Spaces:
Sleeping
Sleeping
| import gradio as gr | |
| def calculate_risk(data_type, users, location, use_case): | |
| score = 0 | |
| reasons = [] | |
| # 1. Data Sensitivity Scoring (nFADP Art. 5) | |
| if data_type == "Public Data": | |
| score += 1 | |
| elif data_type == "Internal/Private": | |
| score += 3 | |
| elif data_type == "Sensitive / Biometric / Medical": | |
| score += 10 | |
| reasons.append("π¨ **High Risk Data:** Processing sensitive personal data requires explicit consent (nFADP) and strict DPIA (EU AI Act).") | |
| # 2. User Volume (Systemic Risk) | |
| if users == "< 1,000 DAU": | |
| score += 1 | |
| elif users == "1,000 - 50,000 DAU": | |
| score += 3 | |
| elif users == "> 50,000 DAU": | |
| score += 5 | |
| reasons.append("π **High Volume:** Systems with >50k users are often classified as 'Systemic Risk' under EU AI Act.") | |
| # 3. Server Location (Cross-Border Transfer) | |
| if location == "Switzerland (CH)": | |
| score += 0 | |
| reasons.append("β **Sovereign Hosting:** Data resides in Switzerland. nFADP compliant.") | |
| elif location == "European Union (EU)": | |
| score += 1 | |
| reasons.append("β **Adequate Protection:** EU is on the Swiss FDPIC 'Safe Country' list.") | |
| elif location == "USA (Cloud Act Scope)": | |
| score += 5 | |
| reasons.append("β οΈ **US Cloud Act Risk:** Transfer requires TIA (Transfer Impact Assessment) and SCCs.") | |
| elif location == "Other / Global": | |
| score += 7 | |
| reasons.append("π¨ **Unknown Jurisdiction:** High risk of data sovereignty violation.") | |
| # Calculate Verdict | |
| if score >= 12: | |
| tier = "TIER 4: UNACCEPTABLE / HIGH RISK" | |
| color = "red" | |
| action = "π STOP DEPLOYMENT. Requires full DPIA and Legal Review." | |
| elif score >= 7: | |
| tier = "TIER 3: SUBSTANTIAL RISK" | |
| color = "orange" | |
| action = "β οΈ PROCEED WITH CAUTION. Implement SCCs and Encryption." | |
| else: | |
| tier = "TIER 1: LOW RISK" | |
| color = "green" | |
| action = "β APPROVED for Pilot. Standard monitoring applies." | |
| # Formatted Output | |
| report = f""" | |
| ## π‘οΈ Audit Verdict: <span style='color:{color}'>{tier}</span> | |
| **Risk Score:** {score}/20 | |
| ### π Compliance Actions Required: | |
| {action} | |
| ### π Detected Risk Factors: | |
| """ | |
| for r in reasons: | |
| report += f"\n- {r}" | |
| return report | |
| # --- UI Layout --- | |
| with gr.Blocks(theme=gr.themes.Soft()) as demo: | |
| gr.Markdown(""" | |
| # π¨π Swiss Risk Calculator | |
| ### nFADP & EU AI Act Compliance Engine | |
| **Cata Risk Lab** | Zurich β’ London β’ Miami | |
| """) | |
| with gr.Row(): | |
| with gr.Column(): | |
| gr.Markdown("### 1. Deployment Details") | |
| data_input = gr.Radio( | |
| ["Public Data", "Internal/Private", "Sensitive / Biometric / Medical"], | |
| label="Data Classification (nFADP Art. 5)" | |
| ) | |
| users_input = gr.Radio( | |
| ["< 1,000 DAU", "1,000 - 50,000 DAU", "> 50,000 DAU"], | |
| label="Daily Active Users" | |
| ) | |
| loc_input = gr.Radio( | |
| ["Switzerland (CH)", "European Union (EU)", "USA (Cloud Act Scope)", "Other / Global"], | |
| label="Hosting Jurisdiction" | |
| ) | |
| btn = gr.Button("π Run Compliance Audit", variant="primary") | |
| with gr.Column(): | |
| gr.Markdown("### 2. Risk Assessment Report") | |
| output_box = gr.Markdown() | |
| btn.click(fn=calculate_risk, inputs=[data_input, users_input, loc_input], outputs=output_box) | |
| if __name__ == "__main__": | |
| demo.launch() |