A Compliance Mechanism for Planning in Privacy Domain Using Policies
Abstract
As more and more applications relying on the use and processing of personal data grow, privacy protection is becoming increasingly important. With the enforcement of the GDPR, such applications must guarantee compliance with the obligations set forth. Integrating a compliance checking mechanism with AI methods is helpful to fulfill this requirement. Toward this end, we investigate the GDPR automatic compliance checking using a planning system including personal data and an agent with actions that process data. We propose a modular framework that is capable to generate possible plans (sequence of data processing) to satisfy a given goal state, check the compliance of the plan with GDPR regulatory constraints, and provide explanation of missing obligations in case of a non-compliant. We use Answer Set Programming(ASP) and event calculus formalism to model the planning problem and make use of SPECIAL policy language as an existing work to translate GDPR requirements into ASP.
Origin | Files produced by the author(s) |
---|