Welcome to the second of my commentaries on GDPR which looks at the challenges and opportunities of “engineering” a robust and sustainable solution to its broad operational sphere of influence
Paragraph 2 of the GDPR regulation provides the top level summary albeit somewhat abstractly as :-
“The principles of, and rules on the protection of natural persons with regard to the processing of their personal data should, whatever their nationality or residence, respect their fundamental rights and freedoms, in particular their right to the protection of personal data.”
As such (and elaborated labouriously in its subsequent paragraphs) GDPR is very much a sustained safety case regulation based wholly on a set of abstract principles. NB The deadline for implementation is only the beginning of compliance not the end.
In a previous life I looked at the BCBS 239 regulation which is another example of a sustained data management regulation with no tangible comparable artefacts that enable regulators to measure compliance systematically – in that case I proposed an abstract system topology graph notation that would enable banks to provide comparable models of their risk architectures without getting into a swamp of Brand X vs Brand Y technology.
So how might we build a comparable model of “Safety” to capture the principles of GDPR and then measure an organisation’s adherence.
The good news is that such an approach already exists that has been proven in complex critical physical safety environments including Nuclear Energy and Aviation.
It is known as “Claims, Arguments, Evidence” and addresses issues such as :
Completeness – it is hard to judge :-
- … when evidence is distributed and diverse
- … when arguments are implicit
Rationale behind prescriptive requirements missing
Knowledge Imbalance – developers know more about their products than the regulators
The notions of “Evidence” and “Argument” are symbiotic:
The Supporting Evidence comprises:-
- Results of observing, analysing, testing, simulating and estimating the properties of a system that provide the fundamental information from which safety can be inferred
The High Level Argument provides :-
- Explanation of how the available evidence can be reasonably interpreted as indicating acceptable safety –
By demonstrating compliance with requirements,
- Sufficient mitigation / avoidance of hazards etc
- An Argument without Evidence is unfounded
- Evidence without an Argument is unexplained
But what about Claims ? – These are basically a means of collecting together a series of arguments – in GDPR’s case it is all the sub paragraphs beyond paragraph 2 that elaborate on that top level principle.
So how do we implement the Claims/Arguments/Evidence approach- essentially there are 2 approaches:-
Currently the most popular one is a “Pull” approach that takes the CAE graph and travereses it to test both structural integrity and the state of the evidence.
In future this approach will be inverted to a real time “Push” event based model using modern messaging protocols and distributed reactive flexible data model management technologies given the complexity and variability of the content.
The “exercise for the reader” in this chapter is to make the connection between using CAE notation for sustained GDPR and other regulatory challenges and its potential broader use as a way of making enterprise scale business architectures (in any industry context) real operational artefacts with line of sight all the way to the technical components they are founded on rather than “sketches in Powerpoint”.
Next time in part 3 we will look at the Controller and Processor in the world of GDPR and how the mechanisms that need to implement these key roles are key contributors of sustained evidence based compliance.
Rupert Brown is CTO of The Cyber Consultants. He has an unrivalled track record over 30 years in Banking IT comprising senior Strategic and Operational roles in Frontline Application Architecture, Development and Delivery as well as ground breaking Enterprise Technology Infrastructures. This has also been complemented by similar client facing leadership roles for Information Vendors and Silicon Valley “Unicorns”. He was formerly a Chief Architect at UBS and before that served in senior roles at Bank of America Merrill Lynch, Reuters, Paribas and Morgan Stanley.
This article was first published on Linkedin Pulse on 31st January 2017 and can be found here
The opinions expressed by guest bloggers are their views and do not necessarily reflect the opinions of Corix Partners.