| import gradio as gr |
|
|
| def calculate_risk(data_type, users, location, use_case): |
| score = 0 |
| reasons = [] |
| |
| |
| if data_type == "Public Data": |
| score += 1 |
| elif data_type == "Internal/Private": |
| score += 3 |
| elif data_type == "Sensitive / Biometric / Medical": |
| score += 10 |
| reasons.append("π¨ **High Risk Data:** Processing sensitive personal data requires explicit consent (nFADP) and strict DPIA (EU AI Act).") |
|
|
| |
| if users == "< 1,000 DAU": |
| score += 1 |
| elif users == "1,000 - 50,000 DAU": |
| score += 3 |
| elif users == "> 50,000 DAU": |
| score += 5 |
| reasons.append("π **High Volume:** Systems with >50k users are often classified as 'Systemic Risk' under EU AI Act.") |
|
|
| |
| if location == "Switzerland (CH)": |
| score += 0 |
| reasons.append("β
**Sovereign Hosting:** Data resides in Switzerland. nFADP compliant.") |
| elif location == "European Union (EU)": |
| score += 1 |
| reasons.append("β
**Adequate Protection:** EU is on the Swiss FDPIC 'Safe Country' list.") |
| elif location == "USA (Cloud Act Scope)": |
| score += 5 |
| reasons.append("β οΈ **US Cloud Act Risk:** Transfer requires TIA (Transfer Impact Assessment) and SCCs.") |
| elif location == "Other / Global": |
| score += 7 |
| reasons.append("π¨ **Unknown Jurisdiction:** High risk of data sovereignty violation.") |
|
|
| |
| if score >= 12: |
| tier = "TIER 4: UNACCEPTABLE / HIGH RISK" |
| color = "red" |
| action = "π STOP DEPLOYMENT. Requires full DPIA and Legal Review." |
| elif score >= 7: |
| tier = "TIER 3: SUBSTANTIAL RISK" |
| color = "orange" |
| action = "β οΈ PROCEED WITH CAUTION. Implement SCCs and Encryption." |
| else: |
| tier = "TIER 1: LOW RISK" |
| color = "green" |
| action = "β
APPROVED for Pilot. Standard monitoring applies." |
|
|
| |
| report = f""" |
| ## π‘οΈ Audit Verdict: <span style='color:{color}'>{tier}</span> |
| |
| **Risk Score:** {score}/20 |
| |
| ### π Compliance Actions Required: |
| {action} |
| |
| ### π Detected Risk Factors: |
| """ |
| for r in reasons: |
| report += f"\n- {r}" |
| |
| return report |
|
|
| |
| with gr.Blocks(theme=gr.themes.Soft()) as demo: |
| gr.Markdown(""" |
| # π¨π Swiss Risk Calculator |
| ### nFADP & EU AI Act Compliance Engine |
| **Cata Risk Lab** | Zurich β’ London β’ Miami |
| """) |
| |
| with gr.Row(): |
| with gr.Column(): |
| gr.Markdown("### 1. Deployment Details") |
| data_input = gr.Radio( |
| ["Public Data", "Internal/Private", "Sensitive / Biometric / Medical"], |
| label="Data Classification (nFADP Art. 5)" |
| ) |
| users_input = gr.Radio( |
| ["< 1,000 DAU", "1,000 - 50,000 DAU", "> 50,000 DAU"], |
| label="Daily Active Users" |
| ) |
| loc_input = gr.Radio( |
| ["Switzerland (CH)", "European Union (EU)", "USA (Cloud Act Scope)", "Other / Global"], |
| label="Hosting Jurisdiction" |
| ) |
| btn = gr.Button("π Run Compliance Audit", variant="primary") |
|
|
| with gr.Column(): |
| gr.Markdown("### 2. Risk Assessment Report") |
| output_box = gr.Markdown() |
|
|
| btn.click(fn=calculate_risk, inputs=[data_input, users_input, loc_input], outputs=output_box) |
|
|
| if __name__ == "__main__": |
| demo.launch() |
