feat(ai-sdk): controlled interpretation-intent guidance override

The authority re-rank always ranked binding law above guidance, so a guideline
could never be Top-1 even when the user explicitly asked "what does the EDPB /
ENISA say?". Add a tightly-bounded override: only when the query carries an
explicit guidance signal (EDPB / DSK / ENISA / BSI / Leitlinie / Guideline /
Orientierungshilfe / Auslegung / empfiehlt / Empfehlung / sagt / laut) AND the
guideline is semantically competitive with the best binding hit (>= best_binding
- 0.05) does supervisory_guidance get a +0.25 boost that lets it overtake the
binding norm. Obligation questions (no signal) are unchanged: binding stays #1.

Gate verified on dev:
- "Ab wann DSB-Pflicht?"                  -> Art. 37 DSGVO (binding) Top-1
- "Was empfiehlt der EDPB zum DSB?"       -> EDPB guidance Top-1
- "Was sagt die ENISA zu Security Updates?" -> ENISA guidance Top-1
- "Welche Anforderungen an Security Updates?" -> Art. 13 CRA (binding) Top-1

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

ai-compliance-sdk/internal/ucca/authority_rerank.go

@@ -1,20 +1,61 @@
 package ucca
 
-import "sort"
+import (
+	"sort"
+	"strings"
+)
 
 // Re-ranking coefficients (validated in the offline golden harness; Phase A — conservative).
 const (
-	authorityCoef     = 0.40 // * weight/100
+	authorityCoef        = 0.40 // * weight/100
-	jurisdictionGain  = 0.05 // binding/guidance from DE or EU
+	jurisdictionGain     = 0.05 // binding/guidance from DE or EU
-	foreignPenalty    = 0.60 // foreign law on a DE/EU question (demoted, not removed)
+	foreignPenalty       = 0.60 // foreign law on a DE/EU question (demoted, not removed)
-	unknownPenalty    = 0.08
+	unknownPenalty       = 0.08
-	domainMatchGain   = 0.15
+	domainMatchGain      = 0.15
-	offDomainPenalty  = 0.10 // off-domain binding (demoted, not removed)
+	offDomainPenalty     = 0.10 // off-domain binding (demoted, not removed)
-	scopePenalty      = 0.25 // BDSG Teil 3 (law enforcement) on a general DP question
+	scopePenalty         = 0.25 // BDSG Teil 3 (law enforcement) on a general DP question
-	topicGain         = 0.18 // amplifier only
+	topicGain            = 0.18 // amplifier only
-	supersededPenalty = 0.50 // superseded Alt-Quelle (pre-eu-v1): demoted, nicht versteckt
+	supersededPenalty    = 0.50 // superseded Alt-Quelle (pre-eu-v1): demoted, nicht versteckt
+	guidanceIntentGain   = 0.25 // controlled guidance override on explicit interpretation intent
+	guidanceIntentMargin = 0.05 // ...only if the guideline is semantically competitive with binding
 )
 
+// guidanceIntentSignals mark a query that EXPLICITLY asks for an interpretation /
+// recommendation by a guidance body, rather than for the binding obligation. Only
+// then may a (semantically competitive) guideline outrank the binding norm.
+var guidanceIntentSignals = []string{
+	"edpb", "europäischer datenschutzausschuss", "europaeischer datenschutzausschuss",
+	"dsk", "enisa", "bsi", "leitlinie", "guideline", "orientierungshilfe",
+	"auslegung", "empfiehlt", "empfehlung", "sagt", "laut",
+}
+
+// queryWantsGuidance reports whether the query explicitly asks for guidance/interpretation.
+func queryWantsGuidance(query string) bool {
+	q := strings.ToLower(query)
+	for _, sig := range guidanceIntentSignals {
+		if strings.Contains(q, sig) {
+			return true
+		}
+	}
+	return false
+}
+
+// bestBindingSemantic returns the highest RAW semantic score among binding-law
+// results (0 if none / intent not requested). Used as the guard threshold so an
+// off-topic guideline cannot ride the interpretation-intent boost.
+func bestBindingSemantic(results []LegalSearchResult, wantsGuidance bool) float64 {
+	if !wantsGuidance {
+		return 0
+	}
+	best := 0.0
+	for _, r := range results {
+		if r.SourceClass == "binding_law" && r.Score > best {
+			best = r.Score
+		}
+	}
+	return best
+}
+
 // authorityScore computes the normative relevance of a result for a query. It augments the
 // semantic score with authority/jurisdiction/domain/scope/topic signals. Exposed for tests.
 func authorityScore(query string, r LegalSearchResult, qDomain string, qForeign bool) float64 {
@@ -62,11 +103,21 @@ func rerankByAuthority(query string, results []LegalSearchResult) []LegalSearchR
 	}
 	qDomain := queryDomain(query)
 	qForeign := queryIsForeign(query)
+	wantsGuidance := queryWantsGuidance(query)
+	bestBindingSem := bestBindingSemantic(results, wantsGuidance)
 
 	out := make([]LegalSearchResult, len(results))
 	copy(out, results)
 	for i := range out {
 		out[i].Score = authorityScore(query, out[i], qDomain, qForeign)
+		// Interpretations-Intent (eng begrenzt): NUR wenn die Query explizit nach
+		// Guidance/Auslegung fragt UND die Leitlinie semantisch konkurrenzfaehig ist
+		// (>= bester binding-Treffer - margin), darf supervisory_guidance die bindende
+		// Norm ueberholen. Sonst bleibt binding > guidance (Normfrage unveraendert).
+		if wantsGuidance && out[i].SourceClass == "supervisory_guidance" &&
+			results[i].Score >= bestBindingSem-guidanceIntentMargin {
+			out[i].Score += guidanceIntentGain
+		}
 	}
 	sort.SliceStable(out, func(a, b int) bool {
 		return out[a].Score > out[b].Score

ai-compliance-sdk/internal/ucca/legal_rag_intent_test.go

@@ -0,0 +1,72 @@
+package ucca
+
+import "testing"
+
+func intentRes(reg, sourceClass string, sem float64, weight int) LegalSearchResult {
+	return LegalSearchResult{
+		RegulationShort: reg, SourceClass: sourceClass, Score: sem,
+		AuthorityWeight: weight, Jurisdiction: "EU",
+	}
+}
+
+func TestQueryWantsGuidance(t *testing.T) {
+	wants := []string{
+		"Was empfiehlt der EDPB zum DSB?",
+		"Was sagt die ENISA zu Security Updates?",
+		"laut DSK ...",
+		"Orientierungshilfe zur DSFA",
+		"Welche BSI-Empfehlung gilt?",
+		"Auslegung der Aufsichtsbehörde",
+	}
+	plain := []string{
+		"Ab wann braucht man einen Datenschutzbeauftragten?",
+		"Welche Anforderungen bestehen an Security Updates?",
+	}
+	for _, q := range wants {
+		if !queryWantsGuidance(q) {
+			t.Errorf("should detect interpretation intent: %q", q)
+		}
+	}
+	for _, q := range plain {
+		if queryWantsGuidance(q) {
+			t.Errorf("should NOT detect intent (norm question): %q", q)
+		}
+	}
+}
+
+func TestRerank_NormQuestion_BindingStaysTop(t *testing.T) {
+	// No intent signal → binding wins even though guidance is semantically higher.
+	results := []LegalSearchResult{
+		intentRes("EDPB DPO", "supervisory_guidance", 0.64, 70),
+		intentRes("DSGVO", "binding_law", 0.58, 100),
+	}
+	out := rerankByAuthority("Ab wann braucht man einen Datenschutzbeauftragten?", results)
+	if out[0].SourceClass != "binding_law" {
+		t.Errorf("norm question: binding must stay Top-1, got %s", out[0].SourceClass)
+	}
+}
+
+func TestRerank_InterpretationQuestion_GuidanceMayWin(t *testing.T) {
+	// Explicit intent + guidance semantically competitive → guidance wins.
+	results := []LegalSearchResult{
+		intentRes("EDPB DPO", "supervisory_guidance", 0.64, 70),
+		intentRes("DSGVO", "binding_law", 0.58, 100),
+	}
+	out := rerankByAuthority("Was empfiehlt der EDPB zum Datenschutzbeauftragten?", results)
+	if out[0].SourceClass != "supervisory_guidance" {
+		t.Errorf("interpretation question: guidance should win Top-1, got %s", out[0].SourceClass)
+	}
+}
+
+func TestRerank_OffTopicGuidance_BlockedByGuard(t *testing.T) {
+	// Intent present, but guidance semantic is far below the best binding hit →
+	// the margin guard keeps binding on top (no off-topic guideline override).
+	results := []LegalSearchResult{
+		intentRes("EDPB DPO", "supervisory_guidance", 0.40, 70),
+		intentRes("DSGVO", "binding_law", 0.58, 100),
+	}
+	out := rerankByAuthority("Was empfiehlt der EDPB zum Datenschutzbeauftragten?", results)
+	if out[0].SourceClass != "binding_law" {
+		t.Errorf("off-topic guidance must not win even with intent, got %s", out[0].SourceClass)
+	}
+}