quick-link index of major CDCL topics

Statement of the Problem:


Disclosure is the rhinoceros in Information Sharing's livingroom.

You know? The one people don't talk about much? But still, the one whose potential for havoc stays at the back of everyone's mind as they chitchat about other topics. No one really knows when the brute might do something awful; and nobody would be able to do anything much about it, except perhaps escape.

Inappropriate disclosure of data raises a lot of very serious concerns, including (but by no means limited to) legal jeopardy, privacy infringement, compromise of operational confidentiality, and public policy repercussions. To some extent, all parties in an Information Sharing activity share exposure to these risks.


A workable comprehensive solution to the problem of Disclosure Policy is indispensable. Without such a solution, sharers of data are left with three unsatisfactory alternatives:

Creating that comprehensive solution.

Discussions of Information Sharing (and to a lesser degree, Information Exchange) tend to acknowledge Disclosure as an issue, but to defer addressing it in any substantive fashion. The general sentiment appears to be that, sooner or later, someone will solve the problem adequately; and in the meantime there are other things to work on.

Fair enough. But (to torture the metaphor) everyone is getting ready to attend the big Information Sharing Dinner Party. WIJIS is saying that we're all going to need that livingroom, and it's time to get the damned rhinoceros out. To that end, WIJIS has begun conceptual work on a technology called Cascading Disclosure Control Language, or CDCL.

Initial results are promising. CDCL can, in principle, solve a remarkably large array of problems. As WIJIS has been pursuing this initial design, it has been very encouraging to uncover many other, initially unconsidered, problems it fixes. Just as significantly, CDCL creates many new opportunities and enables previously unconsidered functionality. In our experience, these unanticipated benefits are hopeful indications that a design concept is highly appropriate to the problem space.

Essential characteristics of CDCL

In order to be usable for practical disclosure control deployment, CDCL is going to need to have some specific characteristics.

Obviously, the Machine requirements strongly favor representing CDCL as XML, while human requirements militate against it. This conflict is an interesting design and implementation challenge.

CDCL summary

From Wikipedia: "...in most areas of law in most jurisdictions in the United States, there are "statutes" enacted by a legislature, "regulations" promulgated by executive branch agencies pursuant to a delegation of rule-making authority from a legislature, and common law or "case law", i.e. decisions issued by courts (or quasi-judicial tribunals within agencies)." Combining law with other "expectations of behavior", including operational procedures and business processes, one has a body of work for which CDCL and its potential derivatives may play a critically important role in compliance. A case in point is, from the Wisconsin Department of Justice in August 2007, "Under Wis. Stat. 19.36(6), however, the custodian is required to delete or redact confidential information contained in a record before the parts of a record that are subject to disclosure [are disclosed]."

For further information, please see paper from GLOBAL.

Therefore, controlling disclosure both in a manner conducive to current practices and in compliance with law and procedure is a problem for which CDCL is proposed as the solution across various domains.

The results of our preliminary conceptual work are as follows:

Design Principles

CDCL rests on a few fundamental principles:

Design Goals

The CDCL design project will have to make some compromises and choices when defining semantics and declaring syntax. For guidance in doing so, the following desirable characteristics will be considered:

Unanswered Design Questions