JustAct+: Justified and Accountable Actions in Policy-Regulated, Multi-Domain Data Processing

Inter-organisational data exchange is regulated by norms originating from sources ranging from (inter)national laws, to processing agreements, and individual consent. Verifying norm compliance is complex because laws (e.g., GDPR) distribute responsibility and require accountability. Moreover, in some application domains (e.g., healthcare), privacy requirements extend the norms (e.g., patient consent). In contrast, existing solutions such as smart contracts, access- and usage-control assume policies to be public, or otherwise, statically partition policy information at the cost of accountability and flexibility. Instead, our framework prescribes how decentralised agents justify their actions with policy fragments that the agents autonomously create, gossip, and assemble. Crucially, the permission of actions is always reproducible by any observer, even with a partial view of all the dynamic policies. Actors can be sure that future auditors will confirm their permissions. Systems centralise control by (re)configuring externally synchronised agreements, the bases of all justifications. As a result, control is centralised only to the extent desired by the agents. In this paper, we define the JustAct framework, detail its implementation in a particular data-processing system, and design a suitable policy language based on logic programming. A case study reproduces Brane - an existing policy-regulated, inter-domain, medical data processing system - and serves to demonstrate and assess the qualities of the framework.