'Government Cloud Procurement' as precursor of procurement gatekeeping? -- re McGillivray (2022)

I have started reading K McGillivray, Government Cloud Procurement. Contracts, Data Protection, and the Quest for Compliance (Cambridge University Press 2022), which promises to be a big addition to the literature on the procurement of digital technologies. One of the key issues the book explores at length is the central role that public contracts play in filling (some of the) regulatory gaps left by the absence of legislation addressing the challenges of cloud computing.

This got me thinking that this gap-filling function of public contracts in the cloud sphere is reflective of the broader role that procurement procedures and the ensuing public contracts are starting to develop in relation to other types of digital technology—notably, artificial intelligence (AI).

Procurement regulation will increasingly (be expected to) play a crucial gatekeeping role in the adoption of digital technologies for public governance and public service delivery. As rightly stressed: ‘The rules governing the acquisition of algorithmic systems by governments and public agencies are an important point of intervention in ensuring their accountable use’ [Ada Lovelace Institute, AI Now Institute and Open Government Partnership, Algorithmic Accountability for the Public Sector (August 2021) 33]. Ultimately, contracts and other arrangements for the development and acquisition of digital solutions are the entry point into the public sector for these innovations, and the procurement rules can be either a catalyst or a hindrance to co-production and experimentation with digital governance solutions.

The gatekeeping role of procurement underpinned eg one of the recommendations of the UK’s Committee on Standards in Public Life, in its report on Artificial Intelligence and Public Standards: ‘Government should use its purchasing power in the market to set procurement requirements that ensure that private companies developing AI solutions for the public sector appropriately address public standards. This should be achieved by ensuring provisions for ethical standards are considered early in the procurement process and explicitly written into tenders and contractual arrangements’ (2020: 51). A variation of the gatekeeping approach can concentrate on procurement practice and the embedding of specific controls as a matter of public buyer deontology [see P Oluka Nagitta et al., ‘Human-centered artificial intelligence for the public sector: The gate keeping role of the public procurement professional’ (2022) 200 Procedia Computer Science 1084-1092].

There is thus a growing recognition of the pragmatic utility of leveraging procurement mechanisms to ensure transparency and accountability in algorithmic systems, particularly considering that these systems play a crucial role in policymaking and decision-making by public agencies [DK Mulligan and KA Bamberger, ‘Procurement as policy: Administrative process for machine learning’ (2019) 34(3) Berkeley Technology L. J. 773-851]. Consequently, there is increasing interest in a reassessment of the existing procurement rules as they apply to contracts for digital technologies; as well as in the redesign of procurement to foster reliability, sustainability, and public trust in AI [see e.g. UK Government, BEIS, DCMS and Office for AI, Guidelines for AI procurement (8 June 2020); also W Naudé and N Dimitri, ‘Public Procurement and Innovation for Human-Centered Artificial Intelligence’ (2021)].

However, the challenges in effectively mobilising procurement for this gatekeeping function are yet to be properly conceptualised and understood [See e.g. P Nowicki, ‘Deus Ex Machina?: Some Remarks on Public Procurement in the Second Machine Age’ (2020) 1 EPPPL 53-60; see also K Mcbride et al, ‘Towards a Systematic Understanding on the Challenges of Procuring Artificial Intelligence in the Public Sector’ (2021)].

As I keep thinking about this (see here for earlier thoughts), I am realising that the emerging discussion or conceptualisation of public procurement (or procurement professionals) as gatekeepers of the adoption of AI by the public sector (and more broadly) can fall into the same trap of partiality as the equivalent discussion of financial gatekeepers in the corporate governance sphere years ago.

As Prof Coffee brightly pointed out [Gatekeepers: The Professions and Corporate Governance (OUP, 2006) 2-3] in the context of financial markets, there are two important dimensions of gatekeeping at play: one concerns ‘strict’ gatekeeping in terms of veto capacity (eg an audit firm can decline providing an opinion on corporate accounts, or a lawyer can decline to provide an opinion required for the closing of a specific corporate transaction). The other dimension, however, concerns a reputational aspect of gatekeeping that can generate reliance by third parties (eg an investment bank acquiring shares of a target company can lead others to also invest in that company).

In the procurement context, it seems to me that there is also a strict gatekeeping function (procurement requirements determine which technology/provider cannot get a public contract, eg to protect a specific public interest or avoid a specific public harm; or which one can provided it abides by specific contractualised requirements), as well as a reputational gatekeeping function (eg procurement of specific technologies/from specific providers can have a signalling effect that triggers further procurement by other public buyers and/or adoption by the private sector).

While in financial markets the reputational aspect is dependent on market-based issues (such as repeat transactions), in procurement settings reputation is almost a given due to a presumption of strict scrutiny of public providers (and thus the importance of ‘past performance’, or other signals such as being able to disclose that a technology or provider is used by Department X, or in some other settings ‘by appointment to HM the Queen’). This compounds the importance of procurement gatekeeping, as it not only concerns the specific decision adopted by a given public buyer, but also the broader access of technologies and providers into the public sector (and beyond).

However, a significant difference between gatekeeping in financial markets and in procurement however stems from the likely main source of potential failure of the gatekeeper. While in financial markets gatekeepers can be expected to be high-skilled but subject to structural conflicts of interest, in particular due to the way they are remunerated (which impinges on their independence), in procurement markets there is a real risk that public buyers are not only subject to potential conflicts of interest (an enduring issue in procurement regulation, and the source of incomplete attempts at the regulation of conflicts of interest and integrity in procurement), but also underprepared for the gatekeeping task.

In other words, the asymmetry of information seems to operate in reverse in both settings. While in financial markets the superior information and related skills belong to the gatekeeper (as compared to the retail, or even (passive) institutional investors), in procurement markets the information and skills disadvantage plays against the gatekeeper (public buyer) and in favour of those seeking to sell their technology.

And this is where the analysis by McGillivray is again interesting, as it highlights compliance challenges and gaps resulting from the parallel procurement-based gatekeeping of data protection law in the government cloud procurement sphere. Plenty food for thought (at least for me).

A tidal wave for (UK) universities IT procurement? -- Some thoughts on post COVID-19 challenges

http___cdn.cnn.com_cnnnext_dam_assets_181101171305-katsushika-hokusai-1.jpg

All around the world, university campuses have been closed and will remain closed for a while, then reopen and likely close again, then reopen (and repeat for a few iterations), as we transition to a ‘new normal’. The current lockdown and the likelihood of continued social distancing measures for the foreseeable future are putting a lot of pressure on the higher education sector to adapt to ‘online delivery’ in no time and with no proper planning.

This is a massive (almost impossible) task and will require massive investment, whatever dire financial straits higher education institutions have to navigate as a result of the imminent (or current?) economic crisis and Governments’ funding decisions. Without such investment, the sector will not be able to adapt—except in the very few countries where some of these investment were already made. And that investment will have to be channelled through proper (and largely rethought) procurement strategies and processes, which I think require some attention in the very near future.

But, ‘online teaching’ is happening with (almost no) additional investment …

Not really. The fact that the immediate transition into (some sort of) online delivery (of teaching and, in a larger magnitude, meetings) has not (yet) required such massive investment in the higher education context is just a matter of luck. In particular in the case of the UK, with which I am most familiar (and which is likely to be rather similar to most in other developed countries), universities have a completely inadequate IT infrastructure to support working from home and online teaching and research. The situation can only be worse elsewhere. However, the shortcomings of the IT infrastructure are largely hidden behind the private investment in IT infrastructure by the (UK) higher education workforce.

More generally, the entire transition to the online environment is currently unsustainably relying on individual resources and creativity. I half-joked about the challenges of working from home on twitter, but the serious fact is that large proportions of the academic and professional services communities do not have an adequate work space at home or, for that matter, adequate IT equipment. Issues of space and office furniture may well be nigh impossible to fix (except, perhaps, better chairs), but an improvement on the current IT shortcomings will certainly be necessary sooner rather than later.

Right now, I am writing this blog post on my personal computer—from which I have also been lecturing, attending endless meetings and completing some research tasks (to the limited extent my current circumstances allow). My university (desktop) computer is gathering dust in my office. My laptop was bought a few years ago and is giving worrying signs of likely malfunctioning (please, remember to back up your hard disk!). I have no certainty that I will remain able to do my job if my laptop goes. Moreover, my laptop is struggling with the increased demands of advanced videoconferencing software and the larger amounts of information to be uploaded and downloaded from the cloud. It was simply never intended for this intense use and its technical specs are likely insufficient for some software I will likely need to use if all my teaching goes online in a more serious manner for next academic year.

If my laptop goes or at some point proves unfit for purpose, what should I do? I could try to buy another one online from my own pocket and hope it gets delivered soon enough (as dealing with emails on my phone will definitely not do my eyes and hands any favours), but should I? Or is this now the obligation of my employer? I think the latter, as ‘my’ laptop is no longer something I marginally use for work (eg when travelling to conferences) or as a convenient way of time shifting (to try to minimise time in the office as much as possible in search of a better life/work balance), but is mainly dedicated to my personal use. Right now, my laptop is the bit if University IT architecture that keeps me connected and working from home.

My impression is that the same is true for a vast majority of the (UK) higher education workforce, as most members of staff have not been given laptops or other equipment. The unsustainability of the situation creates an impending tidal wave of IT procurement for (UK) universities.

Challenge and opportunity in post COVID-19 IT procurement for HE institutions

As ‘online higher education’ (in whatever form, including blended, flexible and any other labelled models) becomes the ‘new normal’, universities will have to make sure all members of staff have adequate IT equipment (and internet connections, energy supply, etc, but that is a can of worms on its own). This will require all sorts of measures, from moving existing desktop computers to private homes in the shorter term, to heavily investing in a transition to portable IT hardware (probably not the right label) for all staff—including the possibility of emergency deliveries for those situations (and there will be a few) where the existing (privately owned) laptops, routers and other kit stop functioning the day before the most important event (usually a student-facing one, of course).

The challenge will not only be in funding this, which will itself be difficult. The challenge will be in procuring all this IT equipment sustainably. And this challenge comes with a big opportunity for the development of a (more) sustainable IT landscape in the higher education sector (and elsewhere).

The point of departure, I think, should be a reassessment of the technical specs required for adequate working from home activities, depending on the specific activities to be carried out by each member of staff. Some will have extremely demanding requirements (eg if they have to run VR based activities, such as lab replacement work, or have to run heavy duty big data analysis software), whereas others (most of the law academics, eg) will just require basic functionalities for quality videoconferencing, email and cloud storage. The specs should include some leeway to future-proof investments, but should not be such that we are all given flashy top-end laptops with more computing power than we could possibly use.

To my mind, another point of departure should be that the new investment will have to have the smallest possible environmental impact. This means that the strategy should start by reallocating existing IT equipment, continue by acquiring refurbished equipment and, only where nothing else is available, acquire new equipment—all of it having a clear view of life cycle impacts and, in particular, recyclability at the end of expected use life. On the contrary, if all newly required IT equipment was bought new, this could create a significant negative environmental impact in the transition to the ‘online new normal’ of higher education (and other sectors). It must be avoided.

Finally, this also creates an opportunity to undo the shortsighted cuts in IT support that some higher education institutions have been implementing, as well as develop new capacity that could generate teaching and research synergies. Universities are complex institutions and there seems to be certainly a lot to teach and research about how they design, create, revise, adapt, maintain and dispose of their IT infrastructures and equipment. I am sure some engineering departments could make great contributions to the improvement of the system if some tasks where reconsidered and, in particular, brought back from the myriad outsourcing arrangements currently in place.