unfair-discrimination-incident-card-profile/profile.json at main · mizcausevic-dev/unfair-discrimination-incident-card-profile · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
{
  "incident_card_profile_version": "0.1",
  "profile_id": "unfair-discrimination-incident-card-v0.1",
  "title": "Unfair Discrimination AI Incident Card (InsurTech)",
  "purpose": "Profile of the AI Incident Card spec scoped to insurance unfair-discrimination, biased decisioning, NAIC AI Model Bulletin governance gaps, and FCRA-dispute-pattern AI events. Provides the severity / type / regulator-referral taxonomy a state DOI market-conduct examiner + Fair Insurance Committee + actuarial committee + outside counsel expect when an AI insurance tool is implicated in a consumer harm.",
  "applies_to": [
    "admitted-insurer",
    "surplus-lines-insurer",
    "reinsurer",
    "managing-general-agent",
    "third-party-administrator"
  ],
  "event_type_taxonomy": [
    {"code": "ai-unfair-discrimination-pattern",       "description": "Pattern of AI-driven outcomes that disproportionately disadvantage a protected class (CO SB 21-169 / NAIC §3 implicating)"},
    {"code": "ai-individual-adverse-action-error",     "description": "Single AI-recommended adverse action subsequently overturned on human review or appeal, indicating model error"},
    {"code": "ai-ecdis-input-defect",                   "description": "External Consumer Data and Information Source (ECDIS) input found to be defective, biased, or unauthorized (NY DFS CL 7 implicating)"},
    {"code": "ai-fcra-dispute-pattern",                 "description": "FCRA consumer-report dispute pattern traced back to AI tool reliance on a contested consumer report"},
    {"code": "ai-actuarial-soundness-defect",           "description": "AI rating / pricing model found to lack documented actuarial-soundness for an outcome the AI produced"},
    {"code": "ai-third-party-vendor-control-failure",   "description": "Third-party AI vendor failed a contractual control (e.g. missed bias-test deliverable, expired SOC 2)"},
    {"code": "ai-governance-program-gap",                "description": "Internal AI governance program gap detected (missing inventory entry, expired board approval, etc.)"},
    {"code": "ai-consumer-notice-defect",                "description": "AI-related consumer notice missing, incomplete, or contradictory to actual model behavior"},
    {"code": "ai-data-breach-with-ai-component",        "description": "Data breach where AI training data or model output is a component"},
    {"code": "ai-state-doi-exam-finding",                "description": "Finding raised during a state DOI market-conduct examination implicating an AI system"}
  ],
  "severity_scale": [
    {"code": "S1-low",        "description": "Single-consumer notice-only issue; remediated within 30 days; no regulator notification required"},
    {"code": "S2-moderate",   "description": "Pattern affecting < 100 consumers OR single consumer with material financial impact; state DOI notification recommended"},
    {"code": "S3-serious",    "description": "Pattern affecting 100-1000 consumers OR documented four-fifths violation OR ECDIS defect; state DOI notification REQUIRED"},
    {"code": "S4-critical",   "description": "Pattern affecting > 1000 consumers OR cross-state pattern OR systemic four-fifths violation OR CO SB 21-169 §10-3-1104.9 referral pathway; multi-state DOI + CFPB + DOJ referral evaluation REQUIRED"}
  ],
  "regulator_referral_pathways": [
    {"code": "state-doi-notification",              "trigger": "S2-moderate or higher", "destination": "Primary state of domicile + states of consumer impact"},
    {"code": "naic-mcas-flag",                       "trigger": "S3-serious or higher", "destination": "NAIC Market Conduct Annual Statement supplementary disclosure"},
    {"code": "cfpb-fcra-referral",                   "trigger": "ai-fcra-dispute-pattern event type", "destination": "Consumer Financial Protection Bureau"},
    {"code": "doj-civil-rights-referral",            "trigger": "S4-critical OR cross-state systemic pattern", "destination": "DOJ Civil Rights Division"},
    {"code": "state-ag-civil-rights-referral",       "trigger": "S3-serious or higher within a single state", "destination": "State Attorney General Civil Rights"},
    {"code": "state-doi-bulletin-violation-filing", "trigger": "Violation of an effective state DOI AI bulletin", "destination": "Filing per the bulletin's compliance reporting requirements"}
  ],
  "required_fields": [
    "incident_card_version",
    "incident_id",
    "discovered_at",
    "reported_at",
    "event_type",
    "severity",
    "affected_ai_system",
    "affected_decision_card_ref",
    "affected_consumer_count_estimate",
    "states_of_impact",
    "lines_of_business_affected",
    "regulator_referral_evaluation",
    "remediation_plan",
    "signed_by_key_uri"
  ],
  "recommended_fields": [
    "linked_audit_stream_event_ids",
    "linked_bias_coverage_bundle_id",
    "outside_counsel_engagement",
    "actuarial_committee_review_date",
    "consumer_notice_letter_template_id",
    "settlement_envelope_estimate"
  ],
  "audit_stream_emission_conventions": {
    "incident_filed_event_kind": "unfair_discrimination_incident.filed",
    "incident_remediated_event_kind": "unfair_discrimination_incident.remediated",
    "regulator_referral_event_kind": "unfair_discrimination_incident.regulator_referred"
  },
  "signature": {
    "required": true,
    "algorithm": "ed25519"
  }
}