AI_Sandbox/iesnieguma-izskatisana
MCP Server
Active
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
41509710af2dff1078128a24bb5180dd1db63e14
iesnieguma-izskatisana/docs/02-ai-act-classification.md
rg4444 41509710af init
2026-05-15 00:07:35 +03:00

3.6 KiB
Raw Blame History

EU AI Act classification

Summary

This system is classified as high-risk under the EU AI Act. The classification anchors on multiple Annex III categories rather than a single one — a deliberate framing taken in the sandbox application, because the classification ambiguity itself justifies sandbox testing.

Annex III mapping

  • §5(a) — access to and enjoyment of essential public services. When the system classifies a citizen complaint and routes it to a department, it materially affects how the citizen's right to be heard by the Ombudsman is fulfilled. The system does not control whether the citizen has access (any complaint reaches the Ombudsman regardless), but it shapes the path through the Office.
  • §8(a) — administration of justice and democratic processes. The Ombudsman exercises a quasi-judicial function — investigating complaints against public administration. AI systems that interpret normative acts (Iesniegumu likums, MK noteikumi) and apply them to concrete facts fall squarely under this category.

Article 6(3) preparatory-task argument

The package's role can also be framed under Article 6(3)(c): a system that performs "a preparatory task to an assessment relevant for the purposes of the use cases listed in Annex III." When a public authority uses this package to algorithmate its complaint-handling process, the package is the preparatory infrastructure. Article 6 explicitly classifies such systems as high-risk.

The derogation in Article 6(3) — "merely detects decision-making patterns... and is not meant to replace or influence the previously completed human assessment" — does not apply here, because the package is explicitly meant to influence the human classification (and, in regulated cases, may eventually replace it for the simplest topics).

Why this classification is appropriate

Three reasons:

  1. The outputs influence rights-related processes. Even though no final administrative decision is automated, the priority and routing determine how quickly and by whom a citizen's complaint is examined. Wrong routing delays the response.
  2. The data is sensitive. Complaints often disclose personal information about health, family situations, financial hardship, discrimination, or interactions with law enforcement. Even with redaction, the system processes information that demands the highest data-protection care.
  3. The reasoning is contestable. A citizen has a right to understand how their complaint was classified. The DMN tables are auditable in a way that an opaque AI classifier wouldn't be — which is precisely why the system was structured this way.

What the sandbox protocol assesses

The sandbox testing aims to validate, with regulator supervision (VARAM, DVI):

  • That the guardrails policy is enforceable in code and audited at every AI invocation.
  • That the audit chain is sufficient for a citizen requesting an explanation under GDPR Art. 15 or for a regulator under AI Act compliance review.
  • That the classification accuracy on real (anonymised) complaint data is materially better than human-only baseline, and that the error patterns are bounded and predictable.
  • That the human oversight required by Art. 14 is meaningful — that jurists genuinely have the information and time to review AI recommendations rather than rubber-stamping them.

What we are not claiming

This package does not claim to make legally binding decisions. It does not claim to replace jurists. It does not claim to handle constitutional-rights cases without human review. It claims, narrowly, to make the intake and triage portion of the process algorithmically explicit, auditable, and faster.

Reference in New Issue View Git Blame Copy Permalink