Major expansion of compliance-framework-reference.org from 4 frameworks (HIPAA,
SOC 2, GDPR, FedRAMP) to ~33 frameworks covering:
US: SOX, GLBA, NY DFS 500, CCPA/CPRA, Quebec Law 25
UK/EU: UK GDPR, NIS2, EU AI Act, DORA, eIDAS 2.0, CRA
Asia-Pacific: APPI (Japan), ISMAP (Japan), PIPA (South Korea),
Privacy Act/Australia, APRA CPS 234, IRAP, DPDP Act (India)
Latin America: LGPD (Brazil), LFPDPPP (Mexico)
International: ISO 27001, ISO 27701, Basel III, FATF AML/CFT,
IFRS 17, OECD Privacy/AI Principles, World Bank ESF, IFC PS,
UN/CEFACT
Each entry: what it is, who must comply, penalties, first-mover
advantage analysis. Added First-Mover Window Analysis table
(Critical/Wide/Mature/Latent) and Expanded Revenue Table with
30+ rows mapping framework → price → addressable orgs → revenue
potential → window → gate rule type.
Replaced bottom-of-section 'See also' blocks with inline Org-mode file: links
at the first natural mention of each concept, wiki-style. Links now live in
the body text — compute-marketplace, verification-monopoly, domain-gate-packages,
infrastructure-lock-in, evaluation-harness all linked at their first relevant
usage per section.
Each framework defined with: what it is, who must comply, penalties,
relevance to the triad revenue model. Revenue table at bottom maps
each to gate package price, what it buys, and the buyer segment.
Cross-references the full economics knowledge base.
