Legal and regulatory requirements governing transfers of potentially sensitive or private data about individuals are complex and often not very well understood by researchers managing human subjects data. Because there is no common set of licensing agreements that is shared across institutions and laws, current methods to create data use agreements typically require significant efforts by legal counsel for each data transfer. As a result, different institutions duplicate effort in developing variations of agreements for identical uses, and the licenses produced are often too generic and fail to accurately capture either the necessary restrictions on data use or the necessary protections. In this paper, we summarize work-in-progress on expert system support to automate some data deposit and release decisions within a data repository, and to generate custom license agreements for those data transfers. Our approach formalizes via a logic programming language the privacy-relevant aspects of laws, regulations, and best practices, supported by legal analysis documented in legal memoranda. This formalization enables automated reasoning about the conditions under which a repository can transfer data, through interrogation of users, and the application of formal rules to the facts obtained from users. The proposed system takes the specific conditions for a given data release and produces a custom data use agreement that accurately captures the relevant restrictions on data use. This enables appropriate decisions and accurate licenses, while removing the bottleneck of lawyer effort per data transfer. The operation of the system aims to be transparent, in the sense that administrators, lawyers, institutional review boards, and other interested parties can evaluate the legal reasoning and interpretation embodied in the formalization, and the specific rationale for a decision to accept or release a particular dataset.