L
← App Prototypes
App Prototypes 2026-06-06

Disclosure Desk

Disclosure Desk
Prototype
Open standalone ↗

DisclosureDesk

Tell me which 2026 AI laws apply to the tools my business already uses — and generate the notices I owe.

Date: 2026-06-06 Form factor: Web app (single-page; mobile-friendly) Status: Prototype

What it is

DisclosureDesk is a compliance cockpit for small businesses that quietly adopted AI — a support chatbot, a resume screener, a dynamic-pricing engine, marketing personalization — and now face a wall of new 2026 disclosure laws. You list the AI tools you use; DisclosureDesk maps each one to the specific laws it triggers by jurisdiction and use case, scores how ready you are, and hands you paste-ready consumer notices for the gaps.

Who it serves

The owner or ops/HR lead at a 10–200 person company that uses a handful of AI tools but has no in-house counsel and no budget for a $400/hour privacy lawyer to answer "do these new AI laws even apply to us?" They need a concrete answer — which law, which tool, what to do, by when — not a 40-page whitepaper.

Why it could be profitable

Freemium B2B SaaS. Free tier: build your AI inventory and see which obligations you trigger. Paid tier ($29–$99/mo): generate and version the required disclosure notices, multi-jurisdiction coverage, audit-ready PDF export, deadline reminders, and automatic re-checks when the law list changes. The demand is structural and timely: a wave of US state AI laws took effect or approaches enforceability in 2026 — Illinois HB 3773 and California AB 2013 on Jan 1, 2026, the Colorado AI Act on Jun 30, 2026, California's ADMT pre-use-notice rules phasing through 2026–2027, and the EU AI Act's Article 50 transparency duties on Aug 2, 2026 — and most SMBs have no inventory of where AI runs, who owns it, or which disclosures they owe (King & Spalding, Kiteworks). Penalties are real money — up to $20,000 per violation in Colorado and $5,000 per day under California SB 942 — which makes a sub-$100/month tool an easy yes.

Form factor & scope

A self-contained web app. The prototype demonstrates the core loop end to end: an editable AI inventory, a live rules engine that resolves obligations from (jurisdiction × use case), a readiness gauge with illustrative penalty exposure, and a notice generator. A production version would add accounts, persistence, a continuously-maintained legal rules database, lawyer-reviewed notice templates, and reminders.

How to run it

  1. Open index.html in any modern browser — no server, no build step. (Sample data is embedded inline so it works straight from file://; the same data also lives in sample-data.json, which the app fetches when served over http.)
  2. Click any system in the AI inventory to focus it and load its notice.
  3. Toggle obligations between open and Done to watch the readiness gauge, open count, and exposure update live.
  4. Use + Add AI system to add your own tool (pick a use case and the regions its users live in) and see what it triggers.
  5. In Notice generator, set your company name and rights-contact, pick a system, and Copy notice.
  6. Hit Export checklist to print/save just the obligations list.

What's in this prototype

  • AI inventory (left) — five seeded systems (support chatbot, resume screener, dynamic pricing, email/ad personalization, loan pre-qualifier), each with vendor, use case, jurisdictions, and an open/clear badge. Add and remove your own.
  • Obligations (center) — the rules engine resolves each system against a catalog of seven real 2026 laws, grouped by law with the triggering systems, the plain-English requirement, deadline, penalty, and a source link. A readiness gauge, open count, next deadline, and illustrative exposure sit on top; mark items done to update them.
  • Notice generator (right) — produces a paste-ready consumer disclosure tailored to the selected system's use case, with your company and contact merged in.
  • Sample datasample-data.json holds the law catalog, use cases, jurisdictions, notice templates, and the starter inventory.

Roadmap

  • Continuously-maintained legal rules database with effective-date tracking and change alerts when a law moves.
  • Lawyer-reviewed, jurisdiction-specific notice templates with versioning and an audit trail.
  • Account persistence, team roles, and per-system owners with reminder emails before deadlines.
  • Integrations (HRIS, helpdesk, ad platforms) to auto-discover AI systems instead of manual entry.
  • Audit-ready export (PDF/CSV) and a shareable "AI compliance posture" report for customers and partners.

Sources

Requirements

DisclosureDesk — Requirements

Goals

  • Let a non-lawyer answer "which 2026 AI laws apply to the tools my business uses?" in under five minutes.
  • Turn a vague obligation ("disclose AI use") into a concrete, trackable checklist tied to specific tools, deadlines, and penalties.
  • Produce paste-ready consumer disclosure notices so the user can act, not just learn.
  • Make compliance progress visible and motivating (readiness score, open count, illustrative exposure).

Primary user

The owner, ops lead, or HR/People manager at a 10–200 person company that uses several AI tools (chatbot, hiring screener, pricing, personalization) but has no in-house legal team. They are comfortable with software, time-poor, and risk-aware once they see a dollar figure. Job-to-be-done: "Show me exactly what I'm on the hook for and what to do about it."

Functional requirements

  • FR1: Maintain an inventory of AI systems, each with a name, vendor/source, use case, owning team, and the jurisdictions where its users live.
  • FR2: Let the user add and remove systems; recompute everything live.
  • FR3: Maintain a catalog of AI laws, each with jurisdiction, applicable use cases, deadline, severity, plain-English requirement, detail, penalty, and a source URL.
  • FR4: Resolve obligations by intersecting each system's jurisdictions and use case with the law catalog (jurisdiction match AND use-case match → triggered).
  • FR5: Group triggered obligations by law and list which systems trigger each.
  • FR6: Let the user mark an obligation done / not done and persist that state within the session.
  • FR7: Seed "done" state from each system's recorded metObligations (a law is done only if every triggering system has met it).
  • FR8: Show a readiness gauge (% of triggered obligations done) that changes color by band.
  • FR9: Show summary stats: obligations triggered, still open, next deadline among open items, and illustrative penalty exposure.
  • FR10: Mark obligations already in force vs. with a future deadline, and flag high-priority laws.
  • FR11: Generate a consumer disclosure notice tailored to a selected system's use case, merging in company name and rights contact.
  • FR12: Copy the generated notice to the clipboard.
  • FR13: Filter the obligations list to show only open items.
  • FR14: Export/print a clean checklist of obligations (hide chrome, keep the obligations).
  • FR15: Run entirely client-side from file:// with no build step, network calls, or API keys.

User stories

  • As an owner, I want to list the AI tools we use, so that I get a single map of where AI runs in my business.
  • As an HR lead, I want to know that our resume screener triggers Illinois and Colorado rules, so that I post the right applicant notice before a deadline.
  • As an ops lead, I want a readiness score and an exposure figure, so that I can justify spending time on this to leadership.
  • As a marketer, I want a ready-made personalization/AI-content notice, so that I can paste it into our site without drafting legalese.
  • As a founder, I want to see the next deadline at a glance, so that I prioritize what's urgent.
  • As a support manager, I want to mark the EU chatbot disclosure as done, so that the dashboard reflects reality.
  • As a user, I want to add a tool we just adopted and instantly see what it triggers, so that compliance keeps pace with new AI.

Non-functional requirements

  • Self-contained: opens directly from file://; all third-party assets (a web font) load over HTTPS from a public CDN.
  • Accessible: semantic landmarks, labelled controls, keyboard-operable buttons, live region for copy feedback, and sufficient contrast.
  • Responsive: three-column desktop layout collapses to a single column on narrow screens.
  • Transparent about limits: every screen states this is illustrative and not legal advice; each obligation links to a source.
  • Performance: instant recompute on any change (catalog is small; pure in-memory).

Out of scope (for the prototype)

  • Real user accounts, authentication, and cross-session persistence.
  • A legally authoritative, continuously-updated rules database (the catalog is a hand-built sample).
  • Lawyer-reviewed, jurisdiction-perfect notice wording.
  • Automatic discovery of AI systems via integrations.
  • Server-side PDF generation, reminders, or billing.

Open questions

  • How granular should jurisdictions be (state-level vs. country-level vs. per-city ordinances like NYC Local Law 144)?
  • Should exposure be a single illustrative figure or a modeled range with assumptions exposed?
  • What's the right cadence and source for keeping the law catalog current and trustworthy?
  • Do users want notices as copyable text, downloadable snippets, or embeddable widgets?
  • How do we handle a system that spans many use cases (e.g., a chatbot that also makes pricing decisions)?

More from App Prototypes

Span Track
Span Track
2026-06-21
Clear Label
Clear Label
2026-06-18
Stack Diary
Stack Diary
2026-06-14
Career Flux
Career Flux
2026-06-11
Rate Scout
Rate Scout
2026-06-07
Ai Act Ready
Ai Act Ready
2026-06-06
Harden Up
Harden Up
2026-06-04
Tariff Radar
Tariff Radar
2026-06-02
Agent Leash
Agent Leash
2026-05-31
Layoff Ledger
Layoff Ledger
2026-05-30
Rebate Stack
Rebate Stack
2026-05-17
Fair Fare
Fair Fare
2026-05-14