### Scenario 3 - Data Subject agrees with the Data Controller consent term, but then revoke his/her consent and request to delete his data.

<i> Scenario Description </i>
<p>This scenario presents a particularity. According to the LGPD art. 16. there are some situations that the Data Controller can store the Data Subject's data even when the Data Subject requested the data deletion.</p>
<p> Art. 16</p>
<p> I - cumprimento de obrigação legal ou regulatória pelo controlador;</p>
<p> II - estudo por órgão de pesquisa, garantida, sempre que possível, a anonimização dos dados pessoais;</p>
<p> III - transferência a terceiro, desde que respeitados os requisitos de tratamento de dados dispostos nesta Lei; ou </p>
<p> IV - uso exclusivo do controlador, vedado seu acesso por terceiro, e desde que anonimizados os dados.</p>

#### Set consent term.

The Data Subject Paulo allows the Data Controller Fiocruz to access, store, and process his personal data and his health data with the purpose to perform research regarding genetic factors related to COVID-19 using statistical analysis for 180 days.
<p>The Data Controller is allowed to share the Data Subject data only with the vaccination priorization purpose.</p>
<p>To do any request, please use the Data Controller communication channel by email lgpd@fiocruz.br.</p>
<p>PS: The Data Controllers must inform in any case if they are processing the personal data, if requested. </p>


In [1]:
createConsentTerm(DC,DS,PData,HData,Purpose,
				SpecificPurpose,
				Form,
				TimeLength,
				ThirdPartyPurpose,
				Channel,
				DCContact) :-
                
                assertz(dataSubject(DS)),
                assertz(dataController(DC)),
                assertz(personalData(DS,PData)),
                assertz(healthData(DS, HData)),
                assertz(purpose(DC,DS,Purpose)),
                assertz(specificPurpose(DC,DS,Purpose,SpecificPurpose)),
                assertz(form(DC,DS,Purpose,SpecificPurpose,Form)),
                assertz(timeLength(DC,DS,Purpose,SpecificPurpose,TimeLength)),
                assertz(thirdyPartySharingPurpose(DC,DS,Purpose,SpecificPurpose,TimeLength,ThirdPartyPurpose)),
                assertz(channelToProvideInformation(DC,DS,Channel,DCContact)).



In [2]:
?- createConsentTerm(fiocruz,paulo,976635869,oPlus,research,
				'genetic_factors_related_to_COVID-19',
				'statistic_analysis',
				180,
				'vaccination_priorization',
				'e-mail',
				'lgpd@fiocruz.br').

true.

In [3]:
?- dataSubject(paulo).

true.

In [4]:
?- dataController(fiocruz).

true.

In [5]:
?- personalData(paulo,976635869).

true.

In [6]:
?- healthData(paulo, oPlus).

true.

In [7]:
?- purpose(fiocruz,paulo,research).

true.

In [8]:
?- specificPurpose(fiocruz,paulo,research,'genetic_factors_related_to_COVID-19').

true.

In [9]:
?- form(fiocruz,paulo,research,'genetic_factors_related_to_COVID-19','statistic_analysis').

true.

In [10]:
?- timeLength(fiocruz,paulo,research,'genetic_factors_related_to_COVID-19',180).

true.

In [11]:
?- thirdyPartySharingPurpose(fiocruz,paulo,research,'genetic_factors_related_to_COVID-19',180,'vaccination_priorization').

true.

In [12]:
?- channelToProvideInformation(fiocruz,paulo,'e-mail','lgpd@fiocruz.br').

true.

In [13]:
dsRight(processingConfirmation,dataSubject(paulo),dataController(fiocruz)).



Data Subject agrees with the Data Controller consent term.

First, the Data Subject verifies if all the crutial elements are described in the consent term present by the Data Controller

In [14]:
checkConsentTerm(dataController(DC),
				dataSubject(DS),
				purpose(DC,Purpose),
				SpecificPurpose,
				Form,
				TimeLength,
				ThirdPartyPurpose,
				Channel,
				DCContact) :-
	(
		form(DC,DS,Purpose,SpecificPurpose,Form),
		timeLength(DC,DS,Purpose,SpecificPurpose,TimeLength),
		thirdyPartySharingPurpose(DC,DS,Purpose,SpecificPurpose,TimeLength,ThirdPartyPurpose),
		channelToProvideInformation(DC,DS,Channel,DCContact),
		purpose(DC,DS,Purpose),
		specificPurpose(DC,DS,Purpose,SpecificPurpose),
		assertz(consentTermOk(dataController(DC),dataSubject(DS)))
	).



In [15]:
?- checkConsentTerm(dataController(fiocruz),dataSubject(paulo),purpose(fiocruz,research),
'genetic_factors_related_to_COVID-19','statistic_analysis',180,'vaccination_priorization','e-mail','lgpd@fiocruz.br').

true.

If ok, the Data Subject decides to agree with the presented terms.

In [16]:
setThatdsAgreeWithConsentTerms(id(ID),dataSubject(DS),
                                dataController(DC),
                                personalData(DS,PData),
                                healthData(DS,HData)) :-
	consentTermOk(dataController(DC),dataSubject(DS)),
	assertz(dsAgreeWithConsentTerms(dataSubject(DS),dataController(DC))),
	assertz(dcCanCollectStoreAndProcessDSData(dataController(DC),dataSubject(DS))),
   	assertz(dcIsProcessingDSData(id(ID),dataController(DC),dataSubject(DS),personalData(DS,PData),healthData(DS,HData))),
   	assertz(dcIsCollectingDSData(id(ID),dataController(DC),dataSubject(DS),personalData(DS,PData),healthData(DS,HData))).




In [17]:
?- setThatdsAgreeWithConsentTerms(id(10),dataSubject(paulo),dataController(fiocruz),personalData(paulo,976635869),healthData(paulo,oPlus)).

true.

Now, the Data Controller can collect, store and process the Data Subject's data.

In [18]:
dcCanCollectStoreAndPRocessDSData(dataController(DC),dataSubject(DS)) :- 
    dsAgreeWithConsentTerms(dataSubject(DS),dataController(DC)),
    assertz(dcCanCollectStoreAndProcessDSData(dataController(DC),dataSubject(DS)));
    not(dsAgreeWithConsentTerms(dataSubject(DS),dataController(DC))),
    assertz(dcCanCollectStoreAndProcessDSData(dataController(''),dataSubject(''))).



In [19]:
?- dcCanCollectStoreAndProcessDSData(dataController(fiocruz),dataSubject(paulo)).

true.

And the Data Subject is able to request his/her other rights.

In [20]:
setDSRights(dataSubject(DS),dataController(DC)) :-
	assertz(dsRight(dataAccess,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataCopy,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataCorrection,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataAnonimization,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataPortability,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataDeletion,dataSubject(DS),dataController(DC))),
	assertz(dsRight(dataSharingInformation,dataSubject(DS),dataController(DC))),
	assertz(dsRight(requestConsentRevokation,dataSubject(DS),dataController(DC))).



In [21]:
?- setDSRights(dataSubject(paulo),dataController(fiocruz)).

true.

#### However, the Data Subject decides to revoke his consent.

In [22]:
setDSRevokeConsent(id(ID),dataSubject(DS),dataController(DC),personalData(DS,PData),healthData(DS,HData)) :-
	retract(dsRight(requestConsentRevokation,dataSubject(DS),dataController(DC))),
   	retract(dcIsCollectingDSData(id(ID),dataController(DC),dataSubject(DS),personalData(DS,PData),healthData(DS,HData))).



In [23]:
?- setDSRevokeConsent(id(10),dataSubject(paulo),dataController(fiocruz),personalData(paulo,976635869),healthData(paulo,oPlus)).

true.

#### And next, decides to request the data deletion
<p> To do so, first, we need to know if the Data Controller's purpose is one of the purposes that allow the Data Controller still storing the Data Subject's data even when the Data Subject requests the data deletion </p>

In [24]:
auxToSetIfDCCanHoldDSData(dataController(DC),dataSubject(DS)) :-
	purpose(DC,DS,legalObligation), assertz(dcCanHoldData(dataController(DC),dataSubject(DS)));
	purpose(DC,DS,research), assertz(dcCanHoldData(dataController(DC),dataSubject(DS)));
	purpose(DC,DS,transferToThirdParty), assertz(dcCanHoldData(dataController(DC),dataSubject(DS)));
	purpose(DC,DS,exclusiveDCUse), assertz(dcCanHoldData(dataController(DC),dataSubject(DS)));
	assertz(dcCanHoldData('','')).	



In [25]:
?- auxToSetIfDCCanHoldDSData(dataController(fiocruz),dataSubject(paulo)).

 ;
 .

In [26]:
?- dcCanHoldData(dataController(fiocruz),dataSubject(paulo)).

true.

If the Data Controller can hold de Data Subject's data, then nothing happens but the Data Subject cannot request data deletion anymore.

In [27]:
?- dcCanHoldData(dataController(fiocruz),dataSubject(paulo)),
retract(dsRight(dataDeletion,dataSubject(paulo),dataController(fiocruz))).

true.

Else, if the Data Controller cannot hold the Data Subject's data, the Data Controller cannot store the Data Subject's data, and the Data Subject has no more rights related to this Data Controller.

In [28]:
deleteDSData(id(ID),dataSubject(DS),dataController(DC),personalData(DS,PData),healthData(DS,HData)) :-
        not(dcCanHoldData(dataController(DC),dataSubject(DS))),
		retract(dsRight(dataAccess,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataCopy,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataCorrection,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataAnonimization,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataPortability,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataDeletion,dataSubject(DS),dataController(DC))),
		retract(dsRight(dataSharingInformation,dataSubject(DS),dataController(DC))),
		retract(dcIsProcessingDSData(id(ID),dataController(DC),dataSubject(DS),personalData(DS,PData),healthData(DS,HData))).



In [29]:
?- deleteDSData(id(10),dataSubject(paulo),dataController(fiocruz),personalData(paulo,976635869),healthData(paulo,oPlus)).

false.

In this case, the result is false because the purpose is research.
<p> Try with another purpose different than research, legalObligation, transferToThirdParty, exclusiveDCUse.</p>
<p> IMPORTANT: Remember to change the purpose in the fuction <b><i>checkConsentTerm</i></b> to the new purpose.</p>

#### Questions to ask

Are the fiocruz data controller using the data subject Paulo's data? 

In [30]:
?- dsRight(processingConfirmation,dataSubject(paulo),dataController(fiocruz)).

true.

What are the Data Subject rights right now?

In [31]:
?- dsRight(RIGHT,dataSubject(paulo),dataController(fiocruz)).

RIGHT = processingConfirmation ;
RIGHT = dataAccess ;
RIGHT = dataCopy ;
RIGHT = dataCorrection ;
RIGHT = dataAnonimization ;
RIGHT = dataPortability ;
RIGHT = dataSharingInformation .

Can all items from art. 9 be informed?

In [32]:
?- specificPurpose(fiocruz,paulo,research,SPECIFICPURPOSE).

SPECIFICPURPOSE = genetic_factors_related_to_COVID-19 .

In [33]:
?- timeLength(fiocruz, paulo, research, 'genetic_factors_related_to_COVID-19',DAYS).

DAYS = 180 .

Who are processing the Data Subject's personal data and what are the respective data?

In [34]:
?- dcIsProcessingDSData(id(ID),dataController(DC),dataSubject(paulo),personalData(paulo,PData),healthData(paulo,HData)).

ID = 10, DC = fiocruz, PData = 976635869, HData = oPlus .

Who are collecting the Data Subject's personal data and what are the respective data?

In [35]:
?- dcIsCollectingDSData(id(ID),dataController(DC),dataSubject(paulo),personalData(paulo,PData),healthData(paulo,HData)).

false.