Methodology
How TrustPacket classifies your AI system — and what it can't do.
Rule-based, not AI
The EU AI Act defines risk tiers through explicit rules in Annex I (product safety), Annex III (high-risk use cases), and Article 5 (prohibited practices). These aren't subjective — they're decision trees. We implemented those trees as code.
We don't use AI to classify your system.Using an LLM to interpret legal text would introduce hallucination risk. Instead, we ask you structured questions and map your answers to the regulation's enumerated categories.
The decision cascade
Our classification logic follows this order (implemented in lib/aiact/classify.ts):
- Out-of-scope check:If you answer "no EU market exposure", classification stops. The Act doesn't apply. (Article 2 — territorial scope.)
- Prohibited tier:If you selected any Article 5 prohibited practice (social scoring, manipulation, emotion recognition in workplace/education, biometric categorization), result is "prohibited". These are banned regardless of safeguards. (Article 5(1).)
- High-risk tier:If you selected any Annex III use case (employment, credit scoring, education access, law enforcement, biometric ID, critical infrastructure, migration/asylum), result is "high-risk". Annex I product-safety systems also land here, but we don't yet distinguish pre-market vs post-market timelines — that's a known gap.
- Limited-risk tier:If you selected any Article 50 transparency trigger (chatbot, emotion recognition for non-prohibited use, biometric categorization for non-prohibited use, synthetic content generation), result is "limited-risk". Transparency obligations apply.
- Minimal-risk tier:If none of the above apply, result is "minimal". Only baseline duties (Article 4 AI literacy) apply. This is the default for most AI systems.
What we can't determine
The Act contains judgment calls our tool can't make for you:
- Article 6(3) derogation:High-risk systems can be downgraded to non-high-risk if they perform a narrow procedural task, don't materially influence outcomes, and meet other conditions. This is a legal analysis we can't automate — when answers are ambiguous, we flag "review recommended".
- General-purpose vs narrow:Determining whether you "provide" a GPAI model under Article 3(44) requires understanding your distribution model and API terms. We ask a yes/no question, but the real answer might need counsel.
- Substantial modification:Article 43(4) says substantial modifications restart conformity obligations. We can't tell you whether a v2.0 release counts as "substantial" — that's context-specific.
- Provider vs deployer vs distributor:Article 2 definitions overlap in complex supply chains. If you white-label someone else's model and rebrand it, are you a provider? Probably — but "probably" isn't compliance.
When our tool encounters these ambiguities (you selected multiple high-risk areas + transparency triggers, or your company size suggests enterprise-scale operations that might trigger additional scrutiny), we set reviewRecommended: true in the result and tell you to consult qualified counsel.
Sources and updates
Our classification logic is based on:
- Regulation (EU) 2024/1689 — the AI Act text as published in the Official Journal, 2 Aug 2024.
- Annexes I, III, IV, and recitals — the enumerated lists and explanatory context.
- Commission Q&A and guidance documents— when published, we incorporate clarifications that don't contradict the regulation itself.
We track regulatory developments and update the classification logic when the Commission issues binding guidance or when delegated acts amend the annexes. When we make changes, we'll note them on the /updates page (coming Sprint 4).
Limitations by design
Our tool is a self-assessment aid, not a legal service. We designed it this way on purpose:
- We don't collect enough information to render a binding opinion (we'd need to review your code, contracts, GDPR docs, risk assessments).
- We're not qualified to provide legal advice under any EU member state's bar rules.
- Even if we were, templated document generation isn't a substitute for bespoke legal work when stakes are high (prohibited practices, novel use cases, systems processing millions of decisions).
The output you get — classification tier + obligations + generated documents — is a starting point. It's 80% of the work done in 15 minutes. The remaining 20% (reviewing gaps, tailoring policies, confirming edge-case classifications) is where a lawyer adds value we can't replicate.
How to verify our logic
Our classification function is open to inspection (not open-source, but viewable in dev tools):
- Open the risk checker and complete it with your answers.
- Open browser dev tools (F12) and look at the network tab for
/checkerrequests. - The classification happens client-side — you can see the exact logic in the bundled JS.
If you spot a classification bug (we map an answer to the wrong tier, or cite the wrong article), email us at hello@trustpacket.app. We'll fix it and credit you if you want.
See the classifier in action