=Paper=
{{Paper
|id=Vol-3637/paper17
|storemode=property
|title=Legal Design through Business Process Model and Notation (BPMN): a Digital Services
Act case-study
|pdfUrl=https://ceur-ws.org/Vol-3637/paper17.pdf
|volume=Vol-3637
|authors=Davide Audrito,Andrea Filippo Ferraris
|dblpUrl=https://dblp.org/rec/conf/jowo/AudritoF23
}}
==Legal Design through Business Process Model and Notation (BPMN): a Digital Services
Act case-study==
https://ceur-ws.org/Vol-3637/paper17.pdf
Legal Design through Business Process Model and
Notation (BPMN): a Digital Services Act Case-Study
Davide Audrito* 1 , Andrea Filippo Ferraris* 2
1
Legal Studies Department, University of Bologna, Via Zamboni 27, Bologna, 40126, Italy
2
Law Department, University of Turin, Lungo Dora Siena 100/A, Torino, 10154, Italy
Abstract
Legal Design represents a well-rooted research area at the crossroads of law, design and computer-science,
which plays a significant role in the clarification and accessibility of legal sources. This research work
shows that legal design fosters the ability of economic operators, including private citizens, public
administrations and companies, to conform to manifold legislative requirements arising from multi-
level legal orders. To achieve this objective, we rely on the Business Process Model and Notation
(BPMN) standard to represent a core provision of the so-called Digital Services Act (DSA). Building on
a preliminary first-stage research work, we model a second normative requirement of the DSA with a
view to showcase the potential role of BPMN in legal education.
Keywords
Legal Design, Legal Compliance, Business Process Model and Notation, Digital Services Act
1. Introduction
The principle of normativity posits that legal norms emerge from a legitimate process orches-
trated by authorized entities. Such laws are targeted towards one or several agents, often denoted
as personas, who can assimilate the normative content and freely elect to conform to or defy the
prescribed regulations [12], a notion underpinned by the principle of self-determination [17].
Nevertheless, complications surface when individual actors, whether natural or legal entities,
lack genuine comprehension of the obligations imposed by law. This can largely be attributed
to the intricacies of legal jargon, colloquially termed "legalese", recognized for its complexity,
verbosity, and extreme specificity [4].
Conversely, visual representation possesses the potential to enrich comprehension and
understanding of intricate legal notions [15]. By harnessing the capacity of legal design methods,
instruments, doctrines, and visual illustrations, we stand to enhance the conveyance of legal
information and foster superior interactions between citizens and legal frameworks.
*
All authors have contributed equally. 2nd International Workshop on Knowledge Management and Process Mining
for Law (KM4LAW), 9th Joint Ontology Workshops (JOWO 2023), co-located with FOIS 2023, 19-20 July, 2023,
Sherbrooke, Québec, Canada
$ davide.audrito2@unibo.it (D. Audrito* ); andreafilippo.ferraris@unito.it (A. F. Ferraris* )
https://www.unibo.it/sitoweb/davide.audrito2 (D. Audrito* )
� 0000-0002-9239-5358 (D. Audrito* ); 0009-0004-7487-5560 (A. F. Ferraris* )
© 2023 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR
Workshop
Proceedings
http://ceur-ws.org
ISSN 1613-0073 CEUR Workshop Proceedings (CEUR-WS.org)
CEUR
ceur-ws.org
Workshop ISSN 1613-0073
Proceedings
� For the efficacy of the legal design methodology, it is imperative to maintain uniformity across
legal knowledge, graphical depictions, textual representation, and design attributes. As such,
it becomes crucial to confirm that legal design models adhere to the principles of normativity
[16] and explicability [9], thereby ensuring the effective dissemination and comprehension of
legal norms.
Building on the principle of normativity, our research aims to model the provisions outlined
in Regulation (EU) 2022/2065, also known as the Digital Services Act (DSA). This regulation
was adopted in October 2022 and will come into effect in early 2024 (see Section 3). Our
objective is to reframe the normative contents of the DSA using the Business Process Model and
Notation (BPMN) standard. This will help providers of intermediary services (PISs), or personas,
understand and comply with the new obligations. Our research work demonstrates that legal
design methods such as BPMN are valuable in facilitating the transmission of legal information
without the risk of misleading non-experts by neglecting the principle of normativity.
2. Relevant Work
Legal informatics is engaged with Artificial Intelligence techniques [23], network analysis
[20, 22], ontologies [2], and other research areas. The legal design methodology has been
rising over the last decades, both on the side of theoretical studies [19, 7] and in the framework
of applied works and projects [6, 8], so that nowadays it can be considered an autonomous
discipline.
2.1. Legal Design
Today’s complex and constantly evolving regulatory landscape presents significant challenges
for businesses, with a wide array of intricate legal obligations often leading to confusion, non-
compliance, and possible legal repercussions. However, the use of legal design principles and
visualization techniques offers a promising solution by enhancing businesses’ grasp of their
legal duties and guiding them more efficiently [24, 10].
Margaret Hagan defines legal design as a user-oriented approach to the legal field, aiming
to create more accessible, efficient, and satisfying legal systems and services [11]. This is
achieved through a combination of legal design methods, tools, and visual aids that improve
the transmission of legal information and facilitate smoother interactions between people and
the legal systems they engage with.
A striking example of legal design’s potential to effect change and promote social justice
can be seen in the work of Candy Chang with The Street Vendor Project and the Center for
Urban Pedagogy. Their pioneering guide, "Vendor Power" [25], shows how legal design can
simplify complex legal rules into easy-to-understand visual diagrams for street vendors. The
guide, available in several languages, helps vendors better understand their rights and comply
with relevant laws more easily.
Furthermore, the inclusion of personal stories in the guide highlights the crucial role of
community engagement in legal design initiatives [3]. This holistic approach not only increases
the accessibility of legal information but also fosters a sense of inclusivity and empowers people
to actively participate in shaping the legal frameworks that directly affect their lives.
� In Finland, legal design has been strategically employed by the Finland Arbitration Institute
(FAI), in collaboration with Dottir Attorneys and design agency Hellon. They have created an
interactive FAI Arbitration Process flowchart, transforming complex arbitration procedures
into understandable, usable information, thereby promoting transparency and boosting user
engagement. The joint project demonstrates how legal design can enable clearer communication
in the legal sphere, promote innovative problem-solving, and emphasize a more user-centered
approach.
Legal design, through its user-friendly visual aids and effective storytelling, serves as a critical
tool in bridging the gap between the complexities of legal requirements and people’s ability to
proficiently navigate them [24, 10]. This contributes to a more equal and inclusive society.
By converting complex legal rules into simple, accessible visual diagrams, legal design gives
businesses a clear, comprehensive view of their regulatory environment. This clarity promotes a
deeper understanding of industry-specific legal requirements, reducing confusion and lowering
the risk of non-compliance [21]. Presenting information in multiple languages ensures that
legal design remains inclusive and accessible to businesses operating in diverse contexts and
global markets[18].
2.2. Business Process Model and Notation (BPMN) for Law
The use of the BPMN standard has proven to be highly effective in modeling legal knowledge,
tasks, and processes[5]. By visually representing business workflows, BPMN helps businesses
gain a better understanding of their operations and identify areas for improvement[14]. Legal
professionals have embraced BPMN to illustrate various legal processes, including contract
review and approval workflows.
However, relying solely on BPMN may not fully address the challenge of making legal
compliance more accessible for businesses. To overcome this limitation, the integration of
legal design principles is key. Legal design complements BPMN by providing visually intuitive
representations of legal rules and requirements in a user-friendly format.
Through the application of legal design, legal professionals can create clear and easily under-
standable visualizations of legal processes and obligations. This enables businesses to grasp
their regulatory responsibilities more effectively and take the necessary steps to comply. By
incorporating design principles that prioritize clarity and accessibility, legal design enhances
the usability of legal information for businesses.
The combination of BPMN and legal design offers a comprehensive approach to legal com-
pliance. By leveraging the insights provided by BPMN and the user-centric approach of legal
design, businesses can gain a holistic understanding of their legal requirements. This empowers
them to identify potential gaps in their processes and proactively ensure compliance.
Ultimately, the integration of BPMN and legal design enables businesses to navigate the
regulatory landscape with greater ease. By enhancing clarity and accessibility, businesses can
minimize the risk of non-compliance and confidently adhere to legal obligations.
�3. Methodology
The Digital Services Act (DSA) establishes a single market for digital services by enshrining
clear responsibilities and accountability for providers of intermediary services (PISs), including
social media, e-commerce platforms, very large online platforms (VLOPs) and very large online
search engines (VLOSEs).
In order to improve the understandability of the obligations enshrined in the DSA and
addressed to PISs, we have built on the legal design methodological framework outlined in a
preliminary research article[1]:
1. Legal analysis of the textual source based on the theory of law and, where applicable, the
philosophy of law and related disciplines.
2. Application of the Business Process Model and Notation (BPMN) standard for the formal-
ization of legal knowledge. This method improves the visualization and explainability
of legal processes, while ensuring the machine-readability of the output file, i.e. in
XML format. The BPMN standard was implemented through the freely available editor
BPMN.iO1 .
3. Interpretation of the results, possibly assessed empirically and with different methods,
including indexes and questionnaires.
4. Results
In this section, we show the results of this second-stage research work. Besides the modelling
of the normative contents enshrined in Article 14, we showcase the BPMN representation of a
second normative requirement, namely Article 10 DSA.
4.1. Legal Analysis of the Text Sources
The Digital Services Act (DSA), adopted on November 16, 2022, represents a significant milestone
in Information Society Services liability. It is a progressive update to the regulatory framework
established by the European Union directive 31/2000, also known as the e-commerce directive.
This self-executing regulation has direct and binding authority over EU individuals, companies,
and member states in relation to their respective domains.
Article 14 of the DSA focuses on the requirements imposed on providers of intermediary
services (PISs) when formulating the terms and conditions of their services. While the DSA
contains various provisions, Article 14 stands out as it specifically addresses the criteria that
apply to PISs in their contractual arrangements. Therefore, this article is a relevant benchmark
for the application of legal design using the Business Process Model and Notation (BPMN)
methodology, considering its wording and implications.
Indeed, Article 14 DSA entirely relies on the use of “shall”, which is the deontic operator for
obligations. To show the complexity of the provision, the paragraphs thereof that are suitable
for the BPMN representation are quoted below:
1
https://demo.bpmn.io
� Terms and Conditions
1. Providers of intermediary services shall include information on any restrictions
that they impose in relation to the use of their service in respect of information
provided by the recipients of the service, in their terms and conditions. That
information shall include information on any policies, procedures, measures and
tools used for the purpose of content moderation, including algorithmic decision-
making and human review, as well as the rules of procedure of their internal
complaint handling system. It shall be set out in clear, plain, intelligible, user-
friendly and unambiguous language, and shall be publicly available in an easily
accessible and machine-readable format. [...]
3. Where an intermediary service is primarily directed at minors or is predomi-
nantly used by them, the provider of that intermediary service shall explain the
conditions for, and any restrictions on, the use of the service in a way that minors
can understand. [...]
5. Providers of very large online platforms and of very large online search engines
shall provide recipients of services with a concise, easily-accessible and machine-
readable summary of the terms and conditions, including the available remedies
and redress mechanisms, in clear and unambiguous language.
6. Very large online platforms and very large online search engines within the mean-
ing of Article 33 shall publish their terms and conditions in the official languages
of all the Member States in which they offer their services.
The text contains lengthy sentences with consecutive direct objects, such as policies, proce-
dures, measures, and tools. We focus on requirements that can be met with a "standard solution"
for autonomous compliance. For instance, Article 14(1) of the DSA states that providers of
intermediary services must include recipient-imposed restrictions in their terms and conditions.
By incorporating the necessary information, PISs fulfill this requirement. In contrast, Article
14(4) of the DSA mandates diligent, objective, and proportionate behavior for PISs, which falls
outside our scope.
While Article 14 DSA addresses the requirements imposed on PISs when formulating the
terms and conditions of their services, Article 10 enshrines the obligations to provide information
upon receipt of orders issued by the competent public authorities. The following paragraphs of
Article 10 are suitable for the BPMN representation and were included in our analyisis:
Orders to provide information
1. Upon receipt of an order to provide specific information about one or more
specific individual recipients of the service, issued by the relevant national judicial
or administrative authorities on the basis of the applicable Union law or national
law in compliance with Union law, providers of intermediary services shall, without
undue delay inform the authority issuing the order, or any other authority specified
in the order, of its receipt and of the effect given to the order, specifying if and
when effect was given to the order.
� 5. At the latest when effect is given to the order, or, where applicable, at the
time provided by the issuing authority in its order, providers of intermediary
services shall inform the recipient of the service concerned of the order received
and the effect given to it. Such information provided to the recipient of the service
shall include a statement of reasons and the possibilities for redress that exist, in
accordance with paragraph 2.
Similar to Article 14, the provisions in Article 10 are characterized by the use of lengthy
sentences and convoluted wording. Once more, the text of Article 10 is grounded upon the
deontic operator "shall," which points out the occurrence of legal obligations.
4.2. Application of the BPMN Standard
The use of the BPMN standard simplifies the legal text and lays the foundations for a ques-
tionnaire to be replied by PISs for testing-related purposes. Figure 1 portrays the BPMN
representation of Article 14 DSA.
Figure 1: The BPMN representation of Article 14 DSA
The whole flowchart is contained in a “pool”, which represents participants in a process, i.e.
providers of intermediary services. In the pool, there are two horizontal “lanes” above and
below respectively, which serve to organize and categorize activities. We use lanes as sub-pools
for activities of two categories of PISs that are affected by ad hoc obligations enshrined in Article
14(3) and (6) DSA. These categories are PISs primarily directed at or predominantly used by
minors and PISs with very large platforms and very large search engines.
� The process begins with a “start event”, i.e. circle on the left, under the label of “Begin
compliance process” and ends with an “end event”, i.e. circle on the right side, under the label
“End compliance test”. Starting from the start event, solid lines with solid arrowheads are used
to show the “sequence flow” of activities performed in the process. In turn, “activities” are
indicated by rounded-corner rectangles and labelled by following the formula “verb + direct
object”. The forth activity from the left, i.e. publish information, is connected to an "exclusive
gateway" represented by a diamond with a cross in the middle. Indeed, depending on the nature
of the PISs category addressed by the obligations, activities follow one of three alternative flows
towards either “shall explain” or “publish specific information” or “end event” respectively.
For our purposes, each activity, i.e. rounded-corner rectangle, is connected to an “annotation”,
which is one of the “artifacts” of the BPMN standard and provides additional text information
for the reader of the BPMN diagram.
Figure 2 shows annotations of the activities “include information” and “include in information”.
The former activity is complemented through the description “in terms and conditions on any
restrictions that they impose in relation to the use of their service in respect of information
provided by the recipients of the service”.
Annotations enrich activities with essential details needed to comply with the requirements
and they enable the deconstruction and modelling of legal concepts. This function also allows
to showcase questions for compliance-check purposes. For instance, the activity “set out
information” could be integrated by the annotation “Did you set out in your terms and conditions
information in clear, plain, intelligible, user-friendly and unambiguous language?”.
Figure 2: Examples of BPMN annotations contributing to model legal concepts
While the categories of BPMN standard elements utilized to depict the normative requirements
of Article 14 are the same as those used for modeling Article 10, Figure 3 demonstrates that the
latter provision possesses certain distinctive characteristics that warrant further discussion.
Article 10 DSA possesses a notable feature in that it initiates with an event, specifically
the "receipt of an order to provide specific information about one or more specific individual
recipients of the service". This means, that once the relevant public authorities require providers
of intermediary services to provide specific information on individuals, who are recipients of the
service, the obligations enshrined in Article 10 become effective and concrete [13]. In contrast,
Article 14 introduces the modeling with a non-textual and ad hoc event, namely the purpose of
the representation, which is "Begin compliance test". Secondly, as the normative requirements
apply to the general category of PISs, only one swimlane is necessary to indicate the scope of
�Figure 3: The BPMN representation of Article 10 DSA
application ratione persone covered by the article. The structural disparities between the two
examined normative provisions are resolved by the flexibility of the BPMN standard, which
allows for a broader understanding of complex normative requirements, including by legal
practitioners, among citizens, companies and other organizations.
In conclusion, the comprehensive suite of BPMN 2.0 symbols demonstrates its effectiveness
as a method to model legal procedures and concepts. Figure 4 illustrates a flowchart detailing
the requirements outlined in Article 20(1). Upon initiating the event, PISs are obligated to make
one or more decisions based on the information provided by the recipients, particularly if it
constitutes illegal content or breaches the terms and conditions of the service. For modeling
purposes, an inclusive gateway is used to represent that PISs shall pick up one or multiple
options among the four decisions provided by Article 20(1) of the Digital Services Act (DSA).
�Figure 4: The BPMN representation of Article 20(1) DSA
5. Conclusions and Future Work
This research work represents the initial stage of applying the Business Process Model and
Notation (BPMN) standard as a legal design tool for the purpose of enhancing legal compliance.
Moving forward, our aim is to develop a robust methodology to validate and evaluate the
findings presented in this study and the final modeling of the whole text of the Digital Services
Act. This can be achieved through the creation of formal ontologies in conjunction with BPMN,
as they provide a structured and uniform representation of legal knowledge and requirements.
By incorporating formal ontologies into the BPMN framework, we can establish a compre-
hensive and semantically rich representation of legal concepts and obligations. This integration
enables a more precise and detailed understanding of the legal domain, ensuring accuracy and
�consistency in the modeling of legal compliance requirements.
In order to effectively test the proposed approach, we plan to rely on manifold evaluation
methods, including the use of indexes and questionnaires. These tools will help us assess the
usability and effectiveness of the textual reformulation and graphic representations that are
key components of legal design. Drawing from established best practices in the legal design
literature, such as the use of bullet points, icons, pictures, and symbols, we aim to create
visualizations that are intuitive, user-friendly, and conducive to promoting compliance with
legal obligations.
By emphasizing the role of formal ontologies in conjunction with BPMN, our research effort
contributes to the advancement of legal design as a discipline. Through the integration of
these formal frameworks, we can enhance the clarity, accuracy, and comprehensibility of legal
compliance requirements, facilitating businesses’ understanding and adherence to regulatory
obligations.
References
[1] The details of this article accepted for publication were anonymized for the purpose of the
double-blind review.
[2] Audrito, D., Sulis, E., Humphreys, L., Di Caro, L.: Analogical lightweight ontology of eu
criminal procedural rights in judicial cooperation. Artificial Intelligence and Law pp. 1–24
(2022)
[3] Berger-Walliser, G., Barton, T.D., Haapio, H.: From visualization to legal design: a collabo-
rative and creative process. Am. Bus. LJ 54, 347 (2017)
[4] Butt, P.: Legalese versus plain language. Amicus Curiae 35, 28 (2001)
[5] Capuzzimati, F., Violato, A., Baldoni, M., Boella, G., et al.: Business process management
for legal domains: Supporting execution and management of preliminary injunctions. In:
JURIX. pp. 149–152 (2015)
[6] Curtotti, Michael, H.H.P.S.: Legal design patterns for privacy. In: Schweighofer E. et al.
(Eds.) Co-operation. Proceedings of the 18th International Legal Informatics Symposium
IRIS 2015. p. 455–462 (2015)
[7] Ducato, R., Strowel, A.: Legal design perspectives. Theoretical and practical insights from
the field (2021)
[8] Flood, M., Goodenough, O.: Contract as automaton: The computational representation of
financial agreements. OFR Working Paper 15-04 (03 2015)
[9] Floridi, L., Cowls, J., Beltrametti, M., Chatila, R., Chazerand, P., Dignum, V., Luetge, C.,
Madelin, R., Pagallo, U., Rossi, F., et al.: Ai4people—an ethical framework for a good ai
society: opportunities, risks, principles, and recommendations. Minds and machines 28,
689–707 (2018)
[10] Haapio, H., Hagan, M., Palmirani, M., Rossi, A.: Legal design patterns for privacy. In: Data
Protection/LegalTech Proceedings of the 21st International Legal Informatics Symposium
IRIS. pp. 445–450 (2018)
[11] Hagan, M.: Law By Design. (2017)
[12] Hart, H.L.A., Raz, J., Green, L.: The concept of law. oxford university press (2012)
�[13] Kelsen, H.: Il fondamento della validità del diritto. Rivista di (1957)
[14] Kocbek Bule, M., Jost, G., Hericko, M., Polančič, G.: Business process model and notation:
The current state of affairs. Computer Science and Information Systems 12, 509–539 (06
2015)
[15] McLachlan, S., .W.L.C.: Visualisation of law and legal process: An opportunity missed.
Information Visualization (2021)
[16] Palmirani, M.: A smart legal order for the digital era: A hybrid ai and dialogic model.
Ragion pratica (2), 633–655 (2022)
[17] Rawls, J.: The justification of civil disobedience. Arguing about law pp. 244–253 (2013)
[18] Rodríguez-Doncel, V., Montiel-Ponsoda, E.: Lynx: Towards a legal knowledge graph for
multilingual europe. Law in Context 37(1), 175–178 (2020)
[19] Saha, D., Mandal, A., Pal, S.: User interface design issues for easy and efficient human com-
puter interaction: An explanatory approach. International Journal of Computer Sciences
and Engineering 3, 127–135 (01 2015)
[20] Sartor, G., Santin, P., Audrito, D., Sulis, E., Caro, L.D.: Automated extraction and represen-
tation of citation network: A CJEU case-study. In: Guizzardi, R.S.S., Neumayr, B. (eds.)
CMLS, EmpER, and JUSMOD 2022. LNCS, vol. 13650, pp. 102–111. Springer (2022)
[21] Schwabe, D., Laufer, C., Casanovas, P.: Knowledge graphs: trust, privacy, and transparency
from a legal governance approach. Law in Context 37(1), 24–41 (2020)
[22] Sulis, E., Humphreys, L., Vernero, F., Amantea, I.A., Audrito, D., Caro, L.D.: Exploiting
co-occurrence networks for classification of implicit inter-relationships in legal texts. Inf.
Syst. 106, 101821 (2022)
[23] Sulis, E., Humphreys, L.B., Audrito, D., Caro, L.D.: Exploiting textual similarity techniques
in harmonization of laws. In: et al., S.B. (ed.) AIxIA 2021. LNCS, vol. 13196, pp. 185–197.
Springer (2021)
[24] Waldman, A.E.: Privacy, notice, and design. STANFORD TECHNOLOGY LAW REVIEW
21, 129ss (2018)
[25] Yankovskiy, R.: Legal design: New thinking and new challenges 2019, 76 (05 2019)
�