Merge pull request #128 from Hack23/copilot/analyse-cia-data-download

Fix translations for all 14 languages and complete dynamic statistics implementation

Author: pethers

.github/skills/iso-27001-controls/SKILL.md

@@ -84,9 +84,19 @@ Access: Open to all users
 ```
 
 **A.8.11 - Data Masking**
-- ✅ No personal data collected
-- ✅ No cookies or tracking
-- ✅ External links only (no PII stored)
+- ❌ NOT applicable to Riksdagsmonitor
+- **Reason**: A.8.11 applies to masking sensitive data in non-production environments
+- **Context**: Riksdagsmonitor processes only **public government data** (Swedish Offentlighetsprincipen)
+- **Data Type**: Public officials in official capacity (MPs, ministers, voting records, parliamentary documents)
+- **Legal Basis**: GDPR Article 6(1)(e) public interest, Article 9(2)(e) manifestly public political opinions
+- **Journalist Exemption**: Swedish Press Freedom Act (Tryckfrihetsförordningen)
+- **No Masking Needed**: All data is public, no test environments with production data copies
+
+**More Appropriate Controls**:
+- ✅ **A.5.33** - Protection of records (source attribution, audit trails via Git)
+- ✅ **A.5.34** - Privacy and protection of PII (public officials, official capacity only)
+- ✅ **A.8.10** - Information deletion (retention policies, no excessive storage)
+- ✅ **A.8.19** - Security of information in use (HTTPS-only, CSP headers)
 
 **A.8.23 - Web Filtering**
 ```html

.github/skills/osint-methodologies/SKILL.md

@@ -64,14 +64,32 @@ The **riksdag-regering-mcp** MCP server provides 32 specialized tools:
 ## ISMS Compliance
 
 ### ISO 27001:2022
-- **A.5.10**: Acceptable use (objective, non-partisan)
-- **A.5.33**: Protection of records (source attribution)
-- **A.8.8**: Technical vulnerabilities (API monitoring)
+- **A.5.10**: Acceptable use (objective, non-partisan journalism)
+- **A.5.33**: Protection of records (source attribution, audit trails)
+- **A.5.34**: Privacy and PII (public officials in official capacity only)
+- **A.8.8**: Technical vulnerabilities (API monitoring, dependency scanning)
+- **A.8.10**: Information deletion (documented retention policies)
+- **A.8.19**: Security in use (HTTPS-only, CSP headers)
+
+**Not Applicable**:
+- **A.8.11 (Data Masking)**: NOT applicable - processes only public government data,
+  no sensitive data requiring masking, journalist/OSINT platform covering public officials
 
 ### NIST CSF 2.0
-- **ID.AM-5**: Resources prioritized by classification
-- **PR.DS-5**: Protections against data leaks
-- **DE.CM-1**: Network monitored for events
+- **ID.AM-5**: Resources prioritized by classification (PUBLIC data only)
+- **PR.DS-5**: Protections against data leaks (HTTPS-only, public data)
+- **DE.CM-1**: Network monitored for events (CI/CD security scanning)
+
+### GDPR Compliance
+- **Article 6(1)(e)**: Public interest processing (democratic transparency, political accountability)
+- **Article 6(1)(f)**: Legitimate interests (journalistic purposes, transparency)
+- **Article 9(2)(e)**: Political opinions manifestly made public (voting records, party affiliation)
+- **Article 9(2)(g)**: Processing for substantial public interest (journalism exemption)
+
+### Swedish Law
+- **Offentlighetsprincipen**: Constitutional right to access public documents (Tryckfrihetsförordningen 2:1)
+- **Press Freedom Act**: Journalist exemption for covering public officials
+- **Public Officials**: Reduced privacy expectations for official government activities
 
 ## References
 

.github/workflows/update-cia-stats.yml

@@ -0,0 +1,197 @@
+name: Update CIA Production Statistics
+
+# Schedule: Daily at 03:00 CET (after CIA extraction at 02:57)
+# Manual trigger: Allow manual workflow dispatch for testing
+on:
+  schedule:
+    # Run at 03:00 CET (02:00 UTC winter, 01:00 UTC summer due to DST)
+    # Using 02:00 UTC for consistency (safe buffer after 02:57 extraction)
+    - cron: '0 2 * * *'
+  workflow_dispatch: # Allow manual trigger
+    inputs:
+      force_update:
+        description: 'Force update even if cache is fresh'
+        required: false
+        type: boolean
+        default: false
+
+permissions:
+  contents: write # Required to commit and push updated statistics
+
+jobs:
+  update-stats:
+    name: Fetch and Update CIA Production Statistics
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
+        with:
+          egress-policy: audit # Monitor network activity
+          allowed-endpoints: >
+            api.github.com:443
+            github.com:443
+            raw.githubusercontent.com:443
+            registry.npmjs.org:443
+            objects.githubusercontent.com:443
+      
+      - name: Checkout repository
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          fetch-depth: 1
+      
+      - name: Setup Node.js
+        uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
+        with:
+          node-version: '24'
+          cache: 'npm'
+      
+      - name: Install dependencies
+        run: npm ci
+      
+      - name: Fetch CIA production statistics
+        id: fetch_stats
+        run: |
+          echo "Fetching CIA production statistics..."
+          node scripts/load-cia-stats.js
+          
+          # Check if stats file was created/updated
+          if [ -f "cia-data/production-stats.json" ]; then
+            echo "stats_fetched=true" >> $GITHUB_OUTPUT
+            
+            # Extract key statistics for summary
+            TOTAL_PERSONS=$(jq -r '.counts.total_persons' cia-data/production-stats.json)
+            TOTAL_VOTES=$(jq -r '.counts.total_votes' cia-data/production-stats.json)
+            LAST_UPDATED=$(jq -r '.metadata.last_updated' cia-data/production-stats.json)
+            
+            echo "total_persons=$TOTAL_PERSONS" >> $GITHUB_OUTPUT
+            echo "total_votes=$TOTAL_VOTES" >> $GITHUB_OUTPUT
+            echo "last_updated=$LAST_UPDATED" >> $GITHUB_OUTPUT
+            
+            echo "✅ Statistics fetched successfully"
+            echo "  Total Persons: $TOTAL_PERSONS"
+            echo "  Total Votes: $TOTAL_VOTES"
+            echo "  Last Updated: $LAST_UPDATED"
+          else
+            echo "stats_fetched=false" >> $GITHUB_OUTPUT
+            echo "❌ Failed to fetch statistics"
+            exit 1
+          fi
+      
+      - name: Update website files
+        id: update_files
+        if: steps.fetch_stats.outputs.stats_fetched == 'true'
+        run: |
+          echo "Updating website files with new statistics..."
+          node scripts/update-stats-from-cia.js
+          
+          # Check if any files were modified
+          if git diff --quiet; then
+            echo "files_changed=false" >> $GITHUB_OUTPUT
+            echo "ℹ️  No changes needed - statistics are already up to date"
+          else
+            echo "files_changed=true" >> $GITHUB_OUTPUT
+            
+            # Count changed files
+            CHANGED_FILES=$(git diff --name-only | wc -l)
+            echo "changed_count=$CHANGED_FILES" >> $GITHUB_OUTPUT
+            
+            echo "✅ Updated $CHANGED_FILES files"
+            git diff --stat
+          fi
+      
+      - name: Commit and push changes
+        if: steps.update_files.outputs.files_changed == 'true'
+        run: |
+          git config --global user.name "github-actions[bot]"
+          git config --global user.email "github-actions[bot]@users.noreply.github.com"
+          
+          git add cia-data/production-stats.json
+          git add index*.html
+          
+          # Create commit message with statistics
+          cat > /tmp/commit_msg.txt << EOF
+          Update statistics from CIA production database
+          
+          Automated daily update from extraction_summary_report.csv
+          
+          Statistics:
+          - Total Persons: ${{ steps.fetch_stats.outputs.total_persons }}
+          - Total Votes: ${{ steps.fetch_stats.outputs.total_votes }}
+          - Last Updated: ${{ steps.fetch_stats.outputs.last_updated }}
+          - Files Changed: ${{ steps.update_files.outputs.changed_count }}
+          
+          Source: https://github.com/Hack23/cia/blob/master/service.data.impl/sample-data/extraction_summary_report.csv
+          Workflow: .github/workflows/update-cia-stats.yml
+          EOF
+          
+          git commit -F /tmp/commit_msg.txt
+          git push
+          
+          echo "✅ Changes committed and pushed"
+      
+      - name: Create summary
+        if: always()
+        run: |
+          echo "## CIA Production Statistics Update" >> $GITHUB_STEP_SUMMARY
+          echo "" >> $GITHUB_STEP_SUMMARY
+          
+          if [ "${{ steps.fetch_stats.outputs.stats_fetched }}" == "true" ]; then
+            echo "### ✅ Statistics Fetched Successfully" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "| Metric | Value |" >> $GITHUB_STEP_SUMMARY
+            echo "|--------|-------|" >> $GITHUB_STEP_SUMMARY
+            echo "| Total Persons | ${{ steps.fetch_stats.outputs.total_persons }} |" >> $GITHUB_STEP_SUMMARY
+            echo "| Total Votes | ${{ steps.fetch_stats.outputs.total_votes }} |" >> $GITHUB_STEP_SUMMARY
+            echo "| Last Updated | ${{ steps.fetch_stats.outputs.last_updated }} |" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            
+            if [ "${{ steps.update_files.outputs.files_changed }}" == "true" ]; then
+              echo "### 📝 Files Updated" >> $GITHUB_STEP_SUMMARY
+              echo "" >> $GITHUB_STEP_SUMMARY
+              echo "Updated ${{ steps.update_files.outputs.changed_count }} files with new statistics." >> $GITHUB_STEP_SUMMARY
+              echo "" >> $GITHUB_STEP_SUMMARY
+              echo "Changes committed and pushed to repository." >> $GITHUB_STEP_SUMMARY
+            else
+              echo "### ℹ️ No Changes Needed" >> $GITHUB_STEP_SUMMARY
+              echo "" >> $GITHUB_STEP_SUMMARY
+              echo "Statistics are already up to date." >> $GITHUB_STEP_SUMMARY
+            fi
+          else
+            echo "### ❌ Statistics Fetch Failed" >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "Failed to fetch statistics from CIA production database." >> $GITHUB_STEP_SUMMARY
+            echo "" >> $GITHUB_STEP_SUMMARY
+            echo "Check workflow logs for details." >> $GITHUB_STEP_SUMMARY
+          fi
+          
+          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "**Source:** [extraction_summary_report.csv](https://github.com/Hack23/cia/blob/master/service.data.impl/sample-data/extraction_summary_report.csv)" >> $GITHUB_STEP_SUMMARY
+      
+      - name: Notify on failure
+        if: failure()
+        run: |
+          echo "❌ Workflow failed - check logs for details"
+          echo "This may indicate:"
+          echo "  - Network connectivity issues"
+          echo "  - CIA extraction_summary_report.csv unavailable"
+          echo "  - Parse errors in CSV format"
+          echo "  - File write permission issues"
+
+# ISMS Compliance
+# - ISO 27001:2022 A.5.33 - Protection of records (audit trails via Git, source attribution)
+# - ISO 27001:2022 A.8.3 - Information lifecycle management (automated daily updates)
+# - ISO 27001:2022 A.8.10 - Information deletion (proper retention policies, no excessive storage)
+# - ISO 27001:2022 A.8.19 - Security in use (HTTPS-only data transmission)
+# - NIST CSF 2.0 PR.DS-5 - Data integrity (automated validation checks)
+# - NIST CSF 2.0 DE.CM-1 - Network monitoring (harden-runner egress auditing)
+# - CIS Control 3.1 - Data inventory (documented public data sources)
+# - CIS Control 3.14 - Data integrity validation (automated verification)
+# - GDPR Article 6(1)(e) - Public interest processing (democratic transparency, political accountability)
+# - GDPR Article 9(2)(e) - Political opinions manifestly made public (voting records, party affiliation)
+# - Swedish Offentlighetsprincipen - Public access to government information (constitutional right)
+#
+# Note: A.8.11 (Data Masking) NOT applicable - processes only public government data from
+# Swedish Riksdag/Government. No sensitive data requiring masking. Journalist/OSINT platform
+# covering public officials in official capacity, protected by Press Freedom Act (Tryckfrihetsförordningen).

README.md

@@ -119,10 +119,12 @@ See [SECURITY_ARCHITECTURE.md](SECURITY_ARCHITECTURE.md) for detailed security c
 
 ## ✨ Features
 
-- **349 Members of Parliament** - Individual MP tracking and performance metrics
+- **349 Current MPs** - Individual MP tracking and performance metrics
+- **2,494 Historical Politicians** - Complete database from 1971-2024 (50+ years)
 - **8 Political Parties** - Party performance, coalition dynamics, voting patterns
 - **45 Risk Rules** - Systematic transparency through behavioral analysis
-- **50+ Years of Data** - Historical trends and longitudinal analysis (1971-2024)
+- **3.5+ Million Votes** - Comprehensive voting record analysis
+- **109,000+ Documents** - Parliamentary documents processed and analyzed
 
 ## 🌐 Live Platform
 
@@ -135,7 +137,27 @@ See [SECURITY_ARCHITECTURE.md](SECURITY_ARCHITECTURE.md) for detailed security c
 
 ## 📊 CIA Data Products Integration
 
-Riksdagsmonitor integrates with the CIA platform through automated schema validation and data quality assurance.
+Riksdagsmonitor integrates with the CIA platform through automated data pipelines, schema validation, and daily statistics updates.
+
+### Production Database Statistics
+
+**Live Statistics** (Updated Daily at 03:00 CET):
+- **2,494 Politicians** - Complete historical database (1971-2024)
+- **349 Current MPs** - Active Members of Parliament
+- **3.5+ Million Votes** - Comprehensive voting records
+- **109,000+ Documents** - Parliamentary documents processed
+- **8,740 Committee Documents** - Committee work tracked
+- **2,308 Rule Violations** - Transparency issues identified
+
+**Data Source**: [extraction_summary_report.csv](https://github.com/Hack23/cia/blob/master/service.data.impl/sample-data/extraction_summary_report.csv)  
+**Update Schedule**: Daily automated fetch via GitHub Actions  
+**Last Extraction**: See `cia-data/production-stats.json` → `metadata.last_updated` (updated daily)
+
+**Implementation**:
+- `scripts/load-cia-stats.js` - Fetches and parses production statistics
+- `scripts/update-stats-from-cia.js` - Updates website files
+- `.github/workflows/update-cia-stats.yml` - Automated daily workflow
+- `cia-data/production-stats.json` - Cached statistics (24-hour freshness)
 
 ### Schema Integration
 - **Automated Validation** - All CIA exports validated against JSON schemas