Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f8fd329059ff9d75a58a6f8f5770c621f76706fa
breakpilot-compliance/ai-compliance-sdk/internal/ucca/models_intake.go
Benjamin Admin 1ac716261c
Some checks failed
Build + Deploy / build-admin-compliance (push) Successful in 1m45s
Details
Build + Deploy / build-backend-compliance (push) Successful in 4m42s
Details
Build + Deploy / build-ai-sdk (push) Successful in 46s
Details
Build + Deploy / build-developer-portal (push) Successful in 1m6s
Details
Build + Deploy / build-tts (push) Successful in 1m14s
Details
Build + Deploy / build-document-crawler (push) Successful in 31s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 24s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 15s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 2m27s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Failing after 37s
Details
CI / test-python-backend (push) Successful in 42s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details
CI / validate-canonical-controls (push) Successful in 18s
Details
Build + Deploy / trigger-orca (push) Successful in 4m35s
Details
feat: Compliance Maximizer — Regulatory Optimization Engine 
Neues Modul das den regulatorischen Spielraum fuer KI-Use-Cases
deterministisch berechnet und optimale Konfigurationen vorschlaegt.

Kernfeatures:
- 13-Dimensionen Constraint-Space (DSGVO + AI Act)
- 3-Zonen-Analyse: Verboten / Eingeschraenkt / Erlaubt
- Deterministische Optimizer-Engine (kein LLM im Kern)
- 28 Constraint-Regeln aus DSGVO, AI Act, EDPB Guidelines
- 28 Tests (Golden Suite + Meta-Tests)
- REST API: /sdk/v1/maximizer/* (9 Endpoints)
- Frontend: 3-Zonen-Visualisierung, Dimension-Form, Score-Gauges

[migration-approved]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-23 09:10:20 +02:00

179 lines
7.1 KiB
Go
Raw Blame History

package ucca
// ============================================================================
// Input Structs
// ============================================================================
// UseCaseIntake represents the user's input describing their planned AI use case
type UseCaseIntake struct {
// Free-text description of the use case
UseCaseText string `json:"use_case_text"`
// Business domain
Domain Domain `json:"domain"`
// Title for the assessment (optional)
Title string `json:"title,omitempty"`
// Data types involved
DataTypes DataTypes `json:"data_types"`
// Purpose of the processing
Purpose Purpose `json:"purpose"`
// Level of automation
Automation AutomationLevel `json:"automation"`
// Output characteristics
Outputs Outputs `json:"outputs"`
// Hosting configuration
Hosting Hosting `json:"hosting"`
// Model usage configuration
ModelUsage ModelUsage `json:"model_usage"`
// Retention configuration
Retention Retention `json:"retention"`
// Financial regulations context (DORA, MaRisk, BAIT)
// Only applicable for financial domains (banking, finance, insurance, investment)
FinancialContext *FinancialContext `json:"financial_context,omitempty"`
// BetrVG: Works council consultation status
WorksCouncilConsulted bool `json:"works_council_consulted,omitempty"`
// Opt-in to store raw text (otherwise only hash)
StoreRawText bool `json:"store_raw_text,omitempty"`
}
// DataTypes specifies what kinds of data are processed
type DataTypes struct {
PersonalData bool `json:"personal_data"`
Article9Data bool `json:"article_9_data"` // Special categories (health, religion, etc.)
MinorData bool `json:"minor_data"` // Data of children
LicensePlates bool `json:"license_plates"` // KFZ-Kennzeichen
Images bool `json:"images"` // Photos/images of persons
Audio bool `json:"audio"` // Voice recordings
LocationData bool `json:"location_data"` // GPS/location tracking
BiometricData bool `json:"biometric_data"` // Fingerprints, face recognition
FinancialData bool `json:"financial_data"` // Bank accounts, salaries
EmployeeData bool `json:"employee_data"` // HR/employment data
CustomerData bool `json:"customer_data"` // Customer information
PublicData bool `json:"public_data"` // Publicly available data only
}
// Purpose specifies the processing purpose
type Purpose struct {
CustomerSupport bool `json:"customer_support"`
Marketing bool `json:"marketing"`
Analytics bool `json:"analytics"`
Automation bool `json:"automation"`
EvaluationScoring bool `json:"evaluation_scoring"` // Scoring/ranking of persons
DecisionMaking bool `json:"decision_making"` // Automated decisions
Profiling bool `json:"profiling"`
Research bool `json:"research"`
InternalTools bool `json:"internal_tools"`
PublicService bool `json:"public_service"`
}
// Outputs specifies output characteristics
type Outputs struct {
RecommendationsToUsers bool `json:"recommendations_to_users"`
RankingsOrScores bool `json:"rankings_or_scores"` // Outputs rankings/scores
LegalEffects bool `json:"legal_effects"` // Has legal consequences
AccessDecisions bool `json:"access_decisions"` // Grants/denies access
ContentGeneration bool `json:"content_generation"` // Generates text/media
DataExport bool `json:"data_export"` // Exports data externally
}
// Hosting specifies where the AI runs
type Hosting struct {
Provider string `json:"provider,omitempty"` // e.g., "Azure", "AWS", "Hetzner", "On-Prem"
Region string `json:"region"` // "eu", "third_country", "on_prem"
DataResidency string `json:"data_residency,omitempty"` // Where data is stored
}
// ModelUsage specifies how the model is used
type ModelUsage struct {
RAG bool `json:"rag"` // Retrieval-Augmented Generation only
Finetune bool `json:"finetune"` // Fine-tuning with data
Training bool `json:"training"` // Full training with data
Inference bool `json:"inference"` // Inference only
}
// Retention specifies data retention
type Retention struct {
StorePrompts bool `json:"store_prompts"`
StoreResponses bool `json:"store_responses"`
RetentionDays int `json:"retention_days,omitempty"`
AnonymizeAfterUse bool `json:"anonymize_after_use"`
}
// ============================================================================
// Financial Regulations Structs (DORA, MaRisk, BAIT)
// ============================================================================
// FinancialEntityType represents the type of financial institution
type FinancialEntityType string
const (
FinancialEntityCreditInstitution FinancialEntityType = "CREDIT_INSTITUTION"
FinancialEntityPaymentServiceProvider FinancialEntityType = "PAYMENT_SERVICE_PROVIDER"
FinancialEntityEMoneyInstitution FinancialEntityType = "E_MONEY_INSTITUTION"
FinancialEntityInvestmentFirm FinancialEntityType = "INVESTMENT_FIRM"
FinancialEntityInsuranceCompany FinancialEntityType = "INSURANCE_COMPANY"
FinancialEntityCryptoAssetProvider FinancialEntityType = "CRYPTO_ASSET_PROVIDER"
FinancialEntityOther FinancialEntityType = "OTHER_FINANCIAL"
)
// SizeCategory represents the significance category of a financial institution
type SizeCategory string
const (
SizeCategorySignificant SizeCategory = "SIGNIFICANT"
SizeCategoryLessSignificant SizeCategory = "LESS_SIGNIFICANT"
SizeCategorySmall SizeCategory = "SMALL"
)
// ProviderLocation represents the location of an ICT service provider
type ProviderLocation string
const (
ProviderLocationEU ProviderLocation = "EU"
ProviderLocationEEA ProviderLocation = "EEA"
ProviderLocationAdequacyDecision ProviderLocation = "ADEQUACY_DECISION"
ProviderLocationThirdCountry ProviderLocation = "THIRD_COUNTRY"
)
// FinancialEntity describes the financial institution context
type FinancialEntity struct {
Type FinancialEntityType `json:"type"`
Regulated bool `json:"regulated"`
SizeCategory SizeCategory `json:"size_category"`
}
// ICTService describes ICT service characteristics for DORA compliance
type ICTService struct {
IsCritical bool `json:"is_critical"`
IsOutsourced bool `json:"is_outsourced"`
ProviderLocation ProviderLocation `json:"provider_location"`
ConcentrationRisk bool `json:"concentration_risk"`
}
// FinancialAIApplication describes financial-specific AI application characteristics
type FinancialAIApplication struct {
AffectsCustomerDecisions bool `json:"affects_customer_decisions"`
AlgorithmicTrading bool `json:"algorithmic_trading"`
RiskAssessment bool `json:"risk_assessment"`
AMLKYC bool `json:"aml_kyc"`
ModelValidationDone bool `json:"model_validation_done"`
}
// FinancialContext aggregates all financial regulation-specific information
type FinancialContext struct {
FinancialEntity FinancialEntity `json:"financial_entity"`
ICTService ICTService `json:"ict_service"`
AIApplication FinancialAIApplication `json:"ai_application"`
}
Reference in New Issue View Git Blame Copy Permalink