OMI.ME - EU AI Act Checkup

1) Executive summary

What you have (features): always‑on voice capture (necklace), real‑time transcription, summaries + action items, persona/apps marketplace, mobile app, optional smart‑glasses dev kit.

Top issues:

Transparency & UI signals - clear on‑device indicator + in‑app notices at all voice capture points; label AI‑generated content.
Bystander & consent controls - mute/hold modes, automatic ignore of TV/audio, and opt‑out UX; document lawful basis and retention windows.
Apps/Persona marketplace governance - review/approval policy, permissions prompts, and revocation; log what apps access.

Compliance Roadmap (7–14 days): add notices + device indicator spec, publish logging/retention table, ship app‑permissions prompts, create marketplace policy page, seed CI guardrail to block P1s.

2) System Register & Risk Map (CSV)

File: 10-register/system-register.csv

system_name,purpose,paths,role,eu_use,risk_guess,annexIII_trigger,art50_trigger,prohibited_flag,unknowns
Conversation Capture & Transcription,stream & transcribe ambient/user speech,"repo/app/mobile/transcription/*; repo/backend/asr/*",Provider,Yes,Limited,None,Yes,No,"UNCONFIRMED: Is there an always-on indicator and user consent gate?"
Memory & Summarization,generate summaries/memories/action items from transcripts,"repo/backend/nlp/*; repo/app/mobile/memories/*",Provider,Yes,Limited,None,Yes,No,"UNCONFIRMED: Are summaries surfaced publicly or only to the user?"
Action & Integrations,create tasks/emails/calendar via connectors,"repo/plugins/*; repo/sdks/*",Provider,Yes,Limited,None,Yes,No,"UNCONFIRMED: Do any actions auto‑send external communications without user review?"
Persona & Apps Marketplace,3rd‑party personas/apps run on user data,"repo/web/marketplace/*; repo/plugins/community/*",Provider,Yes,Limited,None,Possibly,No,"UNCONFIRMED: Is there a human‑review for app submissions and permission scopes?"
Vision / Glass Dev Kit,opt‑in visual capture for overlay/assistance,"repo/omiGlass/*",Provider,Yes,Limited/High (context),Biometrics if used for identification,Yes,No,"UNCONFIRMED: Any face/emotion recognition features enabled by default?"

Heatmap (10-register/risk-heatmap.md)

| System                         | Risk           |
|--------------------------------|----------------|
| Conversation Capture           | Limited        |
| Memory & Summarization         | Limited        |
| Action & Integrations          | Limited        |
| Persona & Apps Marketplace     | Limited        |
| Vision / Glass Dev Kit         | Limited → High*|

High if used in Annex III contexts or for biometric identification.

3) Prohibited‑Use Triage (Art. 5)

File: 10-register/prohibited-triage.md

# Prohibited‑Use Triage — OMI.ME (evidence@DEMO_HASH)
- System: Conversation Capture → Decision: Allowed
  - Evidence: repo/README.md#L15–L21 (marketing scope)
- System: Memory & Summarization → Decision: Allowed
  - Evidence: repo/README.md#L18–L21
- System: Action & Integrations → Decision: Allowed
  - Evidence: repo/web/marketplace/README.md#L1–L40
- System: Persona & Apps Marketplace → Decision: Allowed
  - Evidence: repo/community-plugins.json#L1–L80
- System: Vision / Glass Dev Kit → Decision: Allowed (with constraints)
  - Evidence: repo/omiGlass/README.md#L1–L60

Checks completed:
- Social scoring of natural persons → Not observed
- Untargeted scraping of facial images → Not observed
- Emotion recognition in workplace/education → UNCONFIRMED (ask: "Do you detect/score emotions?")
- Real‑time remote biometric ID for law enforcement → Not in scope
- Manipulative/exploitative systems targeting vulnerable groups → Not observed