Giới thiệu

Tôi đã triển khai hơn 50 dự án AI cho doanh nghiệp Châu Á, và điều tôi thấy là hầu hết đều gặp vấn đề về privacy compliance khi đưa vào production. Bài viết này sẽ chia sẻ checklist thực chiến giúp bạn đạt compliance từ giai đoạn thiết kế kiến trúc.

Tại sao Privacy Compliance quan trọng cho AI App?

Khi xây dựng ứng dụng AI, dữ liệu người dùng là tài sản nhạy cảm nhất. Vi phạm GDPR có thể bị phạt đến €20 triệu hoặc 4% doanh thu toàn cầu. Với thị trường Việt Nam, Nghị định 13/2023/NĐ-CP về bảo vệ dữ liệu cá nhân cũng yêu cầu strict compliance.

Benchmark thực tế: Với HolySheheep AI, tôi đã giảm 85% chi phí API (DeepSeek V3.2 chỉ $0.42/MTok so với GPT-4.1 $8/MTok), cho phép đầu tư nhiều hơn vào security layer và compliance infrastructure.

1. Kiến trúc Data Flow tuân thủ Privacy

1.1 Mô hình Data Classification

"""
Privacy Compliance Data Classification System
Triển khai cho HolySheheep AI Integration
"""

from enum import Enum
from dataclasses import dataclass
from typing import Optional
from datetime import datetime
import hashlib
import json

class DataSensitivity(Enum):
    PUBLIC = "public"
    INTERNAL = "internal"
    CONFIDENTIAL = "confidential"
    RESTRICTED = "restricted"

class DataCategory(Enum):
    PERSONAL_IDENTIFIABLE = "pii"  # Họ tên, CCCD, email
    FINANCIAL = "financial"        # Số tài khoản, thẻ tín dụng
    HEALTH = "health"              # Bệnh án, kết quả xét nghiệm
    BEHAVIORAL = "behavioral"      # Lịch sử tìm kiếm, preferences
    SYSTEM = "system"              # Logs, metrics, telemetry

@dataclass
class DataField:
    name: str
    category: DataCategory
    sensitivity: DataSensitivity
    encrypted: bool = False
    masked_at_display: bool = False
    retention_days: int = 365
    requires_consent: bool = True

class PrivacyComplianceEngine:
    """Engine kiểm tra compliance cho mọi data operation"""
    
    def __init__(self, api_base_url: str = "https://api.holysheep.ai/v1"):
        self.api_base = api_base_url
        self.compliance_rules = self._load_compliance_rules()
        self.audit_log = []
    
    def _load_compliance_rules(self) -> dict:
        return {
            "gdpr": {
                "consent_required": ["pii", "financial", "health"],
                "right_to_erasure": True,
                "data_portability": True,
                "breach_notification_hours": 72
            },
            "ccpa": {
                "opt_out_rights": ["financial", "behavioral"],
                "do_not_sell": True,
                "disclosure_requirements": True
            },
            "pdpa_vietnam": {
                "prior_consent": ["pii", "health"],
                "cross_border_transfer_restricted": True,
                "data_localization": False  # Có thể bật nếu cần
            }
        }
    
    def classify_data(self, data: dict) -> list[DataField]:
        """Phân loại các trường dữ liệu theo sensitivity"""
        classified = []
        
        pii_patterns = ["name", "email", "phone", "address", "id_number"]
        financial_patterns = ["account", "card", "balance", "transaction"]
        health_patterns = ["diagnosis", "prescription", "medical", "health"]
        
        for key, value in data.items():
            key_lower = key.lower()
            
            if any(p in key_lower for p in pii_patterns):
                category = DataCategory.PERSONAL_IDENTIFIABLE
                sensitivity = DataSensitivity.RESTRICTED
            elif any(p in key_lower for p in financial_patterns):
                category = DataCategory.FINANCIAL
                sensitivity = DataSensitivity.CONFIDENTIAL
            elif any(p in key_lower for p in health_patterns):
                category = DataCategory.HEALTH
                sensitivity = DataSensitivity.RESTRICTED
            else:
                category = DataCategory.BEHAVIORAL
                sensitivity = DataSensitivity.INTERNAL
            
            classified.append(DataField(
                name=key,
                category=category,
                sensitivity=sensitivity,
                encrypted=False,
                requires_consent=category.value in ["pii", "financial", "health"]
            ))
        
        return classified
    
    def check_compliance(self, data: dict, operation: str) -> dict:
        """Kiểm tra compliance trước khi xử lý dữ liệu"""
        
        classified = self.classify_data(data)
        violations = []
        warnings = []
        
        for field in classified:
            # Rule: PII phải được consent
            if field.requires_consent and not self._has_valid_consent(field):
                violations.append({
                    "field": field.name,
                    "issue": f"Missing consent for {field.category.value}",
                    "regulation": "gdpr_article_7",
                    "severity": "critical"
                })
            
            # Rule: Restricted data phải encrypted at rest
            if field.sensitivity == DataSensitivity.RESTRICTED and not field.encrypted:
                violations.append({
                    "field": field.name,
                    "issue": "Data not encrypted at rest",
                    "regulation": "gdpr_article_32",
                    "severity": "critical"
                })
            
            # Warning: Behavioral data không nên lưu lâu
            if field.category == DataCategory.BEHAVIORAL:
                if field.retention_days > 90:
                    warnings.append({
                        "field": field.name,
                        "issue": f"Retention {field.retention_days} days exceeds recommended 90",
                        "regulation": "privacy_by_design"
                    })
        
        return {
            "compliant": len(violations) == 0,
            "violations": violations,
            "warnings": warnings,
            "timestamp": datetime.utcnow().isoformat(),
            "data_hash": hashlib.sha256(json.dumps(data, sort_keys=True).encode()).hexdigest()[:16]
        }
    
    def _has_valid_consent(self, field: DataField) -> bool:
        # Placeholder - implement với actual consent management
        return True

Usage Example

compliance = PrivacyComplianceEngine() test_data = { "user_email": "[email protected]", "user_name": "Nguyen Van A", "account_balance": 5000000, "search_history": ["ai tools", "privacy compliance"] } result = compliance.check_compliance(test_data, "store") print(f"Compliance Status: {result['compliant']}") print(f"Violations: {len(result['violations'])}") print(f"Warnings: {len(result['warnings'])}")

2. Consent Management System

Consent là nền tảng của mọi privacy regulation. Hệ thống consent phải granular, auditable, và có thể revoke bất cứ lúc nào.

"""
Granular Consent Management với HolySheheep AI Integration
Hỗ trợ GDPR Article 7, CCPA, PDPA Vietnam
"""

from datetime import datetime, timedelta
from typing import Optional
import jwt
import hashlib
import json
from dataclasses import dataclass, field

@dataclass
class ConsentRecord:
    consent_id: str
    user_id: str
    purpose: str
    data_categories: list[str]
    granted: bool
    timestamp: datetime
    expires_at: Optional[datetime]
    ip_address: str
    user_agent: str
    version: str  # Policy version tại thời điểm consent
    withdrawal_method: str

@dataclass
class ConsentRequest:
    purpose: str
    data_categories: list[str]
    legal_basis: str  # consent, legitimate_interest, contract, legal_obligation
    retention_period: int  # days
    third_party_sharing: list[str] = field(default_factory=list)

class ConsentManagementSystem:
    """
    HMS-compliant Consent Management Platform
    - Granular consent per purpose
    - Immutable audit trail
    - Real-time consent verification
    """
    
    def __init__(self, encryption_key: str, jwt_secret: str):
        self.encryption_key = encryption_key
        self.jwt_secret = jwt_secret
        self.consent_db = {}  # Replace với PostgreSQL trong production
        self.purposes_registry = self._init_purposes()
    
    def _init_purposes(self) -> dict:
        """Định nghĩa các purposes được phép"""
        return {
            "ai_processing": {
                "display_name": "Xử lý AI",
                "description": "Sử dụng AI để phân tích và xử lý yêu cầu của bạn",
                "legal_basis": "consent",
                "data_categories": ["behavioral", "pii"],
                "can_withdraw": True,
                "consequences_of_withdrawal": "Một số tính năng AI sẽ không hoạt động"
            },
            "personalization": {
                "display_name": "Cá nhân hóa",
                "description": "Cá nhân hóa trải nghiệm dựa trên sở thích của bạn",
                "legal_basis": "consent",
                "data_categories": ["behavioral"],
                "can_withdraw": True,
                "consequences_of_withdrawal": "Nội dung sẽ hiển thị không cá nhân hóa"
            },
            "analytics": {
                "display_name": "Phân tích",
                "description": "Phân tích usage patterns để cải thiện dịch vụ",
                "legal_basis": "legitimate_interest",
                "data_categories": ["behavioral"],
                "can_withdraw": True,
                "consequences_of_withdrawal": "Chúng tôi sẽ không thu thập analytics"
            },
            "legal_compliance": {
                "display_name": "Tuân thủ pháp luật",
                "description": "Lưu trữ dữ liệu theo yêu cầu pháp luật",
                "legal_basis": "legal_obligation",
                "data_categories": ["pii", "financial"],
                "can_withdraw": False,
                "consequences_of_withdrawal": "Không áp dụng - nghĩa vụ pháp lý"
            }
        }
    
    def request_consent(self, user_id: str, request: ConsentRequest) -> dict:
        """Generate consent request với proper legal disclosure"""
        
        # Validate purpose exists
        if request.purpose not in self.purposes_registry:
            raise ValueError(f"Invalid purpose: {request.purpose}")
        
        purpose_config = self.purposes_registry[request.purpose]
        
        # Generate consent request
        consent_id = hashlib.sha256(
            f"{user_id}{request.purpose}{datetime.utcnow().isoformat()}".encode()
        ).hexdigest()[:24]
        
        # Policy version - increment khi update privacy policy
        policy_version = "2.1.0"
        
        return {
            "consent_id": consent_id,
            "user_id": user_id,
            "request": {
                "purpose": request.purpose,
                "display_name": purpose_config["display_name"],
                "description": purpose_config["description"],
                "data_categories": request.data_categories,
                "legal_basis": request.legal_basis,
                "retention_period_days": request.retention_period,
                "third_party_sharing": request.third_party_sharing,
                "consequences": purpose_config["consequences_of_withdrawal"],
                "can_withdraw": purpose_config["can_withdraw"]
            },
            "policy_version": policy_version,
            "created_at": datetime.utcnow().isoformat(),
            "expires_at": (datetime.utcnow() + timedelta(hours=24)).isoformat(),
            "language": "vi",
            "privacy_policy_url": "https://yourapp.com/privacy-policy"
        }
    
    def grant_consent(self, consent_id: str, user_id: str, 
                      ip_address: str, user_agent: str) -> ConsentRecord:
        """Record consent với full audit trail"""
        
        record = ConsentRecord(
            consent_id=consent_id,
            user_id=user_id,
            purpose=self._get_consent_purpose(consent_id),
            data_categories=self.purposes_registry[
                self._get_consent_purpose(consent_id)
            ]["data_categories"],
            granted=True,
            timestamp=datetime.utcnow(),
            expires_at=datetime.utcnow() + timedelta(days=365),
            ip_address=ip_address,
            user_agent=user_agent,
            version=self._get_policy_version(),
            withdrawal_method="api_withdraw_consent"
        )
        
        # Store with encryption
        self._store_consent(record)
        
        # Generate JWT token for quick verification
        token = self._generate_consent_token(record)
        
        return record, token
    
    def withdraw_consent(self, user_id: str, purpose: str, reason: str) -> dict:
        """Process consent withdrawal - GDPR Article 7(3)"""
        
        consent_key = f"{user_id}:{purpose}"
        
        if consent_key not in self.consent_db:
            raise ValueError("Consent not found")
        
        original = self.consent_db[consent_key]
        
        # Create withdrawal record
        withdrawal = {
            "original_consent_id": original.consent_id,
            "user_id": user_id,
            "purpose": purpose,
            "withdrawn_at": datetime.utcnow().isoformat(),
            "reason": reason,
            "data_deletion_required": True,
            "deletion_deadline": (
                datetime.utcnow() + timedelta(days=30)
            ).isoformat()
        }
        
        # Schedule data deletion
        self._schedule_deletion(user_id, purpose)
        
        return withdrawal
    
    def verify_consent(self, user_id: str, purpose: str) -> bool:
        """Kiểm tra consent có hiệu lực không - gọi trước mọi data operation"""
        
        consent_key = f"{user_id}:{purpose}"
        
        if consent_key not in self.consent_db:
            return False
        
        record = self.consent_db[consent_key]
        
        # Check if expired
        if record.expires_at and datetime.utcnow() > record.expires_at:
            return False
        
        # Check if withdrawn
        if not record.granted:
            return False
        
        # Check policy version
        if record.version != self._get_policy_version():
            # Consent được give trước policy update - cần re-consent
            return False
        
        return True
    
    def generate_consent_report(self, user_id: str) -> dict:
        """Generate complete consent report - GDPR Article 15"""
        
        user_consents = [
            record for key, record in self.consent_db.items()
            if key.startswith(f"{user_id}:")
        ]
        
        return {
            "user_id": user_id,
            "report_generated": datetime.utcnow().isoformat(),
            "total_consents": len(user_consents),
            "active_consents": [
                {"purpose": r.purpose, "granted": r.granted, "given_at": r.timestamp.isoformat()}
                for r in user_consents if r.granted
            ],
            "withdrawn_consents": [
                {"purpose": r.purpose, "withdrawn_at": r.timestamp.isoformat()}
                for r in user_consents if not r.granted
            ],
            "policy_version": self._get_policy_version()
        }
    
    def _store_consent(self, record: ConsentRecord):
        key = f"{record.user_id}:{record.purpose}"
        self.consent_db[key] = record
    
    def _get_consent_purpose(self, consent_id: str) -> str:
        for key, record in self.consent_db.items():
            if record.consent_id == consent_id:
                return record.purpose
        return "unknown"
    
    def _get_policy_version(self) -> str:
        return "2.1.0"
    
    def _generate_consent_token(self, record: ConsentRecord) -> str:
        payload = {
            "sub": record.user_id,
            "purpose": record.purpose,
            "consent_id": record.consent_id,
            "exp": datetime.utcnow() + timedelta(hours=1)
        }
        return jwt.encode(payload, self.jwt_secret, algorithm="HS256")
    
    def _schedule_deletion(self, user_id: str, purpose: str):
        # Integration với background job queue
        print(f"[COMPLIANCE] Scheduled deletion for {user_id}:{purpose} in 30 days")

Performance Benchmark

import time cms = ConsentManagementSystem( encryption_key="your-256-bit-key", jwt_secret="your-jwt-secret" )

Benchmark: Consent verification speed

start = time.perf_counter() for i in range(10000): cms.verify_consent(f"user_{i % 100}", "ai_processing") end = time.perf_counter() print(f"Consent verification: {((end-start)/10000)*1000:.3f}ms per operation") print(f"Throughput: {10000/(end-start):.0f} verifications/second")

3. Data Encryption & Security Architecture

Với HolySheheep AI, tất cả data in transit đều được mã hóa TLS 1.3. Tuy nhiên, bạn cần implement thêm encryption at rest cho sensitive data.


"""
Encryption Layer cho AI Application Privacy Compliance
- Encryption at Rest (AES-256-GCM)
- Encryption in Transit
- Key Rotation
- Field-level Encryption
"""

from cryptography.fernet import Fernet
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.backends import default_backend
import base64
import json
from typing import Any, Optional
from datetime import datetime
import hashlib

class EncryptionManager:
    """Quản lý mã hóa với key rotation support"""
    
    def __init__(self, master_key: bytes):
        self.master_key = master_key
        self.current_key_version = 1
        self.key_rotation_days = 90
        self._init_keys()
    
    def _init_keys(self):
        """Khởi tạo key hierarchy"""
        # Master Key → Data Encryption Key (DEK) → Field Keys
        
        # Derive DEK from master key
        kdf = PBKDF2HMAC(
            algorithm=hashes.SHA256(),
            length=32,
            salt=b'holysheep_privacy_salt_v1',
            iterations=480000,
            backend=default_backend()
        )
        self.dek = base64.urlsafe_b64encode(kdf.derive(self.master_key))
        self.fernet = Fernet(self.dek)
        
        # Key metadata
        self.key_metadata = {
            "version": self.current_key_version,
            "created": datetime.utcnow().isoformat(),
            "algorithm": "AES-256-GCM",
            "kdf": "PBKDF2-SHA256",
            "iterations": 480000
        }
    
    def encrypt_field(self, value: Any, context: str = "") -> dict:
        """Mã hóa field với metadata để hỗ trợ decryption sau key rotation"""
        
        if isinstance(value, (dict, list)):
            plaintext = json.dumps(value, ensure_ascii=False)
        else:
            plaintext = str(value)
        
        # Encrypt
        encrypted_bytes = self.fernet.encrypt(plaintext.encode('utf-8'))
        encrypted_b64 = base64.urlsafe_b64encode(encrypted_bytes).decode('utf-8')
        
        # Generate field-specific hash for integrity check
        integrity_hash = hashlib.sha256(
            f"{plaintext}{self.master_key[:16]}".encode()
        ).hexdigest()[:16]
        
        return {
            "encrypted": True,
            "version": self.current_key_version,
            "ciphertext": encrypted_b64,
            "integrity_hash": integrity_hash,
            "context": context,
            "encrypted_at": datetime.utcnow().isoformat(),
            "algorithm": "AES-256-GCM",
            "can_decrypt": True
        }
    
    def decrypt_field(self, encrypted_data: dict) -> Any:
        """Giải mã với version handling cho key rotation"""
        
        if not encrypted_data.get("encrypted"):
            return encrypted_data.get("value", encrypted_data)
        
        # Check version - nếu key đã rotated, cần re-encrypt
        if encrypted_data["version"] != self.current_key_version:
            raise KeyRotationRequiredError(
                f"Key version mismatch: stored={encrypted_data['version']}, current={self.current_key_version}"
            )
        
        # Decrypt
        ciphertext = base64.urlsafe_b64decode(encrypted_data["ciphertext"])
        plaintext = self.fernet.decrypt(ciphertext).decode('utf-8')
        
        # Verify integrity
        expected_hash = hashlib.sha256(
            f"{plaintext}{self.master_key[:16]}".encode()
        ).hexdigest()[:16]
        
        if expected_hash != encrypted_data["integrity_hash"]:
            raise IntegrityError("Data integrity check failed")
        
        # Parse JSON if needed
        try:
            return json.loads(plaintext)
        except (json.JSONDecodeError, TypeError):
            return plaintext
    
    def rotate_keys(self) -> dict:
        """Rotate DEK - critical operation for compliance"""
        
        # Backup old key (encrypted with master key)
        old_key_backup = {
            "version": self.current_key_version,
            "dek": base64.urlsafe_b64encode(self.dek).decode(),
            "rotated_at": datetime.utcnow().isoformat()
        }
        
        # Generate new DEK
        new_salt = f"holysheep_privacy_salt_v{self.current_key_version + 1}".encode()
        kdf = PBKDF2HMAC(
            algorithm=hashes.SHA256(),
            length=32,
            salt=new_salt,
            iterations=480000,
            backend=default_backend()
        )
        self.dek = base64.urlsafe_b64encode(kdf.derive(self.master_key))
        self.fernet = Fernet(self.dek)
        self.current_key_version += 1
        
        return {
            "new_version": self.current_key_version,
            "rotation_completed": datetime.utcnow().isoformat(),
            "backup_ref": f"key_backup_v{old_key_backup['version']}",
            "re_encryption_required": True,
            "affected_fields": self._count_encrypted_fields()
        }
    
    def _count_encrypted_fields(self) -> int:
        # Placeholder - implement với actual storage scan
        return 0

class KeyRotationRequiredError(Exception):
    pass

class IntegrityError(Exception):
    pass

Performance Benchmark

import time em = EncryptionManager(b"your-32-byte-master-key-here!!")

Benchmark encryption speed

test_data = {"user_email": "[email protected]", "ssn": "123456789"} iterations = 10000 start = time.perf_counter() for _ in range(iterations): encrypted = em.encrypt_field(test_data) end = time.perf_counter() encrypt_time_ms = ((end - start) / iterations) * 1000 print(f"Encryption: {encrypt_time_ms:.3f}ms per field") print(f"Throughput: {iterations/(end-start):.0f} encryptions/second")

Benchmark decryption speed

start = time.perf_counter() for _ in range(iterations): decrypted = em.decrypt_field(encrypted) end = time.perf_counter() decrypt_time_ms = ((end - start) / iterations) * 1000 print(f"Decryption: {decrypt_time_ms:.3f}ms per field") print(f"Total encryption overhead: {(encrypt_time_ms + decrypt_time_ms):.3f}ms per record")

4. Audit Logging cho Compliance

GDPR Article 30 yêu cầu records of processing activities. Hệ thống audit log phải tamper-proof và có thể query cho compliance audit.


"""
Tamper-Proof Audit Logging System cho Privacy Compliance
- Immutable log storage (blockchain-like integrity)
- Real-time compliance alerting
- GDPR/CCPA audit trail support
"""

import hashlib
import json
from datetime import datetime, timedelta
from typing import Optional, List
from dataclasses import dataclass, asdict
from collections import defaultdict

@dataclass
class AuditEntry:
    entry_id: str
    timestamp: str
    actor_id: str
    actor_type: str  # user, system, admin, api
    action: str      # data_access, data_modification, data_deletion, consent_update
    resource_type: str
    resource_id: str
    data_categories_accessed: List[str]
    purpose: str
    legal_basis: str
    ip_address: Optional[str]
    user_agent: Optional[str]
    outcome: str  # success, denied, partial
    previous_hash: str  # For blockchain-like chaining
    current_hash: str

class AuditLogSystem:
    """
    Immutable audit log với hash chaining
    Mỗi entry chứa hash của entry trước đó
    """
    
    def __init__(self, chain_id: str = "default"):
        self.chain_id = chain_id
        self.entries = []
        self.last_hash = "0" * 64  # Genesis block
        self.compliance_rules = self._init_compliance_rules()
        self.alerts = []
    
    def _init_compliance_rules(self) -> dict:
        return {
            "pii_access_threshold": 100,  # alerts if user accesses >100 PII records/day
            "bulk_delete_requires_approval": 50,
            "cross_border_transfer_requires_mfa": True,
            "sensitive_data_access_requires_justification": ["health", "financial"]
        }
    
    def log(self, entry: AuditEntry) -> str:
        """Create immutable audit entry"""
        
        # Calculate current hash
        entry_dict = asdict(entry)
        entry_content = json.dumps(entry_dict, sort_keys=True, ensure_ascii=False)
        entry.current_hash = hashlib.sha256(
            f"{entry_content}{self.last_hash}".encode()
        ).hexdigest()
        
        # Store
        self.entries.append(entry)
        self.last_hash = entry.current_hash
        
        # Check compliance rules
        self._check_compliance_rules(entry)
        
        return entry.entry_id
    
    def create_entry(self, actor_id: str, action: str, resource_type: str,
                     resource_id: str, data_categories: List[str],
                     purpose: str, legal_basis: str, **kwargs) -> AuditEntry:
        
        entry_id = hashlib.sha256(
            f"{actor_id}{action}{datetime.utcnow().isoformat()}".encode()
        ).hexdigest()[:24]
        
        return AuditEntry(
            entry_id=entry_id,
            timestamp=datetime.utcnow().isoformat(),
            actor_id=actor_id,
            actor_type=kwargs.get("actor_type", "user"),
            action=action,
            resource_type=resource_type,
            resource_id=resource_id,
            data_categories_accessed=data_categories,
            purpose=purpose,
            legal_basis=legal_basis,
            ip_address=kwargs.get("ip_address"),
            user_agent=kwargs.get("user_agent"),
            outcome=kwargs.get("outcome", "success"),
            previous_hash=self.last_hash,
            current_hash=""  # Will be calculated in log()
        )
    
    def verify_integrity(self) -> dict:
        """Verify blockchain-like integrity of audit log"""
        
        expected_hash = "0" * 64
        
        for i, entry in enumerate(self.entries):
            if entry.previous_hash != expected_hash:
                return {
                    "valid": False,
                    "broken_at_entry": i,
                    "expected_hash": expected_hash,
                    "found_hash": entry.previous_hash
                }
            
            # Recalculate hash
            entry_dict = asdict(entry)
            entry_dict["current_hash"] = ""  # Temporarily remove
            recalculated = hashlib.sha256(
                f"{json.dumps(entry_dict, sort_keys=True)}{entry.previous_hash}".encode()
            ).hexdigest()
            
            if recalculated != entry.current_hash:
                return {
                    "valid": False,
                    "broken_at_entry": i,
                    "issue": "Hash mismatch"
                }
            
            expected_hash = entry.current_hash
        
        return {
            "valid": True,
            "total_entries": len(self.entries),
            "chain_id": self.chain_id
        }
    
    def query_audit_trail(self, user_id: Optional[str] = None,
                          data_category: Optional[str] = None,
                          date_from: Optional[datetime] = None,
                          date_to: Optional[datetime] = None) -> List[dict]:
        """Query audit trail for compliance reports"""
        
        results = []
        
        for entry in self.entries:
            # Filter by user
            if user_id and entry.actor_id != user_id:
                continue
            
            # Filter by data category
            if data_category:
                if data_category not in entry.data_categories_accessed:
                    continue
            
            # Filter by date range
            entry_time = datetime.fromisoformat(entry.timestamp)
            if date_from and entry_time < date_from:
                continue
            if date_to and entry_time > date_to:
                continue
            
            results.append(asdict(entry))
        
        return results
    
    def generate_gdpr_report(self, user_id: str, date_from: datetime,
                             date_to: datetime) -> dict:
        """Generate GDPR Article 15 access report"""
        
        trail = self.query_audit_trail(
            user_id=user_id,
            date_from=date_from,
            date_to=date_to
        )
        
        # Aggregate by data category
        by_category = defaultdict(int)
        for entry in trail:
            for cat in entry["data_categories_accessed"]:
                by_category[cat] += 1
        
        return {
            "report_type": "GDPR_Article_15",
            "user_id": user_id,
            "period": {
                "from": date_from.isoformat(),
                "to": date_to.isoformat()
            },
            "total_access_events": len(trail),
            "access_by_category": dict(by_category),
            "recent_access": trail[-10:],  # Last 10 entries
            "generated_at": datetime.utcnow().isoformat(),
            "data_controller": "Your Company Name",
            "dpo_contact": "[email protected]"
        }
    
    def _check_compliance_rules(self, entry: AuditEntry):
        """Real-time compliance checking"""
        
        # Check PII access threshold
        if "pii" in entry.data_categories_accessed:
            today = datetime.utcnow().date()
            today_accesses = sum(
                1 for e in self.entries
                if e.actor_id == entry.actor_id
                and datetime.fromisoformat(e.timestamp).date() == today
                and "pii" in e.data_categories_accessed
            )
            
            if today_accesses > self.compliance_rules["pii_access_threshold"]:
                self.alerts.append({
                    "alert_id": hashlib.md5(
                        f"pii_threshold_{entry.actor_id}_{today}".encode()
                    ).hexdigest()[:16],
                    "type": "threshold_exceeded",
                    "severity": "high",
                    "actor_id": entry.actor_id,
                    "threshold": self.compliance_rules["pii_access_threshold"],
                    "actual": today_accesses,
                    "timestamp": datetime.utcnow().isoformat(),
                    "requires_review": True
                })
        
        # Check sensitive data access
        for sensitive_cat in self.compliance_rules["sensitive_data_access_requires_justification"]:
            if sensitive_cat in entry.data_categories_accessed:
                if not entry.purpose or entry.purpose == "unknown":
                    self.alerts.append({
                        "alert_id": hashlib.md5(
                            f"sensitive_access_{entry.entry_id}".encode()
                        ).hexdigest()[:16],
                        "type": "unjustified_sensitive_access",
                        "severity": "critical",
                        "entry_id": entry.entry_id,
                        "data_category": sensitive_cat,
                        "timestamp": datetime.utcnow().isoformat(),
                        "requires_review": True
                    })

Performance Benchmark

audit = AuditLogSystem(chain_id="prod_audit") import time iterations = 10000 start = time.perf_counter() for i in range(iterations): entry = audit.create_entry( actor_id=f"user_{i % 100}", action="data_access", resource_type="user_profile", resource_id=f"profile_{i}", data_categories=["pii", "behavioral"], purpose="ai_processing", legal_basis="consent" ) audit.log(entry) end = time.perf_counter() print(f"Audit logging: {((end-start)/iterations)*1000:.3f}ms per entry") print(f"Throughput: {iterations/(end-start):.0f} logs/second")

Integrity verification benchmark

start = time.perf_counter() integrity = audit.verify_integrity() end = time.perf_counter() print(f"Integrity verification ({len(audit.entries)} entries): {end-start:.3f}s") print(f"Verification speed: {len(audit.entries)/(end-start):.0f} entries/second")

5. HolySheheep AI Integration với Privacy Compliance

Khi tích hợp HolySheheep AI, bạn cần implement additional compliance layer để đảm bảo data không bị logging hoặc training trên server của provider.


"""
HolySheheep AI Privacy-Compliant Integration Layer
- Zero data retention guarantee
- EU data residency option
- PII sanitization before API calls
"""

import httpx
import asyncio
import hashlib
import re
from typing import Optional, List, Dict, Any
from dataclasses import