) introduced in Section 3. As far as the above elements are concerned, the only difference between UPL expressions and a business policy is the granularity of attribute values. Fo r example, the involved data (specified in the first element of the above list) are not expressed as a general, content-oriented category, but rather as a concrete set of data sourc es or data items. Such objects can be modeled as instances or subclasses of the general data categories illustrated in Section 3, thereby creating a link between digital artifacts and usage policies. Similar considerations hold for the other a t-tributes: - processing is not necessarily described in the abstract terms adopted by the processing vocabulary introduced in Section 3; in a business policy, this can be specified by naming concrete software procedures; - the purpose of data processing may be directly related to the data controller's mission and products; - recipients may consist of a concrete list of legal and/or physical persons, as opposed to general categories such as Ours or ThirdParty; - storage may be specified by a list of specific data repositories, at the level of files and hosts. With this level of granularity, specific authorizations can be derived from the business policy, for example: The indicated software procedure can read the indicated data sources. The results can be written in the specified repositories. The specified recipients can read the repositories...