Abstract. Since generally legal regulations do not provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. The adoption of standards could help create an argument of compliance in favour of the implementing party, provided there is a clear correspondence between the provisions of a specific standard and the regulation's requirements. However, identifying such correspondences is a complex process which is complicated further by the fact that the established correlations may be overridden in time e.g., because newer court decisions change the interpretation of certain legal provisions. To help solve these problems, we present a framework that supports legal experts in recognizing correlations between provisions in a standard and requirements in a given law. The framework relies on state-of-the-art Natural Language Semantics techniques to process the linguistic terms of the two documents, and maintains a knowledge base of the logic representations of the terms, together with their defeasible correlations, both formal and substantive. An application of the framework is shown by comparing a provision of the European General Data Protection Regulation with the ISO/IEC 27018:2014 standard.
Safeguarding the rights of the citizens to the protection of their personal data in an era of nearly ubiquitous computing has become increasingly challenging. National data protection authorities (DPAs), central actors in the data protection landscape, face a difficult task when fulfilling their missions and acting as guardians of these rights under the provisions of the outdated Directive 95/46/EC. Critical decisions of the Court of Justice of the European Union illustrate the challenge of 'stretching' the provisions regarding the powers and competences of DPAs under the Directive to make them applicable to current data processing realities. The article points out the existing problems under the current framework with regard to powers and competence of DPAs and examines if and to what extent they are mended by the General Data Protection Regulation (GDPR). It analyses substantive and procedural aspects of the new cooperation model under the one-stop-shop and consistency mechanisms and discusses whether and how these new tools successfully contribute to solve existing problems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.