Data and software are nowadays one and the same: for this very reason, the European Union (EU) and other governments introduce frameworks for data protection — a key example being the General Data Protection Regulation (GDPR). However, GDPR compliance is not straightforward: its text is not written by software or information engineers but rather, by lawyers and policy-makers. As a design aid to information engineers aiming for GDPR compliance, as well as an aid to software users’ understanding of the regulation, this article offers a systematic synthesis and discussion of it, distilled by the mathematical analysis method known as Formal Concept Analysis (FCA). By its principles, GDPR is synthesised as a concept lattice, that is, a formal summary of the regulation, featuring 144372 records — its uses are manifold. For example, the lattice captures so-called attribute implications, the implicit logical relations across the regulation, and their intensity. These results can be used as drivers during systems and services (re-)design, development, operation, or information systems’ refactoring towards more GDPR consistency.

如今，数据和软件是一模一样的：基于这个原因，欧盟（EU）和其他政府引入了数据保护框架-一个重要的例子是通用数据保护条例（GDPR）。但是，GDPR的合规性并不简单：其文本不是由软件或信息工程师编写的，而是由律师和政策制定者编写的。作为针对符合GDPR要求的信息工程师的设计帮助，以及帮助软件用户理解该法规，本文提供了系统的综合和讨论，并通过称为形式概念分析（FCA）的数学分析方法进行了提炼。 ）。根据其原理，GDPR被合成为概念格，即该法规的正式摘要，其中包含144372条记录-它的用途是多种多样的。例如，晶格捕获所谓的属性含义，整个规则中的隐式逻辑关系及其强度。这些结果可以用作系统和服务（重新）设计，开发，运营或信息系统重构以实现更高GDPR一致性的驱动力。