LEGIT Methodology: Towards Capturing Legal Compatibility of Design Science Artifacts

Higher legal standards with regards to the data protection of individuals such as the General Data Protection Regulation (GDPR) are increasing the pressure on developers of IT artifacts. Typically, when developing systems, we subsequently evaluate them with users to elaborate aspects such as user experience perceptions. However, nowadays, other evaluation aspects such as legality and data policy issues are also important criteria for system development. For this purpose, we introduce LEGIT (legal design science evaluation), which provides developers with guidance when considering legal requirements. We use the case of the GDPR to illustrate the feasibility, applicability, and benefit to the development process. With this novel method adapted from law research, we are able to derive actionable guidance for developers to evaluate developer efforts in increasing legal compatibility. To illustrate our methodological approach, in this paper, we describe the key steps of the method with respect to the evaluation of a learning assistant. We develop an AI-based learning assistant for university students to demonstrate the application of the novel evaluation method. We briefly discuss how this procedure can serve as the foundation for a new evaluation method of legally compatible systems in design science research.

[1]  J. Leimeister,et al.  The Hidden Value of Patterns - Using Design Patterns to Whitebox Technology Development in Legal Assessments , 2021, Wirtschaftsinformatik.

[2]  Walid Maalej,et al.  On lawful disclosure of personal user data: What should app developers do? , 2014, 2014 IEEE 7th International Workshop on Requirements Engineering and Law (RELAW).

[3]  Tuure Tuunanen,et al.  Design Science Research Evaluation , 2012, DESRIST.

[4]  Jan vom Brocke,et al.  Evaluations in the Science of the Artificial - Reconsidering the Build-Evaluate Pattern in Design Science Research , 2012, DESRIST.

[5]  Andreas Janson,et al.  Developing Lawful Technologies - A Revelatory Case Study on Design Patterns , 2021, HICSS.

[6]  Jan Pries-Heje,et al.  FEDS: a Framework for Evaluation in Design Science Research , 2016, Eur. J. Inf. Syst..

[7]  Omer F. Rana,et al.  Developing GDPR Compliant User Data Policies for Internet of Things , 2019, UCC.

[8]  Wu He,et al.  The Impact of GDPR on Global Technology Development , 2019, Journal of Global Information Technology Management.

[9]  Jan Pries-Heje,et al.  A Comprehensive Framework for Evaluation in Design Science Research 1 , 2022 .

[10]  Pierre Mazzega,et al.  Toward measures of complexity in legal systems , 2007, ICAIL.

[11]  Sarah Spiekermann,et al.  The challenges of privacy by design , 2012, Commun. ACM.

[12]  Jan Marco Leimeister,et al.  Legal Compatibility as a Characteristic of Sociotechnical Systems , 2015, Bus. Inf. Syst. Eng..