Open-source compliance guidance for generative music systems.
EU AI Act Β· GDPR Β· European Accessibility Act Β· WCAG 2.2
This repository holds the source content for the Guidance on Personal Data in Generative Music Systems (v1.0, Dec 2025) β a practitioner-level reference for artists, engineers, and music-tech companies working with AI in sound.
Status: Published v1.0. Some content points are still being finalised and open to expert review. This is a living document under version control; corrections and worked examples from practitioners are welcome.
Music AI Vault is one part of a larger side project called Navigator, a small toolkit for music-AI compliance:
- Guide (this repo) β creator-side reference, published Dec 2025
- Navigator web app β decision-tree compliance tool, live prototype (repo)
- Handbook β developer-facing companion, currently being drafted
- Backend V2 β production version with auto-updating regulation feeds, in development with a collaborating engineer
Full case study and context: portfolio case study (replace with exact URL).
Navigator is an exemplary, open side project. Orientation, not legal advice. Practitioner-to-practitioner β not a product, not a consultancy offering.
Music AI Document.mdβ the full guidelines. Start here.- Appendices β DPIA template, model card template, consent withdrawal flow.
- Req ID structure:
LB-(lawful basis),DP-(data protection by design),TR-(transparency),FB-(fairness & bias), so requirements are individually citeable from other artifacts. - Markdown source is the canonical format. The published PDF is rendered from it; the HTML version is preferred for assistive technology.
If you just want to read the Guide, the rendered PDF is the easiest entry point. It lives in the portfolio repo and on the case study page linked above.
- Install Obsidian from obsidian.md.
- Clone this repo:
git clone https://github.com/Pi-Kay/Music-AI-Vault.git - In Obsidian, choose Open folder as vault and select the cloned folder.
- Open
Music AI Document.mdto start. Use the graph view to see how sections cross-reference.
All content is readable as plain Markdown directly on GitHub β no Obsidian required.
A few decisions that shape the Guide, so readers can tell what framing they're reading:
- Audience is creator-side. Artists, small labels, indie platforms. A forthcoming companion handbook takes the developer-side view for music-tech teams.
- Risk-tier framing is creator-protective. Where the AI Act leaves room for interpretation, the Guide leans toward stronger protections for creators. The companion handbook, aimed at developers, takes a reading closer to prevailing industry practice. Both are defensible; they're different lenses on the same regulations.
- Orientation, not legal advice. The Guide helps you understand when you need to act and when to consult counsel. It does not replace legal advice.
- WCAG 2.2 AA is a baseline, not an aspiration. Accessibility is treated as a first-class requirement, not a bolt-on.
A decision log for open framing questions is tracked in repository issues under the editorial label.
Corrections, disagreements, and worked examples from practitioners are genuinely welcome. Two ways in:
- Open an issue for anything you think is wrong, unclear, or out of date. Tag with
correction,clarification, orupdateas appropriate. - Submit a pull request for concrete edits. Small edits are fine as single commits. For larger structural changes, please open an issue first so we can talk about fit before you invest time.
Contributions must be compatible with the Guide's licence (below).
Β© 2025 Petra KΓΌhnle. Licensed under Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0).
You are free to share and adapt this work, including commercially, provided you give appropriate credit and distribute derivative works under the same licence. See LICENSE.md for the full legal text or visit creativecommons.org/licenses/by-sa/4.0/.
Written in Markdown, managed as a linked knowledge base in Obsidian, version-controlled with Git. Published PDF rendered from Markdown source. AI-assisted research with primary-source verification by the author.