|
|
|
|
|
|
by AIA_PROOF
91 days ago
|
|
|
This is a genuinely useful piece of infrastructure. The Art. 12 append-only requirement is one of the more technically interesting compliance obligations because most engineering teams reach for standard application logging, which doesn't satisfy the tamper-evidence requirement. One thing worth flagging from a compliance perspective: Art. 12 requires logs to be retained for the lifetime of the high-risk AI system or at minimum 10 years from the last use. The 180-day floor you mention is a starting point but auditors will typically ask for much longer retention windows, especially for systems used in employment, credit, or law enforcement contexts. Also worth noting for teams building on this: the logs themselves become part of the "technical documentation" under Art. 11, which means they need to be accessible in a structured way to notified bodies during a conformity assessment — not just stored. The CLI reconstruction feature you describe is a good step toward that. Building similar documentation tooling for EU AI Act compliance (the broader evidence vault problem, not just logging) and this kind of open infrastructure for Art. 12 specifically would integrate well with that approach. |
|
|