Opening the Black Box: Petri Nets and Privacy by Design

40 Pages Posted: 7 Dec 2016 Last revised: 25 Feb 2017

See all articles by Laurence Diver

Laurence Diver


Burkhard Schafer

University of Edinburgh - School of Law

Date Written: December 2, 2016


Building on the growing literature in algorithmic accountability, this paper investigates the use of a process visualisation technique known as the Petri net to achieve the aims of Privacy by Design. The strength of the approach is that it can help to bridge the knowledge gap that often exists between those in the legal and technical domains. Intuitive visual representations of the status of a system and the flow of information within and between legal and system models mean developers can embody the aims of the legislation from the very beginning of the software design process, while lawyers can gain an understanding of the inner workings of the software without needing to understand code. The approach can also facilitate automated formal verification of the models’ interactions, paving the way for machine-assisted privacy by design and, potentially, more general ‘compliance by design’. Opening up the ‘black box’ in this way could be a step towards achieving better algorithmic accountability.

Keywords: Privacy by Design; Regulatory Theory; Petri Nets; Formalisation; Transparency, Algorithmic Accountability

Suggested Citation

Diver, Laurence and Schafer, Burkhard, Opening the Black Box: Petri Nets and Privacy by Design (December 2, 2016). (2017) 31(1) International Review of Law, Computers & Technology 68, Available at SSRN:

Burkhard Schafer

University of Edinburgh - School of Law ( email )

Old College
South Bridge
Edinburgh, EH8 9YL
United Kingdom
0131-650-2035 (Phone)
0131-650-6317 (Fax)

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics