Legal Design for the General Data Protection Regulation. A Methodology for the Visualization and Communication of Legal Concepts

Privacy policies are known to be impenetrable, lengthy, tedious texts that are hardly read and poorly understood. Therefore, the General Data Protection Regulation (GDPR) introduces provisions to enhance the transparency of such documents and suggests icons as visual elements to provide “in an easily visible, intelligible and clearly legible manner a meaningful overview of the intended processing.” The present dissertation discusses how design, and in particular legal design, can support the concrete implementation of the GDPR’s transparency obligation. Notwithstanding the many benefits that visual communication demonstrably provides, graphical elements do not improve comprehension per se. Research on graphical symbols for legal concepts is still scarce, while both the creation and consequent evaluation of icons depicting abstract or unfamiliar concepts represent a challenge. More- over, precision of representation can support the individuals’ sense-making of the meaning of graphical symbols, but at the expense of simplicity and us- ability. Hence, this research proposed a methodology that combines semantic web technologies with principles of semiotics and ergonomics, and empirical methods drawn from the emerging discipline of legal design, that was used to create and evaluate DaPIS, the Data Protection Icon Set meant to support the data subjects’ navigation of privacy policies. The icon set is modeled on PrOnto, an ontological representation of the GDPR, and is organized around its core modules: personal data, roles and agents, processing operations, processing purposes, legal bases, and data subjects’ rights. In combination with the description of a privacy policy in the legal standard XML Akoma Ntoso, such an approach makes the icons machine-readable and semi-automatically retrievable. Icons can thus serve as information markers in lengthy privacy statements and support the navigation of the text by the data subject.