Untested code covering some % of Act requirements

compliance_analysis.py

@@ -1,100 +1,306 @@
 import os
 import yaml
+from enum import Enum
 
-#Define a function that creates a list of all the files in the folder. We will use this for different things.
+# Create some variables we will use throughout our analysis
+
+# Type of AI project (AI system vs GPAI model)
+ai_system = False
+gpai_model = False
+high_risk_ai_system = False
+gpai_model_systematic_risk == False
+
+# Role and location of AI project operator
+provider = False
+deployer = False
+importer = False
+distributor = False
+product_manufacturer = False
+eu_located = False 
+
+#EU market status
+placed_on_market = False
+put_into_service = False 
+output_used = False
+
+#Define a function that creates a list of all the files in a provided folder. We will use this list for different things.
 def create_list_of_files(folder_path):
     for root, dirs, files in os.walk(folder_path):
         for filename in files:
             found_files.append(os.path.join(root, filename))
 
-#Define a function that checks for a Project CC. Without this, there cannot be an analysis.
+#Define a function that checks for a Project CC. Without this, there simply cannot be an analysis.
 def check_for_project_cc(folder_path):
     found_files = []
 
     # Walk through the directory
     for root, dirs, files in os.walk(folder_path):
         for filename in files:
-            if filename.lower() == 'project_cc.md':
+            if filename.lower() == 'project_cc.yaml':
                 found_files.append(os.path.join(root, filename))
 
     # Check the results
     if len(found_files) == 0:
         print(f"We did not find a Project CC in your folder. We cannot run a compliance analysis without a Project CC.")
+        sys.exit()
     elif len(found_files) == 1:
         print(f"We found exactly one Project CC in your folder. Great job!:")
         print(f"  - {found_files[0]}")
-        run_compliance_analysis(folder_path + "project_cc.md")
+        run_compliance_analysis(folder_path)
     else:
         print(f"Multiple Project CCs found:")
         for file_path in found_files:
             print(f"  - {file_path}")
         print("We found multiple Project CCs in your folder. There should only be one Project CC per project.")
 
-def run_compliance_analysis(project_cc)):
+def run_compliance_analysis(folder_path):
 
-    # Load the Project CC's YAML file. This will be our starting point. 
-    with open(project_cc, 'r') as file:
+    # Load the Project CC YAML file from the supplied folder. This will be our starting point. 
+    with open(folder_path + 'project_cc.yaml', 'r') as file:
         project_cc_yaml = yaml.safe_load(file)
 
-    # Check if the Act does not apply to the project, either because it is not on the EU market or falls into an exception
+    # Determine project type (AI system vs. GPAI model) as well as operator type. We will use these for different things.
+    set_type(project_cc_yaml)
+    set_operator_role_and_location(projec_cc_yaml)
+    set_eu_market_status(project_cc_yaml)
+
+    # Check if the project is within scope of the Act. If it's not, the analysis is over.
+    if check_within_scope(project_cc_yaml):
+        print("Project is within the scope of Act. Let's continue...") 
+    else: 
+        sys.exit("Project is not within the scope of what is regulated by the Act.")
+
+    # Check for prohibited practices. If any exist, the analysis is over.
+    if check_prohibited(project_cc_yaml) == True: 
+        print("Project contains prohibited practices and is therefore non-compliant.")
+        sys.exit("Project is non-compliant due to a prohibited practice.")
+    else: 
+        print("Project does not contain prohibited practies. Let's continue...")
+
+    # If project is high-risk AI system, check that is has met all the requirements for such systems: 
+
+    if high_risk_ai_system:
+
+    # Do this by examining the Project CC
+
+        for key, value in project_cc_yaml['risk_management_system']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the risk management requirements under Article 9.")
+        for key, value in project_cc_yaml['technical_documentation']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the risk management requirements under Article 11.")            
+        for key, value in project_cc_yaml['record_keeping']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the risk management requirements under Article 12.")     
+        for key, value in project_cc_yaml['transparency_and_provision_of_information_to_deployers']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the transparency requirements under Article 13.")  
+        for key, value in project_cc_yaml['human_oversight']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the human oversight requirements under Article 14.")  
+        for key, value in project_cc_yaml['accuracy_robustness_cybersecurity']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the accuracy, robustness, and cybersecurity requirements under Article 15.")  
+        for key, value in project_cc_yaml['quality_management_system']:
+            if not value:
+                sys.exit("Because of project-level characteristics, this high-risk AI system fails the accuracy, robustness, and cybersecurity requirements under Article 17.") 
+
+    # Do this by examining any and all Data CCs too
+
+        for filename in os.listdir(folder_path):
+            # Check if the search word is in the filename
+            if "data_cc.md" in filename.lower():
+
+                # If it is, load the yaml
+
+                with open(folder_path + filename, 'r') as file:
+                    data_cc_yaml = yaml.safe_load(file)
+
+                for key, value in data_cc_yaml['data_and_data_governance']:
+                    if not value:
+                        sys.exit(f"Because of the dataset represented by {filename}, this high-risk AI system fails the data and data governance requirements under Article 10.")
+                for key, value in data_cc_yaml['technical_documentation']:
+                    if not value:
+                        sys.exit(f"Because of the dataset represented by {filename}, this high-risk AI system fails the technical documentation requirements under Article 11.")
+                for key, value in data_cc_yaml['transparency_and_provision_of_information_to_deployers']:
+                    if not value:
+                        sys.exit(f"Because of the dataset represented by {filename}, this high-risk  AI system fails the transparency requirements under Article 13.")
+                for key, value in data_cc_yaml['quality_management_system']:
+                    if not value:
+                        sys.exit(f"Because of the dataset represented by {filename}, this high-risk  AI system fails the quality management requirements under Article 17.")
+
+    # Do this by examining any and all Model CCs too
+
+        for filename in os.listdir(folder_path):
+            # Check if the search word is in the filename
+            if "model_cc.md" in filename.lower():
+
+                # If it is, load the yaml
+
+                with open(folder_path + filename, 'r') as file:
+                    model_cc_yaml = yaml.safe_load(file)
+
+                for key, value in model_cc_yaml['risk_management_system']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this high-risk AI system fails the risk management requirements under Article 9.")
+                for key, value in data_cc_yaml['technical_documentation']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this high-risk AI system fails the technical documentation requirements under Article 11.")
+                for key, value in data_cc_yaml['transparency_and_provision_of_information_to_deployers']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this high-risk  AI system fails the transparency requirements under Article 13.")
+                for key, value in data_cc_yaml['accuracy_robustness_cybersecurity']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this high-risk  AI system fails the quality management requirements under Article 15.")
+                for key, value in data_cc_yaml['quality_management_system']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this high-risk  AI system fails the quality management requirements under Article 17.")
+
+    # If the project is a GPAI model, check that is has met all the requirements for such systems: 
+
+    if gpai_model:
+
+    # Do this by examining the Project CC
+
+        for key, value in project_cc_yaml['gpai_model_provider_obligations']:
+            if not value:
+                sys.exit("GPAI model fails the transparency requirements under Article 53.")
+
+    # Do this by examining any and all Data CCs too
+
+        for filename in os.listdir(folder_path):
+            # Check if the search word is in the filename
+            if "data_cc.md" in filename.lower():
+
+                # If it is, load the yaml
+
+                with open(folder_path + filename, 'r') as file:
+                    data_cc_yaml = yaml.safe_load(file)
+
+                for key, value in data_cc_yaml['gpai_requirements']['gpai_requirements']:
+                    if not value:
+                        sys.exit(f"Because of the dataset represented by {filename}, this GPAI fails the transparency requirements under Article 53.")
+
+    # Do this by examining any and all Model CCs too
     
-    # Check for prohibited practices -- these are by default non-compliant 
+        for filename in os.listdir(folder_path):
+            # Check if the search word is in the filename
+            if "model_cc.md" in filename.lower():
 
-    # Iterate through values of the second-level keys of prohibited_ai_practice_status
-    for key, value in project_cc_yaml['prohibited_ai_practice_status']:
-        if value:  # This condition will be met whereever a prohibited practice exists 
-            print(f"You have a prohibited practice and are non-compliant with the Act")
-            break
-    else:
-        print("No prohibited practices found. That's good...")
+                # If it is, load the yaml
 
-    # Check if the key that indicates it is an AI system is present and if its value is true
-    if 'AI project is a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments' in projec_cc_yaml and project_cc_yaml['AI project is a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments'] == True:
-        print("The project is an AI system.")
+                with open(folder_path + filename, 'r') as file:
+                    model_cc_yaml = yaml.safe_load(file)
 
-        #iterate through all of the 
+                for key, value in model_cc_yaml['obligations_for_providers_of_gpai_models']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this GPAI fails the transparency requirements under Article 53.")
 
-        all_true = True
-        for key in secondary_keys:
-            if key in secondary_data and secondary_data[key] == True:
-                print(f"The key '{key}' is True in the secondary file.")
-            else:
-                print(f"The key '{key}' is not True in the secondary file.")
-                all_true = False
-        
-        if all_true:
-            print("All specified keys in the secondary file are True.")
-        else:
-            print("Not all specified keys in the secondary file are True.")
-    else:
-        print(f"The key '{main_key}' is not True in the main file.")
+    # If the project is a GPAI model with systematic risk, check that is has additionally met all the requirements for such systems: 
 
+    if gpai_model_systematic_risk:
 
-def check_if_within_scope(project_cc):
-    within_scope = None
-    if project_cc[ai_project_owner_role][provider_status][value] == True and (project_cc[ai_system_status][ai_system_status][value] == True and (project_cc[eu_market_status][placed_on_market_status][value] == True or project_cc[eu_market_status][put_into_service_status][value] == True)) or (project_cc[gpai_model_status][gpai_model_status][value] == True and (project_cc[eu_market_status][placed_on_market_status][value] == True)):   # Article 2.1(a)
-        return True
-    if project_cc[ai_project_owner_role][deployer_status][value] == True and project_cc[ai_project_owner_role][eu_location_status][value] == True: # Article 2.1(b)
-        return True
-    if (project_cc[ai_project_owner_role][provider_status][value] == True or project_cc[ai_project_owner_role][deployer_status][value]== True) and (project_cc[ai_system_status][ai_system_status][value] == True and project_cc[ai_project_owner_role][eu_location_status][value] == True and project_cc[ai_project_owner_role][output_status][value] == True): # Article 2.1(c)
+    # Do this by examining the Project CC
+
+        for key, value in project_cc_yaml['gpai_obligations_for_systemic_risk_models']:
+            if not value:
+                sys.exit("GPAI model with systematic risk fails the transparency requirements under Article 55.")
+
+    # Do this by examining any and all Model CCs too
+
+       for filename in os.listdir(folder_path):
+            # Check if the search word is in the filename
+            if "model_cc.md" in filename.lower():
+
+                # If it is, load the yaml
+
+                with open(folder_path + filename, 'r') as file:
+                    model_cc_yaml = yaml.safe_load(file)
+
+                for key, value in model_cc_yaml['obligations_for_providers_of_gpai_models_with_systemic_risk']:
+                    if not value:
+                        sys.exit(f"Because of the model represented by {filename}, this GPAI model with systematic risk fails the transparency requirements under Article 55.")
+
+def set_type(project_cc):
+    if project_cc_yaml['ai_system']['ai_system']['value']:
+        ai_system = True
+    if project_cc_yaml['gpai_model']['ai_system']['value']:
+        gpai_model = True
+    if ai_system and gpai_model:
+        sys.exit("Your project cannot be both an AI system and a GPAI model. Please revise your Project CC accordingly.")
+    if ai_system == True:
+        for key, value in project_cc_yaml['high_risk_ai_system']:
+            if value and sum(map(bool, [project_cc_yaml['high_risk_ai_system']['filter_exception_rights'],project_cc_yaml['high_risk_ai_system']['filter_exception_narrow'],project_cc_yaml['high_risk_ai_system']['filter_exception_human'],project_cc_yaml['high_risk_ai_system']['filter_exception_deviation'], project_cc_yaml['high_risk_ai_system']['filter_exception_prep']])) < 1:
+                high_risk_ai_system == True
+    if gpai_model == True:
+        if project_cc_yaml['gpai_model_systematic_risk']['evaluation'] or project_cc_yaml['gpai_model_systematic_risk']['flops']:
+            gpai_model_systematic_risk == True
+
+def set_operator_role_and_location(project_cc):
+    if project_cc_yaml['operator_role']['eu_located']['value']:
+        eu_located = True
+    if project_cc_yaml['operator_role']['provider']['value']:
+        provider = True
+    if project_cc_yaml['operator_role']['deployer']['value']:
+        deployer = True
+    if project_cc_yaml['operator_role']['importer']['value']:
+        importer = True
+    if project_cc_yaml['operator_role']['distributor']['value']:
+        distributor = True
+    if project_cc_yaml['operator_role']['product_manufacturer']['value']:
+        product_manufacturer = True
+    if ai_system and gpai_model:
+        sys.exit("Your project cannot be both an AI system and a GPAI model. Please revise your Project CC accordingly.")
+    if sum(map(bool, [provider,deployer,importer,distributor, product_manufacturer])) != 1:
+        sys.exit("Please specify exactly one operator role.")
+
+def set_eu_market_status(project_cc):
+    if project_cc_yaml['eu_market']['placed_on_market']['value']:
+        placed_on_market = True
+    if project_cc_yaml['eu_market']['put_into_service']['value']: 
+        put_into_service = True
+    if project_cc_yaml['operator_role']['output_used']['value']:
+        output_used == True
+
+def check_within_scope(project_cc):
+    if not check_excepted(project_cc):
+        if provider and ((ai_system and (placed_on_market or put_into_service)) or (gpai_model and placed_on_market)):   # Article 2.1(a)
+            return True
+        if deployer and eu_located: # Article 2.1(b)
+            return True
+        if (provider or deployer) and (ai_system and eu_located and output_used): # Article 2.1(c)
+            return True
+        if (importer or distributor) and ai_system: # Article 2.1(d)
+            return True
+        if product_manufacturer and ai_system and (placed_on_market or put_into_service): # Article 2.1(e)
+            return True
+    else   
+        return False
+
+def check_excepted(project_cc):
+    if project_cc_yaml['excepted']['scientific'] or project_cc_yaml['excepted']['pre_market'] or (ai_system and project_cc_yaml['excepted']['open_source_ai_system']) or (gpai_model and project_cc_yaml['excepted']['open_source_gpai_system']):
         return True
-    if (project_cc[ai_project_owner_role][importer_status][value] == True or project_cc[ai_project_owner_role][distributor_status][value] == True) and project_cc[ai_system_status][ai_system_status][value] == True: # Article 2.1(d)
+    else:
+        return False 
+
+def check_prohibited (project_cc):
+    if ai_system:
+        for key in project_cc_yaml['prohibited_practice']['ai_system']:
+            if key[value]: 
+                print("You are engaged in a prohibited practice and thus the project is non-compliant.")
+                return True
+    if project_cc_yaml['prohibited_practice']['biometric']['categorization']:
+        print("You are engaged in a prohibited practice and thus the project is non-compliant.")
         return True
-    if project_cc[ai_project_owner_role][product_manufacturer_status][value] == True and project_cc[ai_system_status][ai_system_status][value] == True and ((project_cc[eu_market_status][placed_on_market_status][value] == True or project_cc[eu_market_status][put_into_service_status][value] == True)): # Article 2.1(e)
+    if project_cc_yaml['prohibited_practice']['biometric']['real_time'] and sum(map(bool, [project_cc['prohibited_practice']['biometric']['real_time_exception_victim'],project_cc['prohibited_practice']['biometric']['real_time_exception_threat'], project_cc['prohibited_practice']['biometric']['real_time_exception_investigation']])) == 0:
+        print("You are engaged in a prohibited practice and thus the project is non-compliant.")
         return True
-    else   
+    else: 
+        print("You are not engaged in any prohibited practices.")
         return False
 
-def check_data_ccs(folder_path):
 
-    for filename in os.listdir(folder_path):
-        # Check if the search word is in the filename
-        if "model_cc.md" in filename.lower():
-            # Construct the full file path
-            file_path = os.path.join(folder_path, filename)
-            
-            # Process the file
-            process_file(file_path)
+
 
 
 def check_all_true(file_path):
@@ -113,21 +319,6 @@ def check_all_true(file_path):
             else:
                 print("No problems here")
 
-
-
-# Example usage
-main_file = 'main.yaml'
-secondary_file = 'secondary.yaml'
-main_key = 'data_and_data_governance'
-secondary_keys = [
-    'Training data is relevant',
-    'Training data is sufficiently representative',
-    'Training data is, to the best extent possible, free of errors'
-]
-
-check_yaml_values(main_file, secondary_file, main_key, secondary_keys)
-
-
 def main():
     # Prompt the user to enter a filename
     file_path = input("Please enter a file path to the folder containing all your AI project's Compliance Cards: ")

data_cc.md

@@ -1,36 +0,0 @@
-data_and_data_governance:
-  'Data sets has been subject to data governance and management practices appropriate for the intended purpose of the system': !!bool true # Art. 10(1)-(2)
-  'Data governance and management practices have been applied to the relevant design choices': !!bool true # Art. 10(2)(a)
-  'Data governance and management practices have been applied to data collection processes and the origin of data, and in the case of personal data, the original purpose of the data collection': !!bool true # Art. 10(2)(b)
-  'Data governance and management practices have been applied to relevant data-preparation processing operations, such as annotation, labelling, cleaning, updating, enrichment and aggregation': !!bool true # Art. 10(2)(c)
-  'Data governance and management practices have been applied to the formulation of assumptions, in particular with respect to the information that the data are supposed to measure and represent': !!bool true # Art. 10(2)(d)
-  'Data governance and management practices included an assessment of the availability, quantity and suitability of the data sets that are needed': !!bool true # Art. 10(2)(e)
-  'Data governance and management practices have included an examination of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations': !!bool true # Art. 10(2)(f)
-  'Data governance and management practices included appropriate measures to detect, prevent and mitigate possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations': !!bool true # Art. 10(2)(g)
-  'Data governance and management practices have included the identification of relevant data gaps or shortcomings that prevent compliance with this Regulation, and how those gaps and shortcomings can be addressed': !!bool true # Art. 10(2)(h)
-  'Training data is relevant': !!bool true # Art. 10(3); Rec. 67
-  'Training data is sufficiently representative': !!bool true # Art. 10(3); Rec. 67
-  'Training data is, to the best extent possible, free of errors': !!bool true # Art. 10(3); Rec. 67
-  'Training data is complete in view of the intended purpose of system': !!bool true # Art. 10(3); Rec. 67
-  'Training data possesses the appropriate statistical properties, including, where applicable, as regards the people in relation to whom the system is intended to be used': !!bool true # Art. 10(3)
-  'Training data takes into account, to the extent required by the intended purpose, the characteristics or elements that are particular to the specific geographical, contextual, behavioural or functional setting within which the system is intended to be used': !!bool true # Art. 10(4)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use of this data was strictly necessary': !!bool true # Art. 10(5)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use complied with appropriate safeguards for the fundamental rights and freedoms of natural persons': !!bool true # Art. 10(5)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use of this data satisfied the provisions set out in Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680': !!bool true # Art. 10(5)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the bias detection and correction was not effectively fulfilled by processing other data, including synthetic or anonymised data': !!bool true # Art. 10(5)(a)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were not subject to technical limitations on the re-use of the personal data, and state-of-the-art security and privacy-preserving measures, including pseudonymisation': !!bool true # Art. 10(5)(b)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were subject to measures to ensure that the personal data processed are secured, protected, subject to suitable safeguards, including strict controls and documentation of the access, to avoid misuse and ensure that only authorised persons have access to those personal data with appropriate confidentiality obligations': !!bool true # Art. 10(5)(c)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were not to be transmitted, transferred or otherwise accessed by other parties': !!bool true # Art. 10(5)(d)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were deleted once the bias was corrected or the personal data reached the end of its retention period (whichever came first)': !!bool true # Art. 10(5)(e)
-  'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the records of processing activities pursuant to Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680 include the reasons why the processing of special categories of personal data was strictly necessary to detect and correct biases, and why that objective could not be achieved by processing other data': !!bool true # Art. 10(5)(f)
-
-technical_documentation:
-  'Where relevant, the data requirements in terms of datasheets describing the training methodologies and techniques and the training data sets used, including a general description of these data sets, information about their provenance, scope and main characteristics; how the data was obtained and selected; labelling procedures (e.g. for supervised learning), data cleaning methodologies (e.g. outliers detection)': !!bool true # Art. 11; Annex IV(2)(d)
-  'Validation and testing procedures used, including information about the validation and testing data used and their main characteristics; metrics used to measure accuracy, robustness and compliance with other relevant requirements set out in Title III, Chapter 2 as well as potentially discriminatory impacts; test logs and all test reports dated and signed by the responsible persons, including with regard to predetermined changes as referred to under point (f)': !!bool true # Art. 11; Annex IV(2)(g)
-  'Cybersecurity measures put in place as regards the data (e.g., scanning for data poisoning)': !!bool true # Art. 11; Annex IV(2)(h)
-
-transparency_and_provision_of_information_to_deployers:
-  'Specifications for the input data, or any other relevant information in terms of the training, validation and testing data sets used, taking into account the intended purpose of the AI system': !!bool true # Art. 13(3)(b)(vi)
-
-quality_management_system:
-  'Systems and procedures for data management, including data acquisition, data collection, data analysis, data labelling, data storage, data filtration, data mining, data aggregation, data retention and any other operation regarding the data that is performed before and for the purposes of the placing on the market or putting into service of high-risk AI systems': !!bool true # Art. 17(1)(f)

data_cc.yaml

@@ -0,0 +1,127 @@
+data_and_data_governance:
+  data_governance: # Art. 10(1)-(2)
+    verbose: 'Data sets has been subject to data governance and management practices appropriate for the intended purpose of the system'
+    value: !!bool false
+  design_choices:  # Art. 10(2)(a)
+    verbose: 'Data governance and management practices have been applied to the relevant design choices'
+    value: !!bool false
+  data_origin: # Art. 10(2)(b)
+    verbose: 'Data governance and management practices have been applied to data collection processes and the origin of data, and in the case of personal data, the original purpose of the data collection'
+    value: !!bool false
+  data_preparation: # Art. 10(2)(c)
+    verbose: 'Data governance and management practices have been applied to relevant data-preparation processing operations, such as annotation, labelling, cleaning, updating, enrichment and aggregation' 
+    value: !!bool false
+  data_assumptions: # Art. 10(2)(d)
+    verbose: 'Data governance and management practices have been applied to the formulation of assumptions, in particular with respect to the information that the data are supposed to measure and represent'
+    value: !!bool false
+  data_quantity: # Art. 10(2)(e)
+    verbose: 'Data governance and management practices included an assessment of the availability, quantity and suitability of the data sets that are needed'
+    value: !!bool false
+  data_bias_examination: # Art. 10(2)(f)
+    verbose: 'Data governance and management practices have included an examination of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations' 
+    value: !!bool false
+  data_bias_mitigation: # Art. 10(2)(g)
+    verbose: 'Data governance and management practices included appropriate measures to detect, prevent and mitigate possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations'
+    value: !!bool false
+  data_compliance: # Art. 10(2)(h)
+    verbose: 'Data governance and management practices have included the identification of relevant data gaps or shortcomings that prevent compliance with this Regulation, and how those gaps and shortcomings can be addressed'
+    value: !!bool false
+  data_relevance: # Art. 10(3); Rec. 67
+    verbose: 'Training data is relevant' 
+    value: !!bool false
+  data_representativity: # Art. 10(3); Rec. 67
+    verbose: 'Training data is sufficiently representative'
+    value: !!bool false
+  data_errors: # Art. 10(3); Rec. 67
+    verbose: 'Training data is, to the best extent possible, free of errors'
+    value: !!bool false
+  data_completeness: # Art. 10(3); Rec. 67
+    verbose: 'Training data is complete in view of the intended purpose of system'
+    value: !!bool false
+  statistical_properties: # Art. 10(3)
+    verbose: 'Training data possesses the appropriate statistical properties, including, where applicable, as regards the people in relation to whom the system is intended to be used'
+    value: !!bool false
+  contextual: # Art. 10(4)
+    verbose: 'Training data takes into account, to the extent required by the intended purpose, the characteristics or elements that are particular to the specific geographical, contextual, behavioural or functional setting within which the system is intended to be used'
+    value: !!bool false
+  personal_data_necessary: # Art. 10(5)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use of this data was strictly necessary'
+    value: !!bool false
+  personal_data_safeguards: # Art. 10(5)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use complied with appropriate safeguards for the fundamental rights and freedoms of natural persons'
+    value: !!bool false
+  personal_data_gdpr: # Art. 10(5)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the use of this data satisfied the provisions set out in Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680'
+    value: !!bool false
+  personal_data_other_options: # Art. 10(5)(a)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the bias detection and correction was not effectively fulfilled by processing other data, including synthetic or anonymised data'
+    value: !!bool false
+  personal_data_limitations: # Art. 10(5)(b)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were not subject to technical limitations on the re-use of the personal data, and state-of-the-art security and privacy-preserving measures, including pseudonymisation'
+    value: !!bool false
+  personal_data_controls: # Art. 10(5)(c)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were subject to measures to ensure that the personal data processed are secured, protected, subject to suitable safeguards, including strict controls and documentation of the access, to avoid misuse and ensure that only authorised persons have access to those personal data with appropriate confidentiality obligations'
+    value: !!bool false
+  personal_data_access: # Art. 10(5)(d)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were not to be transmitted, transferred or otherwise accessed by other parties'
+    value: !!bool false
+  personal_data_deletion: # Art. 10(5)(e)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the special categories of personal data were deleted once the bias was corrected or the personal data reached the end of its retention period (whichever came first)'
+    value: !!bool false
+  personal_data_necessary: # Art. 10(5)(f)
+    verbose: 'Where special categories of personal data have been used to ensure the detection and correction of possible biases that are likely to affect the health and safety of persons, have a negative impact on fundamental rights or lead to discrimination prohibited under Union law, especially where data outputs influence inputs for future operations, the records of processing activities pursuant to Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680 include the reasons why the processing of special categories of personal data was strictly necessary to detect and correct biases, and why that objective could not be achieved by processing other data'
+    value: !!bool false
+
+technical_documentation:
+  general_description: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including a general description of the dataset." 
+    value: !!bool false
+  provenance: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including information about its provenance' 
+    value: !!bool false
+  scope: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including information about scope and main characteristics' 
+    value: !!bool false
+  origins: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including information about how the data was obtained and selected'
+    value: !!bool false
+  labelling: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including information about labelling procedures (e.g. for supervised learning)'
+    value: !!bool false
+  cleaning: # Art. 11; Annex IV(2)(d)
+    verbose: 'Dataset carries technical documention, such as a dataseet, including information about data cleaning methodologies (e.g. outliers detection)'
+    value: !!bool false
+  cybersecurity: # Art. 11; Annex IV(2)(h)
+    verbose: 'Cybersecurity measures put in place as regards the data (e.g., scanning for data poisoning)'
+    value: !!bool false
+
+transparency_and_provision_of_information_to_deployers: # Art. 13(3)(b)(vi)
+  transparency_and_provision_of_information_to_deployers:
+    verbose: 'Specifications for the input data, or any other relevant information in terms of the training, validation and testing data sets used, taking into account the intended purpose of the AI system'
+    value: !!bool false
+
+quality_management_system: # Art. 17(1)(f)
+  quality_management_system:
+    verbose: 'Systems and procedures for data management, including data acquisition, data collection, data analysis, data labelling, data storage, data filtration, data mining, data aggregation, data retention and any other operation regarding the data that is performed before and for the purposes of the placing on the market or putting into service of high-risk AI systems'
+    value: !!bool false
+
+gpai_requirements: # Art. 53(1); Annex XI(2)(c)
+  gpai_requirements: 
+    data_type: 
+      verbose: 'Documentation for the dataset is available that contains the type of data'
+      value: !!bool false
+    data_provenance: 
+      verbose: 'Documentation for the dataset is available that contains the provenance of data'
+      value: !!bool false 
+    data_curation:
+      verbose: 'Documentation for the dataset is available that contains the curation methodologies (e.g. cleaning, filtering, etc.)'
+      value: !!bool false 
+    data_number:
+      verbose: 'Documentation for the dataset is available that contains the number of data points'
+      value: !!bool false 
+    data_scope:
+      verbose: 'Documentation for the dataset is available that contains the number of data scope and main characteristics'
+      value: !!bool false 
+    data_origin:
+      verbose: 'Documentation for the dataset is available that contains information on how the data was obtained and selected as well as all other measures to detect the unsuitability of data sources and methods to detect identifiable biases'
+      value: !!bool false 

model_cc.md

@@ -1,78 +0,0 @@
-risk_management_system:
-'Known or reasonably foreseeable risks the model can pose to health or safety when used for intended purpose': !!bool true # Art. 9(2)(a)
-'Estimation and evaluation of risks when model used for intended purpose': !!bool true # Art. 9(2)(b)
-'Estimation and evaluation of risks when model used under conditions of reasonably foreseeable misuse': !!bool true # Art. 9(2)(b)
-'Testing to ensure model performs consistently for intended purpose': !!bool true # Art. 9(6)
-'Testing to ensure model complies with Act': !!bool true # Art. 9(6)
-'Testing against prior defined metrics appropriate to intended purpose': !!bool true # Art. 9(8)
-'Testing against probabilistic thresholds appropriate to intended purpose': !!bool true # Art. 9(8)
-
-technical_documentation:
-  'Pre-trained elements of model provided by third parties and how used, integrated or modified': !!bool true # Art. 11; Annex IV(2)(a)
-  'General logic of model': !!bool true # Art. 11; Annex IV(2)(b)
-  'Key design choices including rationale and assumptions made, including with regard to persons or groups on which model intended to be used': !!bool true # Art. 11; Annex IV(2)(b)
-  'Main classification choices': !!bool true # Art. 11; Annex IV(2)(b)
-  'What model is designed to optimise for and relevance of its different parameters': !!bool true # Art. 11; Annex IV(2)(b)
-  'Description of the expected output and output quality of the system': !!bool true # Art. 11; Annex IV(2)(b)
-  'Decisions about any possible trade-off made regarding the technical solutions adopted to comply with the requirements set out in Title III, Chapter 2': !!bool true # Art. 11; Annex IV(2)(b)
-  'Assessment of the human oversight measures needed in accordance with Article 14, including an assessment of the technical measures needed to facilitate the interpretation of the outputs of AI systems by the deployers, in accordance with Articles 13(3)(d)': !!bool true # Art. 11; Annex IV(2)(e)
-  'Validation and testing procedures used, including information about the validation and testing data used and their main characteristics; metrics used to measure accuracy, robustness and compliance with other relevant requirements set out in Title III, Chapter 2 as well as potentially discriminatory impacts; test logs and all test reports dated and signed by the responsible persons, including with regard to predetermined changes as referred to under point (f)': !!bool true # Art. 11; Annex IV(2)(g)
-  'Cybersecurity measures put in place': !!bool true # Art. 11; Annex IV(2)(h)
-
-transparency_and_information_provision:
-  'Intended purpose': !!bool true # Art. 13(3)(b)(i)
-  'Level of accuracy, including its metrics, robustness and cybersecurity referred to in Article 15 against which the high-risk AI system has been tested and validated and which can be expected, and any known and foreseeable circumstances that may have an impact on that expected level of accuracy, robustness and cybersecurity': !!bool true # Art. 13(3)(b)(ii)
-  'Any known or foreseeable circumstance, related to the use of the high-risk AI system in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, which may lead to risks to the health and safety or fundamental rights referred to in Article 9(2)': !!bool true # Art. 13(3)(b)(iii)
-  'Technical capabilities and characteristics of the AI system to provide information that is relevant to explain its output': !!bool true # Art. 13(3)(b)(iv)
-  'Performance regarding specific persons or groups of persons on which the system is intended to be used': !!bool true # Art. 13(3)(b)(v)
-  'Specifications for the input data, or any other relevant information in terms of the training, validation and testing data sets used, taking into account the intended purpose of the AI system': !!bool true # Art. 13(3)(b)(vi)
-  'Information to enable deployers to interpret the output of the high-risk AI system and use it appropriately': !!bool true # Art. 13(3)(b)(vii)
-  'Human oversight measures referred to in Article 14, including the technical measures put in place to facilitate the interpretation of the outputs of AI systems by the deployers': !!bool true # Art. 13(3)(d)
-  'Computational and hardware resources needed, the expected lifetime of the high-risk AI system and any necessary maintenance and care measures, including their frequency, to ensure the proper functioning of that AI system, including as regards software updates': !!bool true # Art. 13(3)(e)
-
-accuracy_robustness_cybersecurity:
-  'Appropriate level of accuracy': !!bool true # Art. 15(1)
-  'Appropriate level of robustness': !!bool true # Art. 15(1)
-  'Appropriate level of cybersecurity': !!bool true # Art. 15(1)
-  'Use of relevant accuracy metrics': !!bool true # Art. 15(2)
-  'Maximum possible resilience regarding errors, faults or inconsistencies that may occur within the system or the environment in which the system operates, in particular due to their interaction with natural persons or other systems. Technical and organisational measures shall be taken towards this regard': !!bool true # Art. 15(4)
-  'Measures to prevent, detect, respond to, resolve and control for attacks trying to manipulate the training dataset (data poisoning), or pre-trained components used in training (model poisoning), inputs designed to cause the model to make a mistake (adversarial examples or model evasion), confidentiality attacks or model flaws': !!bool true # Art. 15(5)
-
-quality_management_system:
-  'Examination, test and validation procedures to be carried out before, during and after the development of the high-risk AI system, and the frequency with which they have to be carried out': !!bool true # Art. 17(1)(d)
-
-transparency_obligations:
-  'Providers of AI systems, including GPAI systems, generating synthetic audio, image, video or text content, shall ensure the outputs of the AI system are marked in a machine-readable format and detectable as artificially generated or manipulated': !!bool true # Art. 50(2)
-  'Providers shall ensure their technical solutions are effective, interoperable, robust and reliable as far as this is technically feasible, taking into account specificities and limitations of different types of content, costs of implementation and the generally acknowledged state-of-the-art, as may be reflected in relevant technical standards': !!bool true # Art. 50(2)
-
-classification_of_gpai_models:
-  'Whether model has high impact capabilities evaluated on the basis of appropriate technical tools and methodologies, including indicators and benchmarks': !!bool true # Art. 51(1)(a)
-  'Cumulative compute used for training measured in floating point operations (FLOPs)': !!bool true # Art. 51(2)
-
-obligations_for_providers_of_gpai_models:
-  'The tasks that the model is intended to perform and the type and nature of AI systems in which it can be integrated': !!bool true # Art. 53; Annex XI(1)(1)(a)
-  'Acceptable use policies applicable': !!bool true # Art. 53; Annex XI(1)(1)(b)
-  'The date of release and methods of distribution': !!bool true # Art. 53; Annex XI(1)(1)(c)
-  'The architecture and number of parameters': !!bool true # Art. 53; Annex XI(1)(1)(d)
-  'Modality (e.g. text, image) and format of inputs and outputs': !!bool true # Art. 53; Annex XI(1)(1)(e)
-  'The license': !!bool true # Art. 53; Annex XI(1)(1)(f)
-  'Training methodologies and techniques': !!bool true # Art. 53; Annex XI(1)(2)(b)
-  'Key design choices including the rationale and assumptions made': !!bool true # Art. 53; Annex XI(1)(2)(b)
-  'What the model is designed to optimise for': !!bool true # Art. 53; Annex XI(1)(2)(b)
-  'The relevance of the different parameters, as applicable': !!bool true # Art. 53; Annex XI(1)(2)(b)
-  'Information on the data used for training, testing and validation: type of data': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training, testing and validation: provenance of data': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training: curation methodologies (e.g. cleaning, filtering etc)': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training: the number of data points': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training: data points scope and main characteristics applicable': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training: how the data was obtained and selected': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'Information on the data used for training: all other measures to detect the unsuitability of data sources and methods to detect identifiable biases, where applicable': !!bool true # Art. 53; Annex XI(1)(2)(c)
-  'The computational resources used to train the model (e.g. number of floating point operations – FLOPs), training time, and other relevant details related to the training': !!bool true # Art. 53; Annex XI(1)(2)(d)
-  'Known or estimated energy consumption of the model; in case not known, this could be based on information about computational resources used': !!bool true # Art. 53; Annex XI(1)(2)(e)
-  'Detailed description of the evaluation strategies, including evaluation results, on the basis of available public evaluation protocols and tools or otherwise of other evaluation methodologies. Evaluation strategies shall include evaluation criteria, metrics and the methodology on the identification of limitations': !!bool true # Art. 53; Annex XI(2)(1)
-  'Where applicable, detailed description of the measures put in place for the purpose of conducting internal and/or external adversarial testing (e.g. red teaming), model adaptations, including alignment and fine-tuning': !!bool true # Art. 53; Annex XI(2)(2)
-
-obligations_for_providers_of_gpai_models_with_systemic_risk:
-  'Perform model evaluation in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identify and mitigate systemic risk': !!bool true # Art. 55(1)(a)
-  'Assess and mitigate possible systemic risks at Union level, including their sources, that may stem from the development': !!bool true # Art. 55(1)(b)
-  'Ensure an adequate level of cybersecurity protection for the GPAI model with systemic risk and the physical infrastructure of the mode': !!bool true # Art. 55(1)(d)

model_cc.yaml

@@ -0,0 +1,203 @@
+risk_management_system:
+  foreseeable_risks: # Art. 9(2)(a)
+    verbose: 'Known or reasonably foreseeable risks the model can pose to health or safety when used for intended purpose'
+    value: !!bool false
+  evaluation: # Art. 9(2)(b)
+    verbose: 'Estimation and evaluation of risks when model used for intended purpose'
+    value: !!bool false
+  misuse: # Art. 9(2)(b)
+    verbose: 'Estimation and evaluation of risks when model used under conditions of reasonably foreseeable misuse' 
+    value: !!bool false
+  testing_performance: # Art. 9(6)
+    verbose: 'Testing to ensure model performs consistently for intended purpose'
+    value: !!bool false
+  testing_compliance: # Art. 9(6)
+    verbose: 'Testing to ensure model complies with Act'
+   value: !!bool false
+  testing_benchmark: # Art. 9(8)
+    verbose: 'Testing against prior defined metrics appropriate to intended purpose'
+    value: !!bool false
+  testing_probabilistic:  # Art. 9(8)
+    verbose: 'Testing against probabilistic thresholds appropriate to intended purpose'
+    value: !!bool false
+
+technical_documentation:
+  pre_trained_elements: # Art. 11; Annex IV(2)(a)
+    verbose: 'Model has technical documentation that describes pre-trained elements of model provided by third parties and how used, integrated or modified'
+    value: !!bool false 
+  logic: # Art. 11; Annex IV(2)(b)
+    verbose: 'Model has technical documentation that describes general logic of model'
+    value: !!bool false
+  design_choices: # Art. 11; Annex IV(2)(b)
+    verbose: 'Model has technical documentation that describes key design choices including rationale and assumptions made, including with regard to persons or groups on which model intended to be used'
+    value: !!bool false
+  classification_choices: # Art. 11; Annex IV(2)(b)
+    verbose: 'Model has technical documentation that describes main classification choices'
+    value: !!bool false
+  parameters: # Art. 11; Annex IV(2)(b)
+    verbose: 'What model is designed to optimise for and relevance of its different parameters'
+    value: !!bool false
+  expected_output: # Art. 11; Annex IV(2)(b)
+    verbose: 'Description of the expected output and output quality of the system'
+    value: !!bool false
+  act_compliance: # Art. 11; Annex IV(2)(b)
+    verbose: 'Decisions about any possible trade-off made regarding the technical solutions adopted to comply with the requirements set out in Title III, Chapter 2'
+    value: !!bool false
+  human_oversight: # Art. 11; Annex IV(2)(e)
+    verbose: 'Assessment of the human oversight measures needed in accordance with Article 14, including an assessment of the technical measures needed to facilitate the interpretation of the outputs of AI systems by the deployers, in accordance with Articles 13(3)(d)'
+    value: !!bool false
+  validation: # Art. 11; Annex IV(2)(g)
+    verbose: 'Validation and testing procedures used, including information about the validation and testing data used and their main characteristics; metrics used to measure accuracy, robustness and compliance with other relevant requirements set out in Title III, Chapter 2 as well as potentially discriminatory impacts; test logs and all test reports dated and signed by the responsible persons, including with regard to predetermined changes as referred to under point (f)' 
+    value: !!bool false
+  cybersecurity: # Art. 11; Annex IV(2)(h)
+    verbose: 'Cybersecurity measures put in place'
+    value: !!bool false
+
+transparency_and_provision_of_information_to_deployers:
+  intended_purpose: # Art. 13(3)(b)(i)
+    verbose: 'Intended purpose'
+    value: !!bool false
+  metrics: # Art. 13(3)(b)(ii)
+    verbose: 'Level of accuracy, including its metrics, robustness and cybersecurity referred to in Article 15 against which the high-risk AI system has been tested and validated and which can be expected, and any known and foreseeable circumstances that may have an impact on that expected level of accuracy, robustness and cybersecurity'
+    value: !!bool false
+  foreseeable_misuse: # Art. 13(3)(b)(iii)
+    verbose: 'Any known or foreseeable circumstance, related to the use of the high-risk AI system in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, which may lead to risks to the health and safety or fundamental rights referred to in Article 9(2)' 
+    value: !!bool false
+  explainability: # Art. 13(3)(b)(iv)
+    verbose: 'Technical capabilities and characteristics of the AI system to provide information that is relevant to explain its output' 
+    value: !!bool false
+  specific_groups: # Art. 13(3)(b)(v)
+    verbose: 'Performance regarding specific persons or groups of persons on which the system is intended to be used'
+    value: !!bool false
+  data: # Art. 13(3)(b)(vi)
+    verbose: 'Specifications for the input data, or any other relevant information in terms of the training, validation and testing data sets used, taking into account the intended purpose of the AI system'
+    value: !!bool false
+  interpretability: # Art. 13(3)(b)(vii)
+    verbose: 'Information to enable deployers to interpret the output of the high-risk AI system and use it appropriately'
+    value: !!bool false   
+  human_oversight: # Art. 13(3)(d)
+    verbose: 'Human oversight measures referred to in Article 14, including the technical measures put in place to facilitate the interpretation of the outputs of AI systems by the deployers' 
+    value: !!bool false
+  hardware: # Art. 13(3)(e)
+    verbose: 'Computational and hardware resources needed, the expected lifetime of the high-risk AI system and any necessary maintenance and care measures, including their frequency, to ensure the proper functioning of that AI system, including as regards software updates'
+    value: !!bool false
+
+accuracy_robustness_cybersecurity:
+  accuracy:  # Art. 15(1)
+    verbose: 'Model is designed and developed to achieve appropriate level of accuracy'
+    value: !!bool false
+  robustiness: # Art. 15(1)
+    verbose 'Model is designed and developed to achieve appropriate level of robustness'
+    value: !!bool false
+  cybersecurity:  # Art. 15(1)
+    verbose: 'Model is designed and developed to achieve appropriate level of cybersecurity'
+    value: !!bool false
+  accuracy_metrics: # Art. 15(2)
+    verbose: 'Use of relevant accuracy metrics'
+    value: !!bool false
+  fault_resilience: # Art. 15(4)
+    verbose: 'Maximum possible resilience regarding errors, faults or inconsistencies that may occur within the system or the environment in which the system operates, in particular due to their interaction with natural persons or other systems. Technical and organisational measures shall be taken towards this regard'
+    value: !!bool false
+  attacks: # Art. 15(5)
+    verbose: 'Measures were taken to prevent, detect, respond to, resolve and control for model poisoning attacks, adversarial examples or model evasion attacks (attacks using inputs designed to cause the model to make a mistake), and confidentiality attacks or model flaws'
+    value: !!bool false
+
+quality_management_system:
+  quality_management_system: # Art. 17(1)(d)
+    verbose: 'Examination, test and validation procedures to be carried out before, during and after the development of the high-risk AI system, and the frequency with which they have to be carried out'
+    value: !!bool false
+
+transparency_obligations:
+  generates_media: # Art. 50(2)
+    verbose: 'AI project generates synthetic audio, image, video or text content'
+    value: !!bool false
+  marked_as_generated: # Art. 50(2)
+    verbose: 'outputs are marked in a machine-readable format and detectable as artificially generated or manipulated'
+    value: !!bool false
+  interoperability: # Art. 50(2)
+    verbose: 'Providers shall ensure their technical solutions are effective, interoperable, robust and reliable as far as this is technically feasible, taking into account specificities and limitations of different types of content, costs of implementation and the generally acknowledged state-of-the-art, as may be reflected in relevant technical standards'
+    value: !!bool false
+
+classification_of_gpai_models:
+  high_impact_capabilities: # Art. 51(1)(a)
+    verbose: 'Whether model has high impact capabilities evaluated on the basis of appropriate technical tools and methodologies, including indicators and benchmarks'
+    value: !!bool false
+  flops: # Art. 51(2)
+    verbose: 'Cumulative compute used for training measured in floating point operations (FLOPs)'
+    value: !!bool false
+
+obligations_for_providers_of_gpai_models:
+  task:  # Art. 53; Annex XI(1)(1)(a)
+    verbose: 'The tasks that the model is intended to perform and the type and nature of AI systems in which it can be integrated'
+    value: !!bool false
+  acceptable_use: # Art. 53; Annex XI(1)(1)(b)
+    verbose: 'Acceptable use policies applicable'
+    value: !!bool false
+  release_date: # Art. 53; Annex XI(1)(1)(c)
+    verbose: 'The date of release and methods of distribution'
+    value: !!bool false
+  architecture: # Art. 53; Annex XI(1)(1)(d)
+    verbose: 'The architecture and number of parameters'
+    value: !!bool false
+  input_output_modality: # Art. 53; Annex XI(1)(1)(e)
+    verbos: 'Modality (e.g. text, image) and format of inputs and outputs'
+    value: !!bool false
+  license: # Art. 53; Annex XI(1)(1)(f)
+    verbose: 'The license'
+    value: !!bool false
+  training: # Art. 53; Annex XI(1)(2)(b)
+    verbose: 'Training methodologies and techniques'
+    value: !!bool false
+  design_choices: # Art. 53; Annex XI(1)(2)(b)
+    verbose: 'Key design choices including the rationale and assumptions made'
+    value: !!bool false
+  optimized_for:  # Art. 53; Annex XI(1)(2)(b)
+    verbose: 'What the model is designed to optimise for'
+    value: !!bool false
+  parameters: # Art. 53; Annex XI(1)(2)(b)
+    verbose: 'The relevance of the different parameters, as applicable'
+    value: !!bool false
+  data_type: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training, testing and validation: type of data' 
+    value: !!bool false
+  data_provenance: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training, testing and validation: provenance of data'
+    value: !!bool false
+  data_curation: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training: curation methodologies (e.g. cleaning, filtering etc)'
+    value: !!bool false
+  data_number: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training: the number of data points'
+    value: !!bool false
+  data_characteristics: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training: data points scope and main characteristics applicable'
+    value: !!bool false
+  data_origin: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training: how the data was obtained and selected'
+    value: !!bool false
+  data_bias: # Art. 53; Annex XI(1)(2)(c)
+    verbose: 'Information on the data used for training: all other measures to detect the unsuitability of data sources and methods to detect identifiable biases, where applicable'
+    value: !!bool false
+  computation: # Art. 53; Annex XI(1)(2)(d)
+    verbose: 'The computational resources used to train the model (e.g. number of floating point operations – FLOPs), training time, and other relevant details related to the training'
+    value: !!bool false
+  energy_consumption: # Art. 53; Annex XI(1)(2)(e)
+    verbose: 'Known or estimated energy consumption of the model; in case not known, this could be based on information about computational resources used'
+    value: !!bool false
+  evaluation: # Art. 53; Annex XI(2)(1)
+    verbose: 'Detailed description of the evaluation strategies, including evaluation results, on the basis of available public evaluation protocols and tools or otherwise of other evaluation methodologies. Evaluation strategies shall include evaluation criteria, metrics and the methodology on the identification of limitations'
+    value: !!bool false
+  adversarial_testing: # Art. 53; Annex XI(2)(2)
+    verbose: 'Where applicable, detailed description of the measures put in place for the purpose of conducting internal and/or external adversarial testing (e.g. red teaming), model adaptations, including alignment and fine-tuning'
+    value: !!bool false
+
+obligations_for_providers_of_gpai_models_with_systemic_risk:
+  evaluation: # Art. 55(1)(a)
+    verbose: 'Perform model evaluation in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identify and mitigate systemic risk'
+    value: !!bool false
+  systematic_risk: # Art. 55(1)(b)
+    verbose: 'Assess and mitigate possible systemic risks at Union level, including their sources, that may stem from the development'
+    value: !!bool false
+  cybersecurity: # Art. 55(1)(d)
+    verbose: 'Ensure an adequate level of cybersecurity protection for the GPAI model with systemic risk and the physical infrastructure of the mode'
+    value: !!bool false

project_cc.md → project_cc.yaml

@@ -1,82 +1,102 @@
-smb_status:
-  smb_status: # Art. 11(1) 
+smb:
+  smb: # Art. 11(1) 
     verbose: 'AI project is operated by a small or medium-sized enterprise' 
     value: !!bool false
 
-eu_market_status:
-  placed_on_market_status: # Art. 3(9)
+eu_market:
+  placed_on_market: # Art. 3(9)
     verbose: 'AI project is being made available on the Union market for the first time'
     value: !!bool false 
-  put_into_service_status: #Art. 3(11)
+  put_into_service: #Art. 3(11)
     verbose: 'AI project is supplied for first use directly to the deployer or for own use in the Union for its intended purpose;'
 
-ai_project_owner_role:
-  provider_status: # Art. 2
+operator_role:
+  provider: # Art. 2
     verbose: 'The owner of this AI project is a natural or legal person, public authority, agency or other body that develops an AI system or a general-purpose AI model or that has an AI system or a general-purpose AI model developed and places it on the market or puts the AI system into service under its own name or trademark, whether for payment or free of charge'
     value: !!bool false 
-  on_market_status: # Art 2 
+  on_market: # Art 2 
     verbose: "AI project is placed on the market or put into service in the Union"
     value: !!bool false  
-  deployer_status: # Art. 2
-    verbose: 'The owner of this AI project is a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity'
-    value: !!bool false 
-  eu_location_status: # Art. 2
-    verbose: 'The owner of this AI project has its place of establishment or location within the Union'
-    value: !!bool true  
-  output_status: # Art. 2
-    verbose: 'the output produced by the AI system is used in the Union'
-    value: !!bool true 
-  importer_status: # Art. 2 
-    verbose: 'AI project owner is a natural or legal person located or established in the Union that places on the market an AI system that bears the name or trademark of a natural or legal person established in a third country'
-    value: !!bool true 
-  distributor_status:
-    verbose: 'a natural or legal person in the supply chain, other than the provider or the importer, that makes an AI system available on the Union market'
-    value: !!bool true # Art. 2
-  product_manufacturer_status:
-    value: !!bool true # Art. 2
+  deployer: # Art. 2
+    verbose: 'AI project operator is a natural or legal person, public authority, agency or other body using an AI system under its authority except where the AI system is used in the course of a personal non-professional activity'
+    value: !!bool false 
+  eu_located: # Art. 2
+    verbose: 'AI project operator has its place of establishment or location within the Union'
+    value: !!bool false  
+  output_used: # Art. 2
+    verbose: 'The output produced by the AI system is used in the Union'
+    value: !!bool false 
+  importer: # Art. 2 
+    verbose: 'AI project operator is a natural or legal person located or established in the Union that places on the market an AI system that bears the name or trademark of a natural or legal person established in a third country'
+    value: !!bool false 
+  distributor:
+    verbose: 'AI project operator is a natural or legal person in the supply chain, other than a provider or the importer, that makes an AI system available on the Union market'
+    value: !!bool false # Art. 2
+  product_manufacturer:
+    verbose: 'AI project operator is a product manufacturer'
+    value: !!bool false # Art. 2
 
-ai_system_status:
-  ai_system_status: # Art. 3(1)
+ai_system:
+  ai_system: # Art. 3(1)
     verbose: 'AI project is a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments'
-    value: !!bool true 
+    value: !!bool false 
 
-gpai_model_status:
-  gpai_model_status: # Art. 3(63)
+gpai_model:
+  gpai_model: # Art. 3(63)
     verbose: 'AI project is an AI model, including where such an AI model is trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks regardless of the way the model is placed on the market and that can be integrated into a variety of downstream systems or applications, except AI models that are used for research, development or prototyping activities before they are placed on the market'
-    value: !!bool true  
+    value: !!bool false  
 
-excepted_use:
-  scientific_r_and_d: # Art. 2(6) 
+excepted:
+  scientific: # Art. 2(6) 
     verbose: 'AI project is or was specifically developed and put into service for the sole purpose of scientific research and development'
-    value: !!bool true 
+    value: !!bool false 
   pre_market: # Art. 2(8) 
     verbose: 'AI project strictly consists of research, testing or development activity of the sort that takes place prior to their being placed on the market or put into service'
-    value: !!bool true 
-  open_source_gpai: # Art. 53(2)
+    value: !!bool false 
+  open_source_ai_system: # Art. 2(11) 
+    verbose: 'AI project is released under free and open-source licences'
+    value: !!bool false  
+  open_source_gpai_model: # Art. 53(2)
     verbose: 'AI project involves AI models that are released under a free and open-source licence that allows for the access, usage, modification, and distribution of the model, and whose parameters, including the weights, the information on the model architecture, and the information on model usage, are made publicly available. This exception shall not apply to general purpose AI models with systemic risks'
-    value: !!bool true  
+    value: !!bool false  
 
-prohibited_ai_practice_status:
-  manipulative: # Art. 5(1)(a)
-    verbose: 'This AI system deploys subliminal or purposefully manipulative or deceptive techniques, with the objective or effect of materially distorting the behavior of people by appreciably impairing their ability to make an informed decision, thereby causing them to take a decision that they would not have otherwise taken in a manner that causes or is reasonably likely to cause significant harm'
-    value: !!bool false 
-  exploit_vulnerable: # Art. 5(1)(b)
-    verbose: 'This AI system exploits the vulnerabilities of natural people due to their age, disability or a specific social or economic situation, with the objective or effect of materially distorting their behaviour in a manner that causes or is reasonably likely to cause significant harm'
-    value: !!bool false 
-  social_score: # Art. 5(1)(c)
-    verbose: 'This AI system is for the evaluation or classification of natural people over a certain period of time based on their social behaviour or known, inferred or predicted personal or personality characteristics, with the social score leading to at least one of the following: (i) detrimental or unfavourable treatment of certain natural people in social contexts that are unrelated to the contexts in which the data was originally generated or collected; (ii) detrimental or unfavourable treatment of certain natural people that is unjustified or disproportionate to their social behaviour or its gravity'
-    value: !!bool false 
-  crime_prediction:  # Art. 5(1)(d)
-    verbose: 'This AI system makes risk assessments of natural persons in order to assess or predict the risk of them committing a criminal offence, based solely on the profiling of the natural person or on assessing their personality traits and characteristics (and does not support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity)'
-    value: !!bool false
-  untarged_face: # Art. 5(1)(e)
-    verbose: 'This AI systems creates or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage'
-    value: !!bool false 
-  emotion_prediction: # Art. 5(1)(f)
-    verbose: 'This AI systems infer emotions of a natural person in the areas of workplace and education institutions and is not intended to be put in place or into the market for medical or safety reasons'
-    value: !!bool false 
+prohibited_practice:
+  ai_system:
+    manipulative: # Art. 5(1)(a)
+      verbose: 'The AI project deploys subliminal or purposefully manipulative or deceptive techniques, with the objective or effect of materially distorting the behavior of people by appreciably impairing their ability to make an informed decision, thereby causing them to take a decision that they would not have otherwise taken in a manner that causes or is reasonably likely to cause significant harm'
+      value: !!bool false 
+    exploit_vulnerable: # Art. 5(1)(b)
+      verbose: 'The AI project exploits the vulnerabilities of natural people due to their age, disability or a specific social or economic situation, with the objective or effect of materially distorting their behaviour in a manner that causes or is reasonably likely to cause significant harm'
+      value: !!bool false 
+    social_score: # Art. 5(1)(c)
+      verbose: 'The AI project is for the evaluation or classification of natural people over a certain period of time based on their social behaviour or known, inferred or predicted personal or personality characteristics, with the social score leading to at least one of the following: (i) detrimental or unfavourable treatment of certain natural people in social contexts that are unrelated to the contexts in which the data was originally generated or collected; (ii) detrimental or unfavourable treatment of certain natural people that is unjustified or disproportionate to their social behaviour or its gravity'
+      value: !!bool false 
+    crime_prediction:  # Art. 5(1)(d)
+      verbose: 'This AI project makes risk assessments of natural persons in order to assess or predict the risk of them committing a criminal offence, based solely on the profiling of the natural person or on assessing their personality traits and characteristics (and does not support the human assessment of the involvement of a person in a criminal activity, which is already based on objective and verifiable facts directly linked to a criminal activity)'
+      value: !!bool false
+    untarged_face: # Art. 5(1)(e)
+      verbose: 'This AI project creates or expand facial recognition databases through the untargeted scraping of facial images from the internet or CCTV footage'
+      value: !!bool false 
+    emotion_prediction: # Art. 5(1)(f)
+      verbose: 'The AI project infers emotions of a natural person in the areas of workplace and education institutions and is not intended to be put in place or into the market for medical or safety reasons'
+      value: !!bool false 
+  biometric:
+    categorization: # Art. 5(1)(g)
+      verbose: 'The AI project involves the use of biometric categorisation systems that categorise individually natural persons based on their biometric data to deduce or infer their race, political opinions, trade union membership, religious or philosophical beliefs, sex life or sexual orientation; this prohibition does not cover any labelling or filtering of lawfully acquired biometric datasets, such as images, based on biometric data or categorizing of biometric data in the area of law enforcement'
+      value: !!bool false 
+    real_time:  # Art. 5(1)(h)
+      verbose: 'The AI project involves use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement'
+      value: !!bool false 
+    real_time_exception_victim: # Art. 5(1)(h)
+      verbose: 'The AI project involves use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement stricly for the targeted search for specific victims of abduction, trafficking in human beings or sexual exploitation of human beings, or the search for missing persons'
+      value: !!bool false 
+    real_time_exception_threat: 
+      verbose: 'The AI project involves use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement stricly for the prevention of a specific, substantial and imminent threat to the life or physical safety of natural persons or a genuine and present or genuine and foreseeable threat of a terrorist attack'
+    real_time_exception_investigation:
+      verbose: 'The AI project involves use of ‘real-time’ remote biometric identification systems in publicly accessible spaces for the purposes of law enforcement stricly for the localisation or identification of a person suspected of having committed a criminal offence, for the purpose of conducting a criminal investigation or prosecution or executing a criminal penalty for offences referred to in Annex II and punishable in the Member State concerned by a custodial sentence or a detention order for a maximum period of at least four years.'
+      value: !!bool false 
 
-high_risk_ai_system_status:
+high_risk_ai_system:
   safety_component: # Art. 6(1)(a)
     verbose: 'AI project is intended to be used as a safety component of a product'
     value: !!bool false 
@@ -118,23 +138,23 @@ high_risk_ai_system_status:
     value: !!bool false 
   filter_exception_rights: # Art. 6(3)
     verbose: 'The AI initiate does not pose a significant risk of harm to the health, safety or fundamental rights of natural persons, including by not materially influencing the outcome of decision making'
-    value: !!bool true 
+    value: !!bool false 
   filter_exception_narrow: # Art. 6(3)(a)
     verbose: 'The AI project is intended to perform a narrow procedural task'
     value: !!bool false
-  filter_exception_narrow: # Art. 6(3)(b)
+  filter_exception_human: # Art. 6(3)(b)
     verbose: 'the AI project is intended to improve the result of a previously completed human activity'
     value: !!bool false
   filter_exception_deviation: # Art. 6(3)(c)
     verbose: 'the AI system is intended to detect decision-making patterns or deviations from prior decision-making patterns and is not meant to replace or influence the previously completed human assessment, without proper human review'
     value: !!bool false
-  filter_exception_deviation: # Art. 6(3)(d)
+  filter_exception_prep: # Art. 6(3)(d)
     verbose: 'the AI system is intended to perform a preparatory task to an assessment relevant for the purposes of the use cases listed in Annex III.'
     value: !!bool false 
 
 risk_management_system:
   established: # Article 9
-    verbose: 'Risk management system has been established, implemented, documented and maintained for AI system'
+    verbose: 'Risk management system has been established, implemented, documented and maintained for AI project'
     value: !!bool false 
   lifecycle: # Art. 9(2)
     verbose: 'Risk management system (high-risk AI system) has been planned, run, reviewed, and updated, throughout the entire lifecycle of AI system'
@@ -224,74 +244,173 @@ record_keeping:
   input: # Art. 12(2)(c)
     verbose: 'For the remote biometric identification systems high-risk AI systems referred to in point 1 (a), of Annex III, the logging capabilities shall provide, at a minimum, the input data for which the search has led to a match'
     value: !!bool false 
-  'For the remote biometric identification systems high-risk AI systems referred to in point 1 (a), of Annex III, the logging capabilities shall provide, at a minimum, the identification of the natural persons involved in the verification of the results, as referred to in Article 14(5)': !!bool false # Art. 12(2)(d)
+  identification: # Art. 12(2)(d)
+    verbose: 'For the remote biometric identification systems high-risk AI systems referred to in point 1 (a), of Annex III, the logging capabilities shall provide, at a minimum, the identification of the natural persons involved in the verification of the results, as referred to in Article 14(5)'
+    value: !!bool false 
 
 transparency_and_provision_of_information_to_deployers:
-  'AI system is designed and developed to ensure operation is sufficiently transparent for deployers to interpret output and use appropriately': !!bool true # Art. 13(1)
-  'AI system is designed and developed with transparency to ensure compliance with provider and deployer obligations in Section 3': !!bool true # Art. 13(1)
-  'AI system is accompanied by instructions for use in appropriate digital format or otherwise, with concise, complete, correct, clear, relevant, accessible, and comprehensible information for deployers': !!bool true # Art. 13(2)
-  'Instructions include provider identity and contact details, and if applicable, authorized representative details': !!bool true # Art. 13(3)(a)
-  'Instructions include AI system characteristics, capabilities, performance limitations, and intended purpose': !!bool true # Art. 13(3)(b)(i)
-  'Instructions include accuracy metrics, robustness, cybersecurity, and potential impacts on these': !!bool true # Art. 13(3)(b)(ii)
-  'Instructions include foreseeable circumstances that may risk health, safety, or fundamental rights': !!bool true # Art. 13(3)(b)(iii)
-  'Instructions include technical capabilities to provide information relevant to explaining output': !!bool true # Art. 13(3)(b)(iv)
-  'Instructions include performance regarding specific persons or groups, if applicable': !!bool true # Art. 13(3)(b)(v)
-  'Instructions include input data specifications and relevant training, validation, and testing dataset information': !!bool true # Art. 13(3)(b)(vi)
-  'Instructions include information to enable deployers to interpret and appropriately use AI system output': !!bool true # Art. 13(3)(b)(vii)
-  'Instructions include predetermined changes to AI system and its performance since initial conformity assessment': !!bool true # Art. 13(3)(c)
-  'Instructions include human oversight measures and technical measures for output interpretation': !!bool true # Art. 13(3)(d)
-  'Instructions include computational and hardware resource needs, expected lifetime, and maintenance measures': !!bool true # Art. 13(3)(e)
-  'Instructions include description of mechanisms for deployers to collect, store, and interpret logs, if applicable': !!bool true # Art. 13(3)(f)
+  interpretability: # Art. 13(1)
+    verbose: 'AI system is designed and developed to ensure operation is sufficiently transparent for deployers to interpret output and use appropriately'
+    value: !!bool false 
+  compliance: # Art. 13(1)
+    verbose: 'AI system is designed and developed with transparency to ensure compliance with provider and deployer obligations in Section 3'
+    value: !!bool false 
+  instructions: # Art. 13(2)
+    verbose: 'AI system is accompanied by instructions for use in appropriate digital format or otherwise, with concise, complete, correct, clear, relevant, accessible, and comprehensible information for deployers'
+    value: !!bool false 
+  contact_details:  # Art. 13(3)(a)
+    verbose: 'Instructions include provider identity and contact details, and if applicable, authorized representative details'
+    value: !!bool false
+  characteristics: # Art. 13(3)(b)(i)
+    verbose: 'Instructions include AI system characteristics, capabilities, performance limitations, and intended purpose'
+    value: !!bool false 
+  metrics: # Art. 13(3)(b)(ii)
+    verbose: 'Instructions include accuracy metrics, robustness, cybersecurity, and potential impacts on these'
+    value: !!bool false
+  foreseeable: # Art. 13(3)(b)(iii)
+    verbose: 'Instructions include foreseeable circumstances that may risk health, safety, or fundamental rights'
+    value: !!bool false 
+  output: # Art. 13(3)(b)(iv)
+   verbose: 'Instructions include technical capabilities to provide information relevant to explaining output'
+   value: !!bool false 
+  specific_persons: # Art. 13(3)(b)(v)
+    verbose: 'Instructions include performance regarding specific persons or groups, if applicable'
+    value: !!bool false 
+  data: # Art. 13(3)(b)(vi)
+    verbose: 'Instructions include input data specifications and relevant training, validation, and testing dataset information'
+    value: !!bool false 
+  deployers:  # Art. 13(3)(b)(vii)
+    verbose: 'Instructions include information to enable deployers to interpret and appropriately use AI system output'
+    value: !!bool false 
+  changes: # Art. 13(3)(c)
+    verbose: 'Instructions include predetermined changes to AI system and its performance since initial conformity assessment'
+    value: !!bool false 
+  oversight_measures: # Art. 13(3)(d)
+    verbose: 'Instructions include human oversight measures and technical measures for output interpretation' 
+    value: !!bool false 
+  hardware: # Art. 13(3)(e)
+    verbose: 'Instructions include computational and hardware resource needs, expected lifetime, and maintenance measures'
+    value: !!bool false 
+  logging: # Art. 13(3)(f)
+    verbose: 'Instructions include description of mechanisms for deployers to collect, store, and interpret logs, if applicable'
+    value: !!bool false 
 
 human_oversight:
-  'AI system is designed and developed to be effectively overseen by natural persons during use, including appropriate human-machine interface tools': !!bool true # Art. 14(1)
-  'Human oversight aims to prevent or minimize risks to health, safety, or fundamental rights during intended use or foreseeable misuse': !!bool true # Art. 14(2)
-  'Oversight measures are commensurate with risks, autonomy level, and use context, ensured through provider-built measures and/or deployer-implemented measures': !!bool true # Art. 14(3)
-  'AI system enables assigned persons to understand its capacities and limitations, monitor operation, and detect anomalies': !!bool true # Art. 14(4)
-  'AI system enables assigned persons to be aware of potential automation bias': !!bool true # Art. 14(4)(a)
-  'AI system enables assigned persons to correctly interpret its output': !!bool true # Art. 14(4)(c)
-  'AI system enables assigned persons to decide not to use it or override its output': !!bool true # Art. 14(4)(d)
-  'AI system enables assigned persons to intervene or halt the system through a stop button or similar procedure': !!bool true # Art. 14(4)(e)
-  'For Annex III point 1(a) systems, actions or decisions require verification by at least two competent persons, with exceptions for law enforcement, migration, border control, or asylum': !!bool true # Art. 14(5)
+  designed: # Art. 14(1)
+    verbose: 'AI system is designed and developed to be effectively overseen by natural persons during use, including appropriate human-machine interface tools'
+    value: !!bool false 
+  minimize_risks:  # Art. 14(2)
+    verbose: 'Human oversight aims to prevent or minimize risks to health, safety, or fundamental rights during intended use or foreseeable misuse'
+    value: !!bool false 
+  commensurate: # Art. 14(3)
+    verbose: 'Oversight measures are commensurate with risks, autonomy level, and use context, ensured through provider-built measures and/or deployer-implemented measures'
+    value: !!bool false 
+  understandable: # Art. 14(4)
+    verbose: 'AI system enables assigned persons to understand its capacities and limitations, monitor operation, and detect anomalies'
+    value: !!bool false 
+  automation_bias: # Art. 14(4)(a)
+    verbose: 'AI system enables assigned persons to be aware of potential automation bias'
+    value: !!bool false 
+  interpretabilty: # Art. 14(4)(c)
+    verbose: 'AI system enables assigned persons to correctly interpret its output'
+    value: !!bool false 
+  override: # Art. 14(4)(d)
+    verbose: 'AI system enables assigned persons to decide not to use it or override its output'
+    value: !!bool false 
+  stop_button: # Art. 14(4)(e)
+    verbose: 'AI system enables assigned persons to intervene or halt the system through a stop button or similar procedure'
+    value: !!bool false 
+  verification: # Art. 14(5)
+    verbose: 'For Annex III point 1(a) systems, actions or decisions require verification by at least two competent persons, with exceptions for law enforcement, migration, border control, or asylum'
+    value: !!bool false 
 
 accuracy_robustness_cybersecurity:
-  'AI system is designed and developed to achieve appropriate levels of accuracy, robustness, and cybersecurity, performing consistently throughout its lifecycle': !!bool true # Art. 15(1)
-  'Commission encourages development of benchmarks and measurement methodologies for accuracy and robustness': !!bool true # Art. 15(2)
-  'Accuracy levels and relevant metrics are declared in accompanying instructions of use': !!bool true # Art. 15(3)
-  'AI system is resilient against errors, faults, or inconsistencies, with technical and organizational measures implemented': !!bool true # Art. 15(4)
-  'AI system that continues learning after deployment is designed to eliminate or reduce risk of biased outputs influencing future operations': !!bool true # Art. 15(4)
-  'AI system is resilient against unauthorized third-party attempts to alter use, outputs, or performance': !!bool true # Art. 15(5)
-  'Cybersecurity solutions are appropriate to relevant circumstances and risks': !!bool true # Art. 15(5)
-  'Technical solutions address AI-specific vulnerabilities, including measures against data poisoning, model poisoning, adversarial examples, and confidentiality attacks': !!bool true # Art. 15(5)
+  design: # Art. 15(1)
+    verbose: 'AI system is designed and developed to achieve appropriate levels of accuracy, robustness, and cybersecurity, performing consistently throughout its lifecycle'
+    value: !!bool false 
+  metrics_in_instructions: # Art. 15(3)
+    verbose: 'Accuracy levels and relevant metrics are declared in accompanying instructions of use'
+    value: !!bool false 
+  error_resiliance: # Art. 15(4)
+    verbose: 'AI system is resilient against errors, faults, or inconsistencies, with technical and organizational measures implemented'
+    value: !!bool false 
+  bias: # Art. 15(4)
+    verbose: 'AI system that continues learning after deployment is designed to eliminate or reduce risk of biased outputs influencing future operations'
+    value: !!bool false 
+  unauthorized_use: # Art. 15(5)
+    verbose: 'AI system is resilient against unauthorized third-party attempts to alter use, outputs, or performance'
+    value: !!bool false 
+  cybersecurity_solutions: # Art. 15(5)
+    verbose: 'Cybersecurity solutions are appropriate to relevant circumstances and risks'
+    value: !!bool false 
+  ai_vulnerabilities: # Art. 15(5)
+    verbose: 'Technical solutions address AI-specific vulnerabilities, including measures against data poisoning, model poisoning, adversarial examples, and confidentiality attacks'
+    value: !!bool false 
 
 quality_management_system:
-  'Initiative is subject to a quality management system with strategy for regulatory compliance': !!bool true # Art. 17(1)(a)
-  'System includes techniques, procedures, and actions for design, control, and verification of high-risk AI system': !!bool true # Art. 17(1)(b)
-  'System includes techniques, procedures, and actions for development, quality control, and quality assurance': !!bool true # Art. 17(1)(c)
-  'System includes examination, test, and validation procedures before, during, and after development': !!bool true # Art. 17(1)(d)
+  quality_management_system: # Art. 17(1)(a)
+    verbose: 'Initiative is subject to a quality management system with strategy for regulatory compliance'
+    value: !!bool false 
+  design: # Art. 17(1)(b)
+    verbose: 'System includes techniques, procedures, and actions for design, control, and verification of high-risk AI system'
+    value: !!bool false 
+  quality_control: # Art. 17(1)(c)
+    verbose: 'System includes techniques, procedures, and actions for development, quality control, and quality assurance'
+    value: !!bool false 
+  testing: # Art. 17(1)(d)
+    verbose: 'System includes examination, test, and validation procedures before, during, and after development'
+    value: !!bool false 
 
 transparency_obligations:
-  'Providers of AI systems generating synthetic content ensure outputs are marked and detectable as artificially generated': !!bool true # Art. 50(2)
-  'Technical solutions for marking are effective, interoperable, robust, and reliable': !!bool true # Art. 50(2)
+  synthetic_content: # Art. 50(2)
+    verbose: 'Providers of AI systems generating synthetic content ensure outputs are marked and detectable as artificially generated'
+    value: !!bool false 
+  marking_solutions: # Art. 50(2)
+    verbose: 'Technical solutions for marking are effective, interoperable, robust, and reliable'
+    value: !!bool false 
 
-gpai_model_classification:
-  'Model impact capabilities evaluated using appropriate technical tools and methodologies': !!bool true # Art. 51
-  'Cumulative compute for training measured in floating point operations (FLOPs)': !!bool true # Art. 51(2)
+gpai_model_systematic_risk:
+  evaluation:  # Art. 51
+    verbose: 'Model impact capabilities were evaluated using appropriate technical tools and methodologies'
+    value: !!bool false 
+  flops: # Art. 51(2)
+    verbose: 'Cumulative compute for training measured in floating point operations (FLOPs)'
+    value: !!bool false 
 
 gpai_model_provider_obligations:
-  'Provide information on intended tasks, integration types, and acceptable use policies': !!bool true # Art. 53(1)(a); Annex XI(1)(1)(a-c)
-  'Provide details on model architecture, parameters, input/output modalities, and license': !!bool true # Art. 53(1)(a); Annex XI(1)(1)(d-f)
-  'Describe training methodologies, key design choices, and optimization goals': !!bool true # Art. 53(1)(b); Annex XI(1)(2)(b)
-  'Provide information on training, testing, and validation data': !!bool true # Art. 53(1)(b); Annex XI(1)(2)(c)
-  'Disclose computational resources and energy consumption for training': !!bool true # Art. 53(1)(b); Annex XI(1)(2)(d-e)
-  'Describe evaluation strategies, results, and adversarial testing measures': !!bool true # Art. 53(1)(b); Annex XI(2)(1-2)
-
-obligations_to_downstream_providers:
-  'Provide general description of GPAI model, including intended tasks and integration types': !!bool true # Art. 53(1)(b); Annex XII(1)(a-h)
-  'Describe model elements, development process, and integration requirements': !!bool true # Art. 53(1)(b); Annex XII(2)(a-c)
+  intended_uses: # Art. 53(1)(a); Annex XI(1)(1)(a-c)
+    verbose: 'Provide information on intended tasks, integration types, and acceptable use policies'
+    value: !!bool false 
+  model_architecture: # Art. 53(1)(a); Annex XI(1)(1)(d-f)
+    verbose: 'Provide details on model architecture, parameters, input/output modalities, and license'
+    value: !!bool false 
+  training_methodologies: # Art. 53(1)(b); Annex XI(1)(2)(b)
+    verbose: 'Describe training methodologies, key design choices, and optimization goals'
+    value: !!bool false 
+  data: # Art. 53(1)(b); Annex XI(1)(2)(c)
+    verbose: 'Provide information on training, testing, and validation data'
+    value: !!bool false 
+  computation: # Art. 53(1)(b); Annex XI(1)(2)(d-e)
+    verbose: 'Disclose computational resources and energy consumption for training'
+    value: !!bool false 
+  evaluation: # Art. 53(1)(b); Annex XI(2)(1-2)
+    verbose: 'Describe evaluation strategies, results, and adversarial testing measures'
+    value: !!bool false 
+  general_description: # Art. 53(1)(b); Annex XII(1)(a-h)
+    verbose: 'To downstream providers, provide general description of GPAI model, including intended tasks and integration types'
+    value: !!bool false 
+  development_process: # Art. 53(1)(b); Annex XII(2)(a-c)
+    verbose: 'To downstream providers, describe model elements, development process, and integration requirements'
+    value: !!bool false 
 
-obligations_for_systemic_risk_models:
-  'Perform model evaluation using standardized protocols and conduct adversarial testing': !!bool true # Art. 55(1)(a)
-  'Assess and mitigate possible systemic risks at Union level': !!bool true # Art. 55(1)(b)
-  'Ensure adequate cybersecurity protection for the model and infrastructure': !!bool true # Art. 55(1)(d)
+gpai_obligations_for_systemic_risk_models:
+  evaluation: # Art. 55(1)(a)
+    verbose: 'Perform model evaluation using standardized protocols and conduct adversarial testing'
+    value: !!bool false 
+  mitigation: # Art. 55(1)(b)
+    verbose: 'Assess and mitigate possible systemic risks at Union level'
+    value: !!bool false 
+  cybersecurity: # Art. 55(1)(d)
+    verbose: 'Ensure adequate cybersecurity protection for the model and infrastructure'
+    value: !!bool false