Legal Design through Business Process Model and Notation (BPMN): a Digital Services Act Case-Study Davide Audrito* 1 , Andrea Filippo Ferraris* 2 1 Legal Studies Department, University of Bologna, Via Zamboni 27, Bologna, 40126, Italy 2 Law Department, University of Turin, Lungo Dora Siena 100/A, Torino, 10154, Italy Abstract Legal Design represents a well-rooted research area at the crossroads of law, design and computer-science, which plays a significant role in the clarification and accessibility of legal sources. This research work shows that legal design fosters the ability of economic operators, including private citizens, public administrations and companies, to conform to manifold legislative requirements arising from multi- level legal orders. To achieve this objective, we rely on the Business Process Model and Notation (BPMN) standard to represent a core provision of the so-called Digital Services Act (DSA). Building on a preliminary first-stage research work, we model a second normative requirement of the DSA with a view to showcase the potential role of BPMN in legal education. Keywords Legal Design, Legal Compliance, Business Process Model and Notation, Digital Services Act 1. Introduction The principle of normativity posits that legal norms emerge from a legitimate process orches- trated by authorized entities. Such laws are targeted towards one or several agents, often denoted as personas, who can assimilate the normative content and freely elect to conform to or defy the prescribed regulations [12], a notion underpinned by the principle of self-determination [17]. Nevertheless, complications surface when individual actors, whether natural or legal entities, lack genuine comprehension of the obligations imposed by law. This can largely be attributed to the intricacies of legal jargon, colloquially termed "legalese", recognized for its complexity, verbosity, and extreme specificity [4]. Conversely, visual representation possesses the potential to enrich comprehension and understanding of intricate legal notions [15]. By harnessing the capacity of legal design methods, instruments, doctrines, and visual illustrations, we stand to enhance the conveyance of legal information and foster superior interactions between citizens and legal frameworks. * All authors have contributed equally. 2nd International Workshop on Knowledge Management and Process Mining for Law (KM4LAW), 9th Joint Ontology Workshops (JOWO 2023), co-located with FOIS 2023, 19-20 July, 2023, Sherbrooke, Québec, Canada $ davide.audrito2@unibo.it (D. Audrito* ); andreafilippo.ferraris@unito.it (A. F. Ferraris* ) € https://www.unibo.it/sitoweb/davide.audrito2 (D. Audrito* )  0000-0002-9239-5358 (D. Audrito* ); 0009-0004-7487-5560 (A. F. Ferraris* ) © 2023 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). CEUR Workshop Proceedings http://ceur-ws.org ISSN 1613-0073 CEUR Workshop Proceedings (CEUR-WS.org) CEUR ceur-ws.org Workshop ISSN 1613-0073 Proceedings For the efficacy of the legal design methodology, it is imperative to maintain uniformity across legal knowledge, graphical depictions, textual representation, and design attributes. As such, it becomes crucial to confirm that legal design models adhere to the principles of normativity [16] and explicability [9], thereby ensuring the effective dissemination and comprehension of legal norms. Building on the principle of normativity, our research aims to model the provisions outlined in Regulation (EU) 2022/2065, also known as the Digital Services Act (DSA). This regulation was adopted in October 2022 and will come into effect in early 2024 (see Section 3). Our objective is to reframe the normative contents of the DSA using the Business Process Model and Notation (BPMN) standard. This will help providers of intermediary services (PISs), or personas, understand and comply with the new obligations. Our research work demonstrates that legal design methods such as BPMN are valuable in facilitating the transmission of legal information without the risk of misleading non-experts by neglecting the principle of normativity. 2. Relevant Work Legal informatics is engaged with Artificial Intelligence techniques [23], network analysis [20, 22], ontologies [2], and other research areas. The legal design methodology has been rising over the last decades, both on the side of theoretical studies [19, 7] and in the framework of applied works and projects [6, 8], so that nowadays it can be considered an autonomous discipline. 2.1. Legal Design Today’s complex and constantly evolving regulatory landscape presents significant challenges for businesses, with a wide array of intricate legal obligations often leading to confusion, non- compliance, and possible legal repercussions. However, the use of legal design principles and visualization techniques offers a promising solution by enhancing businesses’ grasp of their legal duties and guiding them more efficiently [24, 10]. Margaret Hagan defines legal design as a user-oriented approach to the legal field, aiming to create more accessible, efficient, and satisfying legal systems and services [11]. This is achieved through a combination of legal design methods, tools, and visual aids that improve the transmission of legal information and facilitate smoother interactions between people and the legal systems they engage with. A striking example of legal design’s potential to effect change and promote social justice can be seen in the work of Candy Chang with The Street Vendor Project and the Center for Urban Pedagogy. Their pioneering guide, "Vendor Power" [25], shows how legal design can simplify complex legal rules into easy-to-understand visual diagrams for street vendors. The guide, available in several languages, helps vendors better understand their rights and comply with relevant laws more easily. Furthermore, the inclusion of personal stories in the guide highlights the crucial role of community engagement in legal design initiatives [3]. This holistic approach not only increases the accessibility of legal information but also fosters a sense of inclusivity and empowers people to actively participate in shaping the legal frameworks that directly affect their lives. In Finland, legal design has been strategically employed by the Finland Arbitration Institute (FAI), in collaboration with Dottir Attorneys and design agency Hellon. They have created an interactive FAI Arbitration Process flowchart, transforming complex arbitration procedures into understandable, usable information, thereby promoting transparency and boosting user engagement. The joint project demonstrates how legal design can enable clearer communication in the legal sphere, promote innovative problem-solving, and emphasize a more user-centered approach. Legal design, through its user-friendly visual aids and effective storytelling, serves as a critical tool in bridging the gap between the complexities of legal requirements and people’s ability to proficiently navigate them [24, 10]. This contributes to a more equal and inclusive society. By converting complex legal rules into simple, accessible visual diagrams, legal design gives businesses a clear, comprehensive view of their regulatory environment. This clarity promotes a deeper understanding of industry-specific legal requirements, reducing confusion and lowering the risk of non-compliance [21]. Presenting information in multiple languages ensures that legal design remains inclusive and accessible to businesses operating in diverse contexts and global markets[18]. 2.2. Business Process Model and Notation (BPMN) for Law The use of the BPMN standard has proven to be highly effective in modeling legal knowledge, tasks, and processes[5]. By visually representing business workflows, BPMN helps businesses gain a better understanding of their operations and identify areas for improvement[14]. Legal professionals have embraced BPMN to illustrate various legal processes, including contract review and approval workflows. However, relying solely on BPMN may not fully address the challenge of making legal compliance more accessible for businesses. To overcome this limitation, the integration of legal design principles is key. Legal design complements BPMN by providing visually intuitive representations of legal rules and requirements in a user-friendly format. Through the application of legal design, legal professionals can create clear and easily under- standable visualizations of legal processes and obligations. This enables businesses to grasp their regulatory responsibilities more effectively and take the necessary steps to comply. By incorporating design principles that prioritize clarity and accessibility, legal design enhances the usability of legal information for businesses. The combination of BPMN and legal design offers a comprehensive approach to legal com- pliance. By leveraging the insights provided by BPMN and the user-centric approach of legal design, businesses can gain a holistic understanding of their legal requirements. This empowers them to identify potential gaps in their processes and proactively ensure compliance. Ultimately, the integration of BPMN and legal design enables businesses to navigate the regulatory landscape with greater ease. By enhancing clarity and accessibility, businesses can minimize the risk of non-compliance and confidently adhere to legal obligations. 3. Methodology The Digital Services Act (DSA) establishes a single market for digital services by enshrining clear responsibilities and accountability for providers of intermediary services (PISs), including social media, e-commerce platforms, very large online platforms (VLOPs) and very large online search engines (VLOSEs). In order to improve the understandability of the obligations enshrined in the DSA and addressed to PISs, we have built on the legal design methodological framework outlined in a preliminary research article[1]: 1. Legal analysis of the textual source based on the theory of law and, where applicable, the philosophy of law and related disciplines. 2. Application of the Business Process Model and Notation (BPMN) standard for the formal- ization of legal knowledge. This method improves the visualization and explainability of legal processes, while ensuring the machine-readability of the output file, i.e. in XML format. The BPMN standard was implemented through the freely available editor BPMN.iO1 . 3. Interpretation of the results, possibly assessed empirically and with different methods, including indexes and questionnaires. 4. Results In this section, we show the results of this second-stage research work. Besides the modelling of the normative contents enshrined in Article 14, we showcase the BPMN representation of a second normative requirement, namely Article 10 DSA. 4.1. Legal Analysis of the Text Sources The Digital Services Act (DSA), adopted on November 16, 2022, represents a significant milestone in Information Society Services liability. It is a progressive update to the regulatory framework established by the European Union directive 31/2000, also known as the e-commerce directive. This self-executing regulation has direct and binding authority over EU individuals, companies, and member states in relation to their respective domains. Article 14 of the DSA focuses on the requirements imposed on providers of intermediary services (PISs) when formulating the terms and conditions of their services. While the DSA contains various provisions, Article 14 stands out as it specifically addresses the criteria that apply to PISs in their contractual arrangements. Therefore, this article is a relevant benchmark for the application of legal design using the Business Process Model and Notation (BPMN) methodology, considering its wording and implications. Indeed, Article 14 DSA entirely relies on the use of “shall”, which is the deontic operator for obligations. To show the complexity of the provision, the paragraphs thereof that are suitable for the BPMN representation are quoted below: 1 https://demo.bpmn.io Terms and Conditions 1. Providers of intermediary services shall include information on any restrictions that they impose in relation to the use of their service in respect of information provided by the recipients of the service, in their terms and conditions. That information shall include information on any policies, procedures, measures and tools used for the purpose of content moderation, including algorithmic decision- making and human review, as well as the rules of procedure of their internal complaint handling system. It shall be set out in clear, plain, intelligible, user- friendly and unambiguous language, and shall be publicly available in an easily accessible and machine-readable format. [...] 3. Where an intermediary service is primarily directed at minors or is predomi- nantly used by them, the provider of that intermediary service shall explain the conditions for, and any restrictions on, the use of the service in a way that minors can understand. [...] 5. Providers of very large online platforms and of very large online search engines shall provide recipients of services with a concise, easily-accessible and machine- readable summary of the terms and conditions, including the available remedies and redress mechanisms, in clear and unambiguous language. 6. Very large online platforms and very large online search engines within the mean- ing of Article 33 shall publish their terms and conditions in the official languages of all the Member States in which they offer their services. The text contains lengthy sentences with consecutive direct objects, such as policies, proce- dures, measures, and tools. We focus on requirements that can be met with a "standard solution" for autonomous compliance. For instance, Article 14(1) of the DSA states that providers of intermediary services must include recipient-imposed restrictions in their terms and conditions. By incorporating the necessary information, PISs fulfill this requirement. In contrast, Article 14(4) of the DSA mandates diligent, objective, and proportionate behavior for PISs, which falls outside our scope. While Article 14 DSA addresses the requirements imposed on PISs when formulating the terms and conditions of their services, Article 10 enshrines the obligations to provide information upon receipt of orders issued by the competent public authorities. The following paragraphs of Article 10 are suitable for the BPMN representation and were included in our analyisis: Orders to provide information 1. Upon receipt of an order to provide specific information about one or more specific individual recipients of the service, issued by the relevant national judicial or administrative authorities on the basis of the applicable Union law or national law in compliance with Union law, providers of intermediary services shall, without undue delay inform the authority issuing the order, or any other authority specified in the order, of its receipt and of the effect given to the order, specifying if and when effect was given to the order. 5. At the latest when effect is given to the order, or, where applicable, at the time provided by the issuing authority in its order, providers of intermediary services shall inform the recipient of the service concerned of the order received and the effect given to it. Such information provided to the recipient of the service shall include a statement of reasons and the possibilities for redress that exist, in accordance with paragraph 2. Similar to Article 14, the provisions in Article 10 are characterized by the use of lengthy sentences and convoluted wording. Once more, the text of Article 10 is grounded upon the deontic operator "shall," which points out the occurrence of legal obligations. 4.2. Application of the BPMN Standard The use of the BPMN standard simplifies the legal text and lays the foundations for a ques- tionnaire to be replied by PISs for testing-related purposes. Figure 1 portrays the BPMN representation of Article 14 DSA. Figure 1: The BPMN representation of Article 14 DSA The whole flowchart is contained in a “pool”, which represents participants in a process, i.e. providers of intermediary services. In the pool, there are two horizontal “lanes” above and below respectively, which serve to organize and categorize activities. We use lanes as sub-pools for activities of two categories of PISs that are affected by ad hoc obligations enshrined in Article 14(3) and (6) DSA. These categories are PISs primarily directed at or predominantly used by minors and PISs with very large platforms and very large search engines. The process begins with a “start event”, i.e. circle on the left, under the label of “Begin compliance process” and ends with an “end event”, i.e. circle on the right side, under the label “End compliance test”. Starting from the start event, solid lines with solid arrowheads are used to show the “sequence flow” of activities performed in the process. In turn, “activities” are indicated by rounded-corner rectangles and labelled by following the formula “verb + direct object”. The forth activity from the left, i.e. publish information, is connected to an "exclusive gateway" represented by a diamond with a cross in the middle. Indeed, depending on the nature of the PISs category addressed by the obligations, activities follow one of three alternative flows towards either “shall explain” or “publish specific information” or “end event” respectively. For our purposes, each activity, i.e. rounded-corner rectangle, is connected to an “annotation”, which is one of the “artifacts” of the BPMN standard and provides additional text information for the reader of the BPMN diagram. Figure 2 shows annotations of the activities “include information” and “include in information”. The former activity is complemented through the description “in terms and conditions on any restrictions that they impose in relation to the use of their service in respect of information provided by the recipients of the service”. Annotations enrich activities with essential details needed to comply with the requirements and they enable the deconstruction and modelling of legal concepts. This function also allows to showcase questions for compliance-check purposes. For instance, the activity “set out information” could be integrated by the annotation “Did you set out in your terms and conditions information in clear, plain, intelligible, user-friendly and unambiguous language?”. Figure 2: Examples of BPMN annotations contributing to model legal concepts While the categories of BPMN standard elements utilized to depict the normative requirements of Article 14 are the same as those used for modeling Article 10, Figure 3 demonstrates that the latter provision possesses certain distinctive characteristics that warrant further discussion. Article 10 DSA possesses a notable feature in that it initiates with an event, specifically the "receipt of an order to provide specific information about one or more specific individual recipients of the service". This means, that once the relevant public authorities require providers of intermediary services to provide specific information on individuals, who are recipients of the service, the obligations enshrined in Article 10 become effective and concrete [13]. In contrast, Article 14 introduces the modeling with a non-textual and ad hoc event, namely the purpose of the representation, which is "Begin compliance test". Secondly, as the normative requirements apply to the general category of PISs, only one swimlane is necessary to indicate the scope of Figure 3: The BPMN representation of Article 10 DSA application ratione persone covered by the article. The structural disparities between the two examined normative provisions are resolved by the flexibility of the BPMN standard, which allows for a broader understanding of complex normative requirements, including by legal practitioners, among citizens, companies and other organizations. In conclusion, the comprehensive suite of BPMN 2.0 symbols demonstrates its effectiveness as a method to model legal procedures and concepts. Figure 4 illustrates a flowchart detailing the requirements outlined in Article 20(1). Upon initiating the event, PISs are obligated to make one or more decisions based on the information provided by the recipients, particularly if it constitutes illegal content or breaches the terms and conditions of the service. For modeling purposes, an inclusive gateway is used to represent that PISs shall pick up one or multiple options among the four decisions provided by Article 20(1) of the Digital Services Act (DSA). Figure 4: The BPMN representation of Article 20(1) DSA 5. Conclusions and Future Work This research work represents the initial stage of applying the Business Process Model and Notation (BPMN) standard as a legal design tool for the purpose of enhancing legal compliance. Moving forward, our aim is to develop a robust methodology to validate and evaluate the findings presented in this study and the final modeling of the whole text of the Digital Services Act. This can be achieved through the creation of formal ontologies in conjunction with BPMN, as they provide a structured and uniform representation of legal knowledge and requirements. By incorporating formal ontologies into the BPMN framework, we can establish a compre- hensive and semantically rich representation of legal concepts and obligations. This integration enables a more precise and detailed understanding of the legal domain, ensuring accuracy and consistency in the modeling of legal compliance requirements. In order to effectively test the proposed approach, we plan to rely on manifold evaluation methods, including the use of indexes and questionnaires. These tools will help us assess the usability and effectiveness of the textual reformulation and graphic representations that are key components of legal design. Drawing from established best practices in the legal design literature, such as the use of bullet points, icons, pictures, and symbols, we aim to create visualizations that are intuitive, user-friendly, and conducive to promoting compliance with legal obligations. By emphasizing the role of formal ontologies in conjunction with BPMN, our research effort contributes to the advancement of legal design as a discipline. Through the integration of these formal frameworks, we can enhance the clarity, accuracy, and comprehensibility of legal compliance requirements, facilitating businesses’ understanding and adherence to regulatory obligations. References [1] The details of this article accepted for publication were anonymized for the purpose of the double-blind review. [2] Audrito, D., Sulis, E., Humphreys, L., Di Caro, L.: Analogical lightweight ontology of eu criminal procedural rights in judicial cooperation. Artificial Intelligence and Law pp. 1–24 (2022) [3] Berger-Walliser, G., Barton, T.D., Haapio, H.: From visualization to legal design: a collabo- rative and creative process. Am. Bus. LJ 54, 347 (2017) [4] Butt, P.: Legalese versus plain language. Amicus Curiae 35, 28 (2001) [5] Capuzzimati, F., Violato, A., Baldoni, M., Boella, G., et al.: Business process management for legal domains: Supporting execution and management of preliminary injunctions. In: JURIX. pp. 149–152 (2015) [6] Curtotti, Michael, H.H.P.S.: Legal design patterns for privacy. In: Schweighofer E. et al. (Eds.) Co-operation. Proceedings of the 18th International Legal Informatics Symposium IRIS 2015. p. 455–462 (2015) [7] Ducato, R., Strowel, A.: Legal design perspectives. Theoretical and practical insights from the field (2021) [8] Flood, M., Goodenough, O.: Contract as automaton: The computational representation of financial agreements. OFR Working Paper 15-04 (03 2015) [9] Floridi, L., Cowls, J., Beltrametti, M., Chatila, R., Chazerand, P., Dignum, V., Luetge, C., Madelin, R., Pagallo, U., Rossi, F., et al.: Ai4people—an ethical framework for a good ai society: opportunities, risks, principles, and recommendations. Minds and machines 28, 689–707 (2018) [10] Haapio, H., Hagan, M., Palmirani, M., Rossi, A.: Legal design patterns for privacy. In: Data Protection/LegalTech Proceedings of the 21st International Legal Informatics Symposium IRIS. pp. 445–450 (2018) [11] Hagan, M.: Law By Design. (2017) [12] Hart, H.L.A., Raz, J., Green, L.: The concept of law. oxford university press (2012) [13] Kelsen, H.: Il fondamento della validità del diritto. Rivista di (1957) [14] Kocbek Bule, M., Jost, G., Hericko, M., Polančič, G.: Business process model and notation: The current state of affairs. Computer Science and Information Systems 12, 509–539 (06 2015) [15] McLachlan, S., .W.L.C.: Visualisation of law and legal process: An opportunity missed. Information Visualization (2021) [16] Palmirani, M.: A smart legal order for the digital era: A hybrid ai and dialogic model. Ragion pratica (2), 633–655 (2022) [17] Rawls, J.: The justification of civil disobedience. Arguing about law pp. 244–253 (2013) [18] Rodríguez-Doncel, V., Montiel-Ponsoda, E.: Lynx: Towards a legal knowledge graph for multilingual europe. Law in Context 37(1), 175–178 (2020) [19] Saha, D., Mandal, A., Pal, S.: User interface design issues for easy and efficient human com- puter interaction: An explanatory approach. International Journal of Computer Sciences and Engineering 3, 127–135 (01 2015) [20] Sartor, G., Santin, P., Audrito, D., Sulis, E., Caro, L.D.: Automated extraction and represen- tation of citation network: A CJEU case-study. In: Guizzardi, R.S.S., Neumayr, B. (eds.) CMLS, EmpER, and JUSMOD 2022. LNCS, vol. 13650, pp. 102–111. Springer (2022) [21] Schwabe, D., Laufer, C., Casanovas, P.: Knowledge graphs: trust, privacy, and transparency from a legal governance approach. Law in Context 37(1), 24–41 (2020) [22] Sulis, E., Humphreys, L., Vernero, F., Amantea, I.A., Audrito, D., Caro, L.D.: Exploiting co-occurrence networks for classification of implicit inter-relationships in legal texts. Inf. Syst. 106, 101821 (2022) [23] Sulis, E., Humphreys, L.B., Audrito, D., Caro, L.D.: Exploiting textual similarity techniques in harmonization of laws. In: et al., S.B. (ed.) AIxIA 2021. LNCS, vol. 13196, pp. 185–197. Springer (2021) [24] Waldman, A.E.: Privacy, notice, and design. STANFORD TECHNOLOGY LAW REVIEW 21, 129ss (2018) [25] Yankovskiy, R.: Legal design: New thinking and new challenges 2019, 76 (05 2019)