File size: 3,612 Bytes
7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 7b28d05 d3bbdc6 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 |
import gradio as gr
def calculate_risk(data_type, users, location, use_case):
score = 0
reasons = []
# 1. Data Sensitivity Scoring (nFADP Art. 5)
if data_type == "Public Data":
score += 1
elif data_type == "Internal/Private":
score += 3
elif data_type == "Sensitive / Biometric / Medical":
score += 10
reasons.append("π¨ **High Risk Data:** Processing sensitive personal data requires explicit consent (nFADP) and strict DPIA (EU AI Act).")
# 2. User Volume (Systemic Risk)
if users == "< 1,000 DAU":
score += 1
elif users == "1,000 - 50,000 DAU":
score += 3
elif users == "> 50,000 DAU":
score += 5
reasons.append("π **High Volume:** Systems with >50k users are often classified as 'Systemic Risk' under EU AI Act.")
# 3. Server Location (Cross-Border Transfer)
if location == "Switzerland (CH)":
score += 0
reasons.append("β
**Sovereign Hosting:** Data resides in Switzerland. nFADP compliant.")
elif location == "European Union (EU)":
score += 1
reasons.append("β
**Adequate Protection:** EU is on the Swiss FDPIC 'Safe Country' list.")
elif location == "USA (Cloud Act Scope)":
score += 5
reasons.append("β οΈ **US Cloud Act Risk:** Transfer requires TIA (Transfer Impact Assessment) and SCCs.")
elif location == "Other / Global":
score += 7
reasons.append("π¨ **Unknown Jurisdiction:** High risk of data sovereignty violation.")
# Calculate Verdict
if score >= 12:
tier = "TIER 4: UNACCEPTABLE / HIGH RISK"
color = "red"
action = "π STOP DEPLOYMENT. Requires full DPIA and Legal Review."
elif score >= 7:
tier = "TIER 3: SUBSTANTIAL RISK"
color = "orange"
action = "β οΈ PROCEED WITH CAUTION. Implement SCCs and Encryption."
else:
tier = "TIER 1: LOW RISK"
color = "green"
action = "β
APPROVED for Pilot. Standard monitoring applies."
# Formatted Output
report = f"""
## π‘οΈ Audit Verdict: <span style='color:{color}'>{tier}</span>
**Risk Score:** {score}/20
### π Compliance Actions Required:
{action}
### π Detected Risk Factors:
"""
for r in reasons:
report += f"\n- {r}"
return report
# --- UI Layout ---
with gr.Blocks(theme=gr.themes.Soft()) as demo:
gr.Markdown("""
# π¨π Swiss Risk Calculator
### nFADP & EU AI Act Compliance Engine
**Cata Risk Lab** | Zurich β’ London β’ Miami
""")
with gr.Row():
with gr.Column():
gr.Markdown("### 1. Deployment Details")
data_input = gr.Radio(
["Public Data", "Internal/Private", "Sensitive / Biometric / Medical"],
label="Data Classification (nFADP Art. 5)"
)
users_input = gr.Radio(
["< 1,000 DAU", "1,000 - 50,000 DAU", "> 50,000 DAU"],
label="Daily Active Users"
)
loc_input = gr.Radio(
["Switzerland (CH)", "European Union (EU)", "USA (Cloud Act Scope)", "Other / Global"],
label="Hosting Jurisdiction"
)
btn = gr.Button("π Run Compliance Audit", variant="primary")
with gr.Column():
gr.Markdown("### 2. Risk Assessment Report")
output_box = gr.Markdown()
btn.click(fn=calculate_risk, inputs=[data_input, users_input, loc_input], outputs=output_box)
if __name__ == "__main__":
demo.launch() |