18 research outputs found
Spent convictions and the architecture for establishing legal semantic workflows
This research was partially funded by the Data to Decisions Cooperative Research Centre (D2D CRC, Australia), and Meta-Rule of Law (DER2016- 78108-P, Spain)Operating within the Data to Decision Cooperative Research Centre (D2D CRC), the authors are currently involved in the Integrated Law Enforcement program and the Compliance through Design project. These have the goal of developing a federated data platform for law enforcement agencies that will enable the execution of integrated analytics on data accessed from different external and internal sources, thereby providing effective support to an investigator or analyst working to evaluate evidence and manage lines of inquiries in an investigation. Technical solutions should also operate ethically, in compliance with the law and subject to good governance principles. This paper is focused on the Australian spent convictions scheme, which provide use cases to test the platform
Compliance checking in reified IO logic via SHACL
Reified Input/Output (I/O) logic[21] has been recently proposed to model real-world norms in terms of the logic in [11]. This is massively grounded on the notion of reification, and it has specifically designed to model meaning of natural language sentences, such as the ones occurring in existing legislation. This paper presents a methodology to carry out compliance checking on reified I/O logic formulae. These are translated in SHACL (Shapes Constraint Language) shapes, a recent W3C recommendation to validate and reason with RDF triplestores. Compliance checking is then enforced by validating RDF graphs describing states of affairs with respect to these SHACL shapes
Machine Understandable Policies and GDPR Compliance Checking
The European General Data Protection Regulation (GDPR) calls for technical
and organizational measures to support its implementation. Towards this end,
the SPECIAL H2020 project aims to provide a set of tools that can be used by
data controllers and processors to automatically check if personal data
processing and sharing complies with the obligations set forth in the GDPR. The
primary contributions of the project include: (i) a policy language that can be
used to express consent, business policies, and regulatory obligations; and
(ii) two different approaches to automated compliance checking that can be used
to demonstrate that data processing performed by data controllers / processors
complies with consent provided by data subjects, and business processes comply
with regulatory obligations set forth in the GDPR
OPPO: An Ontology for Describing Fine-Grained Data Practices in Privacy Policies of Online Social Networks
Privacy policies outline the data practices of Online Social Networks (OSN)
to comply with privacy regulations such as the EU-GDPR and CCPA. Several
ontologies for modeling privacy regulations, policies, and compliance have
emerged in recent years. However, they are limited in various ways: (1) they
specifically model what is required of privacy policies according to one
specific privacy regulation such as GDPR; (2) they provide taxonomies of
concepts but are not sufficiently axiomatized to afford automated reasoning
with them; and (3) they do not model data practices of privacy policies in
sufficient detail to allow assessing the transparency of policies. This paper
presents an OWL Ontology for Privacy Policies of OSNs, OPPO, that aims to fill
these gaps by formalizing detailed data practices from OSNS' privacy policies.
OPPO is grounded in BFO, IAO, OMRSE, and OBI, and its design is guided by the
use case of representing and reasoning over the content of OSNs' privacy
policies and evaluating policies' transparency in greater detail.Comment: 14 Pages, 6 figures, Ontology Showcase and Demonstrations Track, 9th
Joint Ontology Workshops (JOWO 2023), co-located with FOIS 2023, 19-20 July,
2023, Sherbrooke, Quebec, Canad
ODRL Policy Modelling and Compliance Checking
This paper addresses the problem of constructing a policy pipeline that enables compliance checking of business processes against regulatory obligations. Towards this end, we propose an Open Digital Rights Language (ODRL) profile that can be used to capture the semantics of both business policies in the form of sets of required permissions and regulatory requirements in the form of deontic concepts, and present their translation into Answer Set Programming (via the Institutional Action Language (InstAL)) for compliance checking purposes. The result of the compliance checking is either a positive compliance result or an explanation pertaining to the aspects of the policy that are causing the noncompliance. The pipeline is illustrated using two (key) fragments of the General Data Protect Regulation, namely Articles 6 (Lawfulness of processing) and Articles 46 (Transfers subject to appropriate safeguards) and industrially-relevant use cases that involve the specification of sets of permissions that are needed to execute business processes. The core contributions of this paper are the ODRL profile, which is capable of modelling regulatory obligations and business policies, the exercise of modelling elements of GDPR in this semantic formalism, and the operationalisation of the model to demonstrate its capability to support personal data processing compliance checking, and a basis for explaining why the request is deemed compliant or not
That's Mine! Learning Ownership Relations and Norms for Robots
The ability for autonomous agents to learn and conform to human norms is
crucial for their safety and effectiveness in social environments. While recent
work has led to frameworks for the representation and inference of simple
social rules, research into norm learning remains at an exploratory stage.
Here, we present a robotic system capable of representing, learning, and
inferring ownership relations and norms. Ownership is represented as a graph of
probabilistic relations between objects and their owners, along with a database
of predicate-based norms that constrain the actions permissible on owned
objects. To learn these norms and relations, our system integrates (i) a novel
incremental norm learning algorithm capable of both one-shot learning and
induction from specific examples, (ii) Bayesian inference of ownership
relations in response to apparent rule violations, and (iii) percept-based
prediction of an object's likely owners. Through a series of simulated and
real-world experiments, we demonstrate the competence and flexibility of the
system in performing object manipulation tasks that require a variety of norms
to be followed, laying the groundwork for future research into the acquisition
and application of social norms.Comment: 9 pg., 2 fig., accepted for AAAI-2019. Video demo:
https://bit.ly/2z8obET GitHub: https://github.com/OwnageBot/ownage_bo
Modelling and accessing regulatory knowledge for computer-assisted compliance audit
The ingredients for an effective automated audit of a building design include a building model containing the design information, a computerised regulatory knowledge model, and a practical method of processing these computable representations. There have been numerous approaches to computer-aided compliance audit in the AEC/FM domain over the last four decades, but none has yet evolved into a practical solution. One reason is that they have all been isolated attempts that lack any form of industry-wide standardisation. The current research project, therefore, focuses on investigating the use of the industry standard building information model and the adoption of open standard legal knowledge interchange and executable workflow models for automating conventional compliant design processes. This paper provides a non-exhaustive overview of common approaches to model and access regulatory knowledge for a compliance audit. The strengths and weaknesses of two comparative open standard knowledge representation approaches are discussed using an example regulatory document
Efficient compliance checking of RDF data
Automated compliance checking, i.e. the task of automatically assessing whether states of affairs comply with normative systems, has recently received a lot of attention from the scientific community, also as a consequence of the increasing investments in Artificial Intelligence technologies for the legal domain (LegalTech). The authors of this paper deem as crucial the research and implementation of compliance checkers that can directly process data in RDF format, as nowadays more and more (big) data in this format are becoming available worldwide, across a multitude of different domains. Among the automated technologies that have been used in recent literature, to the best of our knowledge, only two of them have been evaluated with input states of affairs encoded in RDF format. This paper formalizes a selected use case in these two technologies and compares the implementations, also in terms of simulations with respect to shared synthetic datasets
Semantic Business Process Regulatory Compliance Checking Using LegalRuleML
International audienceLegal documents are the source of norms, guidelines, and rules that often feed into different applications. In this perspective, to foster the need of development and deployment of different applications, it is important to have a sufficiently expressive conceptual framework such that various heterogeneous aspects of norms can be modeled and reasoned with. In this paper, we investigate how to exploit Semantic Web technologies and languages, such as LegalRuleML, to model a legal document. We show how the semantic annotations can be used to empower a business process (regulatory) compliance system and discuss the challenges of adapting a semantic approach to legal domain