Difference between revisions of "Subscription and Notification Pattern"

Is used by Doing Business Abroad Pilot in Use Case "Doing Business in Another Member State" (DBA UC2)

After receiving evidence from a Data Owner (DO), it can be essential for a Data Evaluator (DE) to be informed on changes regarding the subject of this evidence to be able to take appropriate action. The goal of this interaction pattern is to allow the DE to subscribe to a service of the DO that provides autmatic and regual notifications. The cross-border message exchange for the subscriptions and notifications are put in the responsibility of the Data Requester (DR) and the Data Transferor (DT) respectively to allow an easier distribution of responsibility on national level, i.e. to intermediary platforms an national gateway providers.

Functional Variants of the Subscription and Notification Pattern

There are two distinct purposes, or business requirements for Subscription and Notification, which both are relevant for the DE4A Doing Business Abroad Pilot: Evidence update notification and Event notification

Evidence Update Notification

The goal is to keep previously shared evidence data that is stored at the DE up to date.

Description: Data may change in the base register. In case the DE needs an exact copy of the evidence data on record, they need to be notified in case the data has changed in teh base registry.

Business or Life Event Notification

The goal is to assess the impact of company changes on the eServices provided by the data evaluator.

Description: Some eServices oblige the subject (i.e. company or citizen) to continue in a specifc situation or state to remain entitled to the benefits of an eService provided to the subjcet. E.g., an agricultural company may receive a subsidy for its permanent pasture. As a prerequisite, the company must preserve the pasture for five consecutive years. The data evaluator needs to be notified of the company ending its operations and hence not meeting the five-year requirement. “ending its operation” is an example of a business event. Others examples are: going bankrupt, merge, etc.

Alternative Solution Approaches

Essentially there are two ways to approach the dual requirements for Subscription and Notification, either specific solutions for each requirement or hybrid approaches that can serve both.

Looking at specific solutions would mean that two specialized systems would need to be developed and implemented:

1. Specific Evidence Update Solution: The subscription would be linked directly to the previously exchanged evidence, hence the subscription would need to register the evidence type the subject ID and the subscriber ID. For any data change in the evidence type data set at the DO, the DP would need to push a complete new evidence to the DC, irrespective of that specific change being relevant for the public service provided to the user by the DC. Apart from this being not optimal from a data minimization principle perspective, it can not cover changes of the subject that are not represented in the evidence type data set, giving rise to a second subscription system for event. In addition, the subscription system would be impacted by changes in the canonical evidence type definitions over time. This approach might, however, be easier to integrate in the legal framework of the SDGR (see Legal Considerations below).
2. Pure Event Notification: The subscription would not need to be directly related to a previously shared exchanges evidence, but the subscription would be registered for an agreed set of events relating to a given subject. The subscription system would consequently be based on a list of events, rather than a list of evidence types. Quite obviously, this requires an agreement on a set of DE4A events, or canonical cross-border events. We expect that resolving existing legal barriers especially in the citizen domain would be easier for pure event notifications, becausi theNotification would only contain identifiers rather than the underlying (personal) data.

Technical approach and business requirement do not relate one two one, giving rise to several hybrid approaches, where one solution is used to cater for both requirements:

1. Extended Evidence Type: The Specific Evidence Update can be used to derive relevant Events at the DC, if the evidence type definition is scoped, or extended, so that all relevant events are represented by data changes in the evidence type data set. This would require the DC to run a event identification routine on each received update to react accordingly. This hybrid solution would also meet its limitations for events that are dealt with by procedural means at the DP-side, rather than by data mutations. The extension of evidence type definitions beyond what is actually required by the eProcedure is, again, not optimal from a data minimization principle perspective.
2. Extended Notification Message: The pure Event Notification could be extended to carry an updated evidence as part of the Notification message, essentially piggy-bagging the evidence on an event notification. This approach would need to extend the event-centric subscription system to maintain with underlying evidence type, or potentially multiple evidence types, are potentially relevant for each event type, so that evidence can be retrieved and packed as extension of the Notification Message. This solution would consequently end up to be rather complext and again not optimal from a from a data minimization principle perspective. [A BPMN Process Analysis of this approach is available on request]
3. Event Notification + Lookup: The pure Event Notification is used as described above, while it is made sure that the agreed event set of canonical DE4A events is complete in the sense that in covers also relevant update needs, for example a company that moved HQ means that the adres (part of the Company Registration evidence) changed as an effect. It is then left at the discretion of the DC, whether a particular event requires an update of the evidence on record. It could be that, i.e. the postal adres of a company is nor relevant for the continuation of the public service provisioning, in which case a flag that the adres on record is not up to date, or a change to "unknown" would be sufficient as event response. This is fully in line with the data minimization principle perspective. If the DC considers that an an update of one evidence or potentially several evidences is required as part of the event response, then the DC would use the Lookup Pattern to request new copies of evidences.

The reference Architecture for the DE4A projects focusses on the third option, on Event Notification combined with the Lookup Pattern to cover both business requirements with one hybrid solution, rather then setting up two specific solutions next to each other. The combination of Event Notification and Lookup Pattern appears to be the most flexible approach is expected to have the following advantages:

• Data minimization: Evidences are only requested if they are actually needed for the public service provided by the DC
• Low complexity of message definitions: The required message definitions for the notifications and updates between DP and DC remains low in complexity: A simple event notification (consisting of event type, identifiers and timestamp) and and evidence response analogous to the event response message of the Intermediation Pattern and User-supported Intermediation Pattern.
• Multiplicity: Case that single events require multiple evidences to be updated, or several events require the update of the same evidence can be covered quiet easily without requiring overly complex message definitions.
• Flexibility in legal basis and authorizations: As the Event Notification does only contain identifiers and not the underlying (personal) data, the legal basis and corresponding authorizations might differ between Notification and Lookup, adding flexibility to the overall solution.
• Independence from a previously shared evidence: The solution approach is not directly linked to a previously shared evidence, which means that a subscription and subsequent lookup can also be applied in cases where the original procedure (leading to the public service being provided) was completed without any automated evidence exchange, i.e. evidence was provided by the user electronically or in person, provided that there is a legal basis (see below).

Legal Considerations

Differnce between evidence update case (possible in framework SDGR?) and Event Notifications

Existence of consent / Publicly available information

Business vs. Citizen: For Citizen anything that is not based on Consent will be difficult.

Delimitation to BRIS (DBA specific)

As concluded in “DE4A Discussion paper BRIS 20200708 Final.docx” BRIS will not be used in the DBA pilot. This also applies for the subscription and notification pattern. The notifications send resorting under BRIS regulation are out of scope of DE4A. The DE4A pattern has its own subscriptions and notifications that do no relate to BRIS regulation. Note that in some cases this could lead to the situation that a Data Evaluator receives both a BRIS and a DE4A notification for one business event.

Note the BRIS proposed change in the technical working group: Subscription will be replaced by a push notification through registering international branches in the registry of the mother company. Thereby reversing the responsibilities.

Business Process

The subscription and notification pattern realizes the goal to inform the data evaluator of relevant changes in the subject (i.e. company or citizen). This is done in two steps:

1. In the subscription step the DE expresses the need to be informed on changes regarding a certain subject and this need is registered as a subscription.
2. In the notification step the DO monitors the subject and if a change occurs, all subscribers will be informed on this change.

Event Subscription

Business Process

Event Subscription process

Activity Table

*Activity Type and Task Type in accordance with BPMN 2.0

Design decisions

Explicit request and preview

The nature of the subscription and notification pattern leads to a different use of the explicit request and preview as stated in the SDG-regulation:

• Notification is performed without a user transaction, making real-time explicit request and preview impossible.
• Fraud prevention outweighs user centricity, making explicit request and preview less opportune.
• The public nature of company data relaxes the need of explicit request and preview.

Implementing an explicit request for future notifications introduces the burden of creating and maintaining an explicit request administration, with for instance options to retract a previously given explicit request

Design decision: for the Business event notification explicit request and preview as defined in the SDG-regulation is not applicable.

Positioning of subscription registration

For the location of the subscription registration certain options can be considered:

• Fully at the data providing MS: The subscription is registered at the data providing member state. The DE sends messages to the DO via DR and DT to manage the subscription (subscribe, cancel subscription).

• Splitted between data provider and data consuming MS: It is a possibility to split the register; the DO then only registers which MS subscribe to a certain company, and the DC MS registers which DE subscribe to the company. The process flow would be: (1) a central component at the DT registers which DE’s subscribe to which subjects of which data owners; (2) the DT registers as a MS for this company; (3) the DO registers which MS subscribes to which company and sends notifications to the DT (4) the DT distributes the notification to all DE.
• At a central component: The DE4A-architecture implements the four-corner model, a central subscription register would conflict with this principle. Moreover, a subscription is a direct relation between a DO and a DE regarding a subject, there will be no added value to place such a subscription in an external, central component.

Design decision: The registration of subscriptions is placed within the data providing member state. DP MS is free to choose in which environment this is (DT, DO or another environment). The assumption for the design of the S&N pattern is that the subscription registration is fully placed in the environment of the DO.

Subscription period

Including a subscription period with start and end date has several consequences... todo

Design decision: a subscription period with mandatory start and end dates is included in the subscription.

Catalogue of DE4A business events

tbd, see table below

Subscription register requirements

Evidence exchange and subscription request

The main flow of the DBA-pilot is that the intermediation pattern triggers the subscription and notification pattern. Part of the intermediation pattern is the exchange of evidence: DE requests a specific evidence type from a specific company from the DO. In the happy flow the DE subscribes to receive notifications regarding this company. This trigger can be implemented in different ways:

• As a part of the request for evidence. The evidence exchange request then consists at least of: company identifier, requested evidence type, DE identifier, subscribe y/n.

• In a separate subscription request message: after a user consent to the preview and a successful completion of the registration process a separate subscription message is sent.

Design decision: the subscription request is not combined with the evidence exchange request but is sent after successful registration of the company/branch.

Combining the subscription request with the evidence exchange would be too early in the process. It would lead to (possibly a relative high number of) requests to cancel the subscription if no consent was given or the registration was not successful. This would also introduce the risk of unauthorised subscriptions and notifications if the cancellation fails.

There are two main choices for the subscription criteria, subscribe to changes in:

• business events
• evidences

Design decision: not all business events are related to an evidence, subscriptions must therefore be made to business events to cover all notifications to be sent, see table below.

Business event - evidence mapping

Below example for Doing Business Abroad Pilot. Each pilot (domain) must define their common event list including a clear semantic explanation of each business or life event in order for the Data Evaluator to be able to interpret the event correctly and define an appropriate course of action, e.g. request an updated evidence or discontinue the public service.

Event Notification

Business Process

Activity Table

Design decisions

Response on event notification

Functional responses from Data Evaluator to Data Owner after receiving an event notification, for example to inform that appropriate actions have been taken, are out of scope of the Subscription and Notification pattern.

Notifications from Subscriber

Notifications from Data Evaluator to Data Owner, for example to inform Data Owner on changes in the branch registration, are out of scope of the Subscription and Notification pattern.

Process Realisation

Subscription Process Realization of the Data Consumer

Subscription Process Realization of the Data Provider

Notification Process Realization of the Data Provider

Notification Process Realization of the Data ConsumerDC

Used by the following use cases

DBA (UC2)

Application collaborations

TBD