| | import gradio as gr |
| |
|
| | def calculate_risk(data_type, users, location, use_case): |
| | score = 0 |
| | reasons = [] |
| | |
| | |
| | if data_type == "Public Data": |
| | score += 1 |
| | elif data_type == "Internal/Private": |
| | score += 3 |
| | elif data_type == "Sensitive / Biometric / Medical": |
| | score += 10 |
| | reasons.append("π¨ **High Risk Data:** Processing sensitive personal data requires explicit consent (nFADP) and strict DPIA (EU AI Act).") |
| |
|
| | |
| | if users == "< 1,000 DAU": |
| | score += 1 |
| | elif users == "1,000 - 50,000 DAU": |
| | score += 3 |
| | elif users == "> 50,000 DAU": |
| | score += 5 |
| | reasons.append("π **High Volume:** Systems with >50k users are often classified as 'Systemic Risk' under EU AI Act.") |
| |
|
| | |
| | if location == "Switzerland (CH)": |
| | score += 0 |
| | reasons.append("β
**Sovereign Hosting:** Data resides in Switzerland. nFADP compliant.") |
| | elif location == "European Union (EU)": |
| | score += 1 |
| | reasons.append("β
**Adequate Protection:** EU is on the Swiss FDPIC 'Safe Country' list.") |
| | elif location == "USA (Cloud Act Scope)": |
| | score += 5 |
| | reasons.append("β οΈ **US Cloud Act Risk:** Transfer requires TIA (Transfer Impact Assessment) and SCCs.") |
| | elif location == "Other / Global": |
| | score += 7 |
| | reasons.append("π¨ **Unknown Jurisdiction:** High risk of data sovereignty violation.") |
| |
|
| | |
| | if score >= 12: |
| | tier = "TIER 4: UNACCEPTABLE / HIGH RISK" |
| | color = "red" |
| | action = "π STOP DEPLOYMENT. Requires full DPIA and Legal Review." |
| | elif score >= 7: |
| | tier = "TIER 3: SUBSTANTIAL RISK" |
| | color = "orange" |
| | action = "β οΈ PROCEED WITH CAUTION. Implement SCCs and Encryption." |
| | else: |
| | tier = "TIER 1: LOW RISK" |
| | color = "green" |
| | action = "β
APPROVED for Pilot. Standard monitoring applies." |
| |
|
| | |
| | report = f""" |
| | ## π‘οΈ Audit Verdict: <span style='color:{color}'>{tier}</span> |
| | |
| | **Risk Score:** {score}/20 |
| | |
| | ### π Compliance Actions Required: |
| | {action} |
| | |
| | ### π Detected Risk Factors: |
| | """ |
| | for r in reasons: |
| | report += f"\n- {r}" |
| | |
| | return report |
| |
|
| | |
| | with gr.Blocks(theme=gr.themes.Soft()) as demo: |
| | gr.Markdown(""" |
| | # π¨π Swiss Risk Calculator |
| | ### nFADP & EU AI Act Compliance Engine |
| | **Cata Risk Lab** | Zurich β’ London β’ Miami |
| | """) |
| | |
| | with gr.Row(): |
| | with gr.Column(): |
| | gr.Markdown("### 1. Deployment Details") |
| | data_input = gr.Radio( |
| | ["Public Data", "Internal/Private", "Sensitive / Biometric / Medical"], |
| | label="Data Classification (nFADP Art. 5)" |
| | ) |
| | users_input = gr.Radio( |
| | ["< 1,000 DAU", "1,000 - 50,000 DAU", "> 50,000 DAU"], |
| | label="Daily Active Users" |
| | ) |
| | loc_input = gr.Radio( |
| | ["Switzerland (CH)", "European Union (EU)", "USA (Cloud Act Scope)", "Other / Global"], |
| | label="Hosting Jurisdiction" |
| | ) |
| | btn = gr.Button("π Run Compliance Audit", variant="primary") |
| |
|
| | with gr.Column(): |
| | gr.Markdown("### 2. Risk Assessment Report") |
| | output_box = gr.Markdown() |
| |
|
| | btn.click(fn=calculate_risk, inputs=[data_input, users_input, loc_input], outputs=output_box) |
| |
|
| | if __name__ == "__main__": |
| | demo.launch() |
