Digital procurement, PPDS and multi-speed datafication -- some thoughts on the March 2023 PPDS Communication

The 2020 European strategy for data ear-marked public procurement as a high priority area for the development of common European data spaces for public administrations. The 2020 data strategy stressed that

Public procurement data are essential to improve transparency and accountability of public spending, fighting corruption and improving spending quality. Public procurement data is spread over several systems in the Member States, made available in different formats and is not easily possible to use for policy purposes in real-time. In many cases, the data quality needs to be improved.

To address those issues, the European Commission was planning to ‘Elaborate a data initiative for public procurement data covering both the EU dimension (EU datasets, such as TED) and the national ones’ by the end of 2020, which would be ‘complemented by a procurement data governance framework’ by mid 2021.

With a 2+ year delay, details for the creation of the public procurement data space (PPDS) were disclosed by the European Commission on 16 March 2023 in the PPDS Communication. The procurement data governance framework is now planned to be developed in the second half of 2023.

In this blog post, I offer some thoughts on the PPDS, its functional goals, likely effects, and the quickly closing window of opportunity for Member States to support its feasibility through an ambitious implementation of the new procurement eForms at domestic level (on which see earlier thoughts here).

1. The PPDS Communication and its goals

The PPDS Communication sets some lofty ambitions aligned with those of the closely-related process of procurement digitalisation, which the European Commission in its 2017 Making Procurement Work In and For Europe Communication already saw as not only an opportunity ‘to streamline and simplify the procurement process’, but also ‘to rethink fundamentally the way public procurement, and relevant parts of public administrations, are organised … [to seize] a unique chance to reshape the relevant systems and achieve a digital transformation’ (at 11-12).

Following the same rhetoric of transformation, the PPDS Communication now stresses that ‘Integrated data combined with the use of state-of the-art and emerging analytics technologies will not only transform public procurement, but also give new and valuable insights to public buyers, policy-makers, businesses and interested citizens alike‘ (at 2). It goes further to suggest that ‘given the high number of ecosystems concerned by public procurement and the amount of data to be analysed, the impact of AI in this field has a potential that we can only see a glimpse of so far‘ (at 2).

The PPDS Communication claims that this data space ‘will revolutionise the access to and use of public procurement data:

  • It will create a platform at EU level to access for the first time public procurement data scattered so far at EU, national and regional level.

  • It will considerably improve data quality, availability and completeness, through close cooperation between the Commission and Member States and the introduction of the new eForms, which will allow public buyers to provide information in a more structured way.

  • This wealth of data will be combined with an analytics toolset including advanced technologies such as Artificial Intelligence (AI), for example in the form of Machine Learning (ML) and Natural Language Processing (NLP).’

A first comment or observation is that this rhetoric of transformation and revolution not only tends to create excessive expectations on what can realistically be delivered by the PPDS, but can also further fuel the ‘policy irresistibility’ of procurement digitalisation and thus eg generate excessive experimentation or investment into the deployment of digital technologies on the basis of such expectations around data access through PPDS (for discussion, see here). Policy-makers would do well to hold off on any investments and pilot projects seeking to exploit the data presumptively pooled in the PPDS until after its implementation. A closer look at the PPDS and the significant roadblocks towards its full implementation will shed further light on this issue.

2. What is the PPDS?

Put simply, the PPDS is a project to create a single data platform to bring into one place ‘all procurement data’ from across the EU—ie both data on above threshold contracts subjected to mandatory EU-wide publication through TED (via eForms from October 2023), and data on below threshold contracts, which publication may be required by the domestic laws of the Member States, or entirely voluntary for contracting authorities.

Given that above threshold procurement data is already (in the process of being) captured at EU level, the PPDS is very much about data on procurement not covered by the EU rules—which represents 80% of all public procurement contracts. As the PPDS Communication stresses

To unlock the full potential of public procurement, access to data and the ability to analyse it are essential. However, data from only 20% of all call for tenders as submitted by public buyers is available and searchable for analysis in one place [ie TED]. The remaining 80% are spread, in different formats, at national or regional level and difficult or impossible to re-use for policy, transparency and better spending purposes. In order (sic) words, public procurement is rich in data, but poor in making it work for taxpayers, policy makers and public buyers.

The PPDS thus intends to develop a ‘technical fix’ to gain a view on the below-threshold reality of procurement across the EU, by ‘pulling and pooling’ data from existing (and to be developed) domestic public contract registers and transparency portals. The PPDS is thus a mechanism for the aggregation of procurement data currently not available in (harmonised) machine-readable and structured formats (or at all).

As the PPDS Communication makes clear, it consists of four layers:
(1) A user interface layer (ie a website and/or app) underpinned by
(2) an analytics layer, which in turn is underpinned by (3) an integration layer that brings together and minimally quality-assures the (4) data layer sourced from TED, Member State public contract registers (including those at sub-national level), and data from other sources (eg data on beneficial ownership).

The two top layers condense all potential advantages of the PPDS, with the analytics layer seeking to develop a ‘toolset including emerging technologies (AI, ML and NLP)‘ to extract data insights for a multiplicity of purposes (see below 3), and the top user interface seeking to facilitate differential data access for different types of users and stakeholders (see below 4). The two bottom layers, and in particular the data layer, are the ones doing all the heavy lifting. Unavoidably, without data, the PPDS risks being little more than an empty shell. As always, ‘no data, no fun’ (see below 5).

Importantly, the top three layers are centralised and the European Commission has responsibility (and funding) for developing them, while the bottom data layer is decentralised, with each Member State retaining responsibility for digitalising its public procurement systems and connecting its data sources to the PPDS. Member States are also expected to bear their own costs, although there is EU funding available through different mechanisms. This allocation of responsibilities follows the limited competence of the EU in this area of inter-administrative cooperation, which unfortunately heightens the risks of the PPDS becoming little more than an empty shell, unless Member States really take the implementation of eForms and the collaborative approach to the construction of the PPDS seriously (see below 6).

The PPDS Communication foresees a progressive implementation of the PPDS, with the goal of having ‘the basic architecture and analytics toolkit in place and procurement data published at EU level available in the system by mid-2023. By the end of 2024, all participating national publication portals would be connected, historic data published at EU level integrated and the analytics toolkit expanded. As of 2025, the system could establish links with additional external data sources’ (at 2). It will most likely be delayed, but that is not very important in the long run—especially as the already accrued delays are the ones that pose a significant limitation on the adequate rollout of the PPDS (see below 6).

3. PPDS’ expected functionality

The PPDS Communication sets expectations around the functionality that could be extracted from the PPDS by different agents and stakeholders.

For public buyers, in addition to reducing the burden of complying with different types of (EU-mandated) reporting, the PPDS Communication expects that ‘insights gained from the PPDS will make it much easier for public buyers to

  • team up and buy in bulk to obtain better prices and higher quality;

  • generate more bids per call for tenders by making calls more attractive for bidders, especially for SMEs and start-ups;

  • fight collusion and corruption, as well as other criminal acts, by detecting suspicious patterns;

  • benchmark themselves more accurately against their peers and exchange knowledge, for instance with the aim of procuring more green, social and innovative products and services;

  • through the further digitalisation and emerging technologies that it brings about, automate tasks, bringing about considerable operational savings’ (at 2).

This largely maps onto my analysis of likely applications of digital technologies for procurement management, assuming the data is there (see here).

The PPDS Communication also expects that policy-makers will ‘gain a wealth of insights that will enable them to predict future trends‘; that economic operators, and SMEs in particular, ‘will have an easy-to-use portal that gives them access to a much greater number of open call for tenders with better data quality‘, and that ‘Citizens, civil society, taxpayers and other interested stakeholders will have access to much more public procurement data than before, thereby improving transparency and accountability of public spending‘ (at 2).

Of all the expected benefits or functionalities, the most important ones are those attributed to public buyers and, in particular, the possibility of developing ‘category management’ insights (eg potential savings or benchmarking), systems of red flags in relation to corruption and collusion risks, and the automation of some tasks. However, unlocking most of these functionalities is not dependent on the PPDS, but rather on the existence of procurement data at the ‘right’ level.

For example, category management or benchmarking may be more relevant or adequate (as well as more feasible) at national than at supra-national level, and the development of systems of red flags can also take place at below-EU level, as can automation. Importantly, the development of such functionalities using pan-EU data, or data concerning more than one Member State, could bias the tools in a way that makes them less suited, or unsuitable, for deployment at national level (eg if the AI is trained on data concerning solely jurisdictions other than the one where it would be deployed).

In that regard, the expected functionalities arising from PPDS require some further thought and it can well be that, depending on implementation (in particular in relation to multi-speed datafication, as below 5), Member States are better off solely using domestic data than that coming from the PPDS. This is to say that PPDS is not a solid reality and that its enabling character will fluctuate with its implementation.

4. Differential procurement data access through PPDS

As mentioned above, the PPDS Communication stresses that ‘Citizens, civil society, taxpayers and other interested stakeholders will have access to much more public procurement data than before, thereby improving transparency and accountability of public spending’ (at 2). However, this does not mean that the PPDS will be (entirely) open data.

The Communication itself makes clear that ‘Different user categories (e.g. Member States, public buyers, businesses, citizens, NGOs, journalists and researchers) will have different access rights, distinguishing between public and non-public data and between participating Member States that share their data with the PPDS (PPDS members, …) and those that need more time to prepare’ (at 8). Relatedly, ‘PPDS members will have access to data which is available within the PPDS. However, even those Member States that are not yet ready to participate in the PPDS stand to benefit from implementing the principles below, due to their value for operational efficiency and preparing for a more evidence-based policy’ (at 9). This raises two issues.

First, and rightly, the Communication makes clear that the PPDS moves away from a model of ‘fully open’ or ‘open by default’ procurement data, and that access to the PPDS will require differential permissioning. This is the correct approach. Regardless of the future procurement data governance framework, it is clear that the emerging thicket of EU data governance rules ‘requires the careful management of a system of multi-tiered access to different types of information at different times, by different stakeholders and under different conditions’ (see here). This will however raise significant issues for the implementation of the PPDS, as it will generate some constraints or disincentives for an ambitions implementation of eForms at national level (see below 6).

Second, and less clearly, the PPDS Communication evidences that not all Member States will automatically have equal access to PPDS data. The design seems to be such that Member States that do not feed data into PPDS will not have access to it. While this could be conceived as an incentive for all Member States to join PPDS, this outcome is by no means guaranteed. As above (3), it is not clear that Member States will be better off—in terms of their ability to extract data insights or to deploy digital technologies—by having access to pan-EU data. The main benefit resulting from pan-EU data only accrues collectively and, primarily, by means of facilitating oversight and enforcement by the European Commission. From that perspective, the incentives for PPDS participation for any given Member State may be quite warped or internally contradictory.

Moreover, given that plugging into PPDS is not cost-free, a Member State that developed a data architecture not immediately compatible with PPDS may well wonder whether it made sense to shoulder the additional costs and risks. From that perspective, it can only be hoped that the existence of EU funding and technical support will be maximised by the European Commission to offload that burden from the (reluctant) Member States. However, even then, full PPDS participation by all Member States will still not dispel the risk of multi-speed datafication.

5. No data, no fun — and multi-speed datafication

Related to the risk that some EU Member States will become PPDS members and others not, there is a risk (or rather, a reality) that not all PPDS members will equally contribute data—thus creating multi-speed datafication, even within the Member States that opt in to the PPDS.

First, the PPDS Communication makes it clear that ‘Member States will remain in control over which data they wish to share with the PPDS (beyond the data that must be published on TED under the Public Procurement Directives)‘ (at 7), It further specifies that ‘With the eForms, it will be possible for the first time to provide data in notices that should not be published, or not immediately. This is important to give assurance to public buyers that certain data is not made publicly available or not before a certain point in time (e.g. prices)’ (at 7, fn 17).

This means that each Member State will only have to plug whichever data it captures and decides to share into PPDS. It seems plain to see that this will result in different approaches to data capture, multiple levels of granularity, and varying approaches to restricting access to the date in the different Member States, especially bearing in mind that ‘eForms are not an “off the shelf” product that can be implemented only by IT developers. Instead, before developers start working, procurement policy decision-makers have to make a wide range of policy decisions on how eForms should be implemented’ in the different Member States (see eForms Implementation Handbook, at 9).

Second, the PPDS Communication is clear (in a footnote) that ‘One of the conditions for a successful establishment of the PPDS is that Member States put in place automatic data capture mechanisms, in a first step transmitting data from their national portals and contract registers’ (at 4, fn 10). This implies that Member States may need to move away from manually inputted information and that those seeking to create new mechanisms for automatic procurement data capture can take an incremental approach, which is very much baked into the PPDS design. This relates, for example, to the distinction between pre- and post-award procurement data, with pre-award data subjected to higher demands under EU law. It also relates to above and below threshold data, as only above threshold data is subjected to mandatory eForms compliance.

In the end, the extent to which a (willing) Member State will contribute data to the PPDS depends on its decisions on eForms implementation, which should be well underway given the October 2023 deadline for mandatory use (for above threshold contracts). Crucially, Member States contributing more data may feel let down when no comparable data is contributed to PPDS by other Member States, which can well operate as a disincentive to contribute any further data, rather than as an incentive for the others to match up that data.

6. Ambitious eForms implementation as the PPDS’ Achilles heel

As the analysis above has shown, the viability of the PPDS and its fitness for purpose (especially for EU-level oversight and enforcement purposes) crucially depends on the Member States deciding to take an ambitious approach to the implementation of eForms, not solely by maximising their flexibility for voluntary uses (as discussed here) but, crucially, by extending their mandatory use (under national law) to all below threshold procurement. It is now also clear that there is a need for as much homogeneity as possible in the implementation of eForms in order to guarantee that the information plugged into PPDS is comparable—which is an aspect of data quality that the PPDS Communication does not seem to have at all considered).

It seems that, due to competing timings, this poses a bit of a problem for the rollout of the PPDS. While eForms need to be fully implemented domestically by October 2023, the PPDS Communication suggests that the connection of national portals will be a matter for 2024, as the first part of the project will concern the top two layers and data connection will follow (or, at best, be developed in parallel). Somehow, it feels like the PPDS is being built without a strong enough foundation. It would be a shame (to put it mildly) if Member States having completed a transition to eForms by October 2023 were dissuaded from a second transition into a more ambitious eForms implementation in 2024 for the purposes of the PPDS.

Given that the most likely approach to eForms implementation is rather minimalistic, it can well be that the PPDS results in not much more than an empty shell with fancy digital analytics limited to very superficial uses. In that regard, the two-year delay in progressing the PPDS has created a very narrow (and quickly dwindling) window of opportunity for Member States to engage with an ambitions process of eForms implementation

7. Final thoughts

It seems to me that limited and slow progress will be attained under the PPDS in coming years. Given the undoubted value of harnessing procurement data, I sense that Member States will progress domestically, but primarily in specific settings such as that of their central purchasing bodies (see here). However, whether they will be onboarded into PPDS as enthusiastic members seems less likely.

The scenario seems to resemble limited voluntary cooperation in other areas (eg interoperability; for discussion see here). It may well be that the logic of EU competence allocation required this tentative step as a first move towards a more robust and proactive approach by the Commission in a few years, on grounds that the goal of creating the European data space could not be achieved through this less interventionist approach.

However, given the speed at which digital transformation could take place (and is taking place in some parts of the EU), and the rhetoric of transformation and revolution that keeps being used in this policy area, I can’t but feel let down by the approach in the PPDS Communication, which started with the decision to build the eForms on the existing regulatory framework, rather than more boldly seeking a reform of the EU procurement rules to facilitate their digital fitness.

Urgent: 'no eForms, no fun' -- getting serious about building a procurement data architecture in the EU

EU Member States only have about one year to make crucial decisions that will affect the procurement data architecture of the EU and the likelihood of successful adoption of digital technologies for procurement governance for years or decades to come’. Put like that, the relevance of the approaching deadline for the national implementation of new procurement eForms may grab more attention than the alternative statement that ‘in just about a year, new eForms will be mandatory for publication of procurement notices in TED’.

This latter more technical (obscure, and uninspiring?) understanding of the new eForms seems to have been dominating the approach to eForms implementation, which does not seem to have generally gained a high profile in domestic policy-making at EU Member State level despite the Publications Office’s efforts.

In this post, I reflect about the strategic importance of the eForms implementation for the digitalisation of procurement, the limited incentives for an ambitious implementation that stem from the voluntary approach of the most innovative aspects of the new eForms, and the opportunity that would be lost with a minimalistic approach to compliance with the new rules. I argue that it is urgent for EU Member States to get serious about building a procurement data architecture that facilitates the uptake of digital technologies for procurement governance across the EU, which requires an ambitious implementation of eForms beyond their minimum mandatory requirements.

eForms: some background

The EU is in the process of reforming the exchange of information about procurement procedures. This information exchange is mandated by the EU procurement rules, which regulate a variety of procurement notices with the two-fold objective of (i) fostering cross-border competition for public contracts and (ii) facilitating the oversight of procurement practices by the Member States, both in relation to the specific procedure (eg to enable access to remedies) and from a broad policy perspective (eg through the Single Market Scoreboard). In other words, this information exchange underpins the EU’s approach to procurement transparency, which mainly translates into publication of notices in the Tenders Electronic Daily (TED).

A 2019 Implementing Regulation established new standard forms for the publication of notices in the field of public procurement (eForms). The Implementing Regulation is accompanied by a detailed Implementation Handbook. The transition to eForms is about to hit a crucial milestone with the authorisation for their voluntary use from 14 November 2022, in parallel with the continued use of current forms. Following that, eForms will be mandatory and the only accepted format for publication of TED notices from 25 October 2023. There will thus have been a very long implementation period (of over four years), including an also lengthy (11-month) experimentation period about to start. This contrasts with previous revisions of the TED templates, which had given under six months’ notice (eg in 2015) or even just a 20-day implementation period (eg in 2011). This extended implementation period is reflective of the fact that the transition of eForms is not merely a matter of replacing a set of forms with another.

Indeed, eForms are not solely the new templates for the collection of information to be published in TED. eForms represent the EU’s open standard for publishing public procurement data — or, in other words, the ‘EU OCDS’ (which goes much beyond the OCDS mapping of the current TED forms). The importance of the implementation of a new data standard has been highlighted at strategic level, as this is the cornerstone of the EU’s efforts to improve the availability and quality of procurement data, which remain suboptimal (to say the least) despite continued efforts to improve the quality and (re)usability of TED data.

In that regard, the 2020 European strategy for data, emphasised that ‘Public procurement data are essential to improve transparency and accountability of public spending, fighting corruption and improving spending quality. Public procurement data is spread over several systems in the Member States, made available in different formats and is not easily possible to use for policy purposes in real-time. In many cases, the data quality needs to be improved.’ The European Commission now stresses how ‘eForms are at the core of the digital transformation of public procurement in the EU. Through the use of a common standard and terminology, they can significantly improve the quality and analysis of data’ (emphasis added).

It should thus be clear that the eForms implementation is not only about low level form-filling, but also (or primarily) about building a procurement data architecture that facilitates the uptake of digital technologies for procurement governance across the EU. Therefore, the implementation of eForms and the related data standard seeks to achieve two goals: first, to ensure the data quality (eg standardisation, machine-readability) required to facilitate its automated treatment for the purposes of publication of procurement notices mandated by EU law (ie their primary use); and, second, to build a data architecture that can facilitate the accumulation of big data so that advanced data analytics can be deployed by re-users of procurement data. This second(ary) goal is particularly relevant to our discussion. This requires some unpacking.

The importance of data for the deployment of digital technologies

It is generally accepted that quality (big) data is the primary requirement for the deployment of digital technologies to extract data-driven insights, as well as to automate menial back-office tasks. In a detailed analysis of these technologies, I stress the relevance of procurement data across technological solutions that could be deployed to improve procurement governance. In short, the outcome of robotic process automation (RPA) can only be as good as its sources of information, and adequate machine learning (ML) solutions can only be trained on high-quality big data—which thus conditions the possibility of developing recommender systems, chatbots, or algorithmic screens for procurement monitoring and oversight. Distributed Ledger Technology (DLT) systems (aka blockchain) can manage data, but cannot verify its content, accuracy, or reliability. Internet of Things (IoT) applications and software oracles can automatically capture data, which can alleviate some of the difficulties in generating an adequate data infrastructure. But this is only in relation with the observation of the ‘real world’ or in relation to digitally available information, which quality raises the same issues as other sources of data. In short, all digital technologies are data-centric or, more clearly, data-dependent.

Given the crucial relevance of data across digital technologies, it is hard to emphasise how any shortcomings in the enabling data architecture curtail the likelihood of successful adoption of digital technologies for procurement governance. With inadequate data, it may simply be impossible to develop digital solutions at all. And the development and adoption of digital solutions developed on poor or inadequate data can generate further problems—eg skewing decision-making on the basis of inadequately derived ‘data insights’. Ultimately, then, ensuring that adequate data is available to develop digital governance solutions is a challenging but unavoidable requirement in the process of procurement digitalisation. Success, or lack of it, in the creation of an enabling data architecture will determine the viability of the deployment of digital technologies more generally. From this perspective, the implementation of eForms gains clear strategic importance.

eForms Implementation: a flexible model

Implementing eForms is not an easy task. The migration towards eForms requires a complete redesign of information exchange mechanisms. eForms are designed around universal business language and involve the use of a much more structured information schema, compatible with the EU’s eProcurement Ontology, than the current TED forms. eForms are also meant to collect a larger amount of information than current TED forms, especially in relation to sub-units within a tender, such as lots, or in relation to framework agreements. eForms are meant to be flexible and regularly revised, in particular to add new fields to facilitate data capture in relation to specific EU-mandated requirements in procurement, such as in relation with the clean vehicles rules (with some changes already coming up, likely in November 2022).

From an informational point of view, the main constraint that remains despite the adoption of eForms is that their mandatory content is determined by existing obligations to report and publish tender-specific information under the current EU procurement rules, as well as to meet broader reporting requirements under international and EU law (eg the WTO GPA). This mandatory content is thus rather limited. Ultimately, eForms’ main concentration is on disseminating details of contract opportunities and capturing different aspects of decision-making by the contracting authorities. Given the process-orientedness and transactional focus of the procurement rules, most of the information to be mandatorily captured by the eForms concerns the scope and design of the tender procedure, some aspects concerning the award and formal implementation of the contract, as well as some minimal data points concerning its material outcome—primarily limited to the winning tender. As the Director-General of the Publications Office put it an eForms workshop yesterday, the new eForms will provide information on ‘who buys what, from whom and for what price’. While some of that information (especially in relation to the winning tender) will be reflective of broader market conditions, and while the accumulation of information across procurement procedures can progressively generate a broader view of (some of) the relevant markets, it is worth stressing that eForms are not designed as a tool of market intelligence.

Indeed, eForms do not capture the entirety of information generated by a procurement process and, as mentioned, their mandatory content is rather limited. eForms do include several voluntary or optional fields, and they could be adapted for some voluntary uses, such as in relation to detection of collusion in procurement, or in relation to the beneficial ownership of tenderers and subcontractors. Extensive use of voluntary fields and the development of additional fields and uses could contribute to generating data that enabled the deployment of digital technologies for the purposes of eg market intelligence, integrity checks, or other sorts of (policy-related) analysis. For example, there are voluntary fields in relation to green, social or innovation procurement, which could serve as the basis for data-driven insights into how to maximise the effects of such policy interventions. There are also voluntary fields concerning procurement challenges and disputes, which could facilitate a monitoring of eg areas requiring guidance or training. However, while the eForms are flexible, include voluntary fields, and the schema facilitates the development of additional fields, is it unclear that adequate incentives exist for adoption beyond their mandatory minimum content.

Implementation in two tiers

The fact that eForms are in part mandatory and in part voluntary will most likely result in two separate tiers of eForms implementation across the EU. Tier 1 will solely concern the collection and exchange of information mandated by EU law, that is the minimum mandatory eForm content. Tier 2 will concern the optional collection and exchange of a much larger volume of information concerning eg the entirety of tenders received, as well as qualitative information on eg specific policy goals embedded in a tender process. Of course, in the absence of coordination, a (large) degree of variation within Tier 2 can be expected. Tier 2 is potentially very important for (digital) procurement governance, but there is no guarantee that Member States will decide to implement eForms covering it.

One of the major obstacles to the broad adoption of a procurement data model so far, at least in the European Union, relates to the slow uptake of e-procurement (as discussed eg here). Without an underlying highly automated e-procurement system, the generation and capture of procurement data is a main challenge, as it is a labour-intensive process prone to input error. The entry into force of the eForms rules could serve as a further push for the completion of the transition to e-procurement—at least in relation to procurement covered by EU law (as below thresholds procurement is a voluntary potential use of eForms). However, it is also possible that low e-procurement uptake and generalised unsophisticated approaches to e-procurement (eg reduced automation) will limit the future functionality of eForms, with Member States that have so far lagged behind restricting the use of eForms to tier 1. Non life-cycle (automated) e-procurement systems may require manual inputs into the new eForms (or the databases from which they can draw information) and this implies that there is a direct cost to the implementation of each additional (voluntary) data field. Contracting authorities may not perceive the (potential) advantages of incurring those costs, or may more simply be constrained by their available budget. A collective action problem arises here, as the cost of adding more data to the eForms is to be shouldered by each public buyer, while the ensuing big data would potentially benefit everyone (especially as it will be published—although there are also possibilities to capture but not publish information that should be explored, at least to prevent excessive market transparency; but let’s park that issue for now) and perhaps in particular data re-users offering for pay added-value services.

In direct relation to this, and compounding the (dis)incentives problem, the possibility (or likelihood) of minimal implementation is compounded by the fact that, in many Member States, the operational adaptation to eForms does not directly concern public sector entities, but rather their service providers. e-procurement services providers compete for the provision of large volume, entirely standardised platform services, which are markets characterised by small operational margins. This creates incentives for a minimal adaptation of current e-sending systems and disincentives for the inclusion of added-value (data) services potentially unlikely to be used by public buyers. Some (or most) optional aspects of the eForm implementation will thus remain unused due to these market structure and dynamics, which does not clearly incentivise a race to the top (unless there is clear demand pull for it).

With some more nuance, it should be stressed that it is also possible that the adoption of eForms is uneven within a given jurisdiction where the voluntary character of parts of the eForm is kept (rather than made mandatory across the board through domestic legislation), with advanced procurement entities (eg central purchasing bodies, or large buyers) adopting tier 2 eForms, and (most) other public buyers limiting themselves to tier 1.

Ensuing data fragmentation

While this variety of approaches across the EU and within a Member State would not pose legal challenges, it would have a major effect on the utility of the eForms-generated data for the purposes of eg developing ML solutions, as the data would be fragmented, hardly representative of important aspects of procurement (markets), and could hardly be generalisable. The only consistent data would be that covered by tier 1 (ie mandatory and standardised implementation) and this would limit the potential use cases for the deployment of digital technologies—with some possibly limited to the procurement remit of the specific institutions with tier 2 implementations.

Relatedly, it should be stressed that, despite the effort to harmonise the underlying data architecture and link it to the Procurement Ontology, the Implementation Handbook makes clear that ‘eForms are not an “off the shelf” product that can be implemented only by IT developers. Instead, before developers start working, procurement policy decision-makers have to make a wide range of policy decisions on how eForms should be implemented’ in the different Member States.

This poses an additional challenge from the perspective of data quality (and consistency), as there are many fields to be tailored in the eForms implementation process that can result in significant discrepancies in the underlying understanding or methodology to determine them, in addition to the risk of potential further divergence stemming from the domestic interpretation of very similar requirements. This simply extends to the digital data world the current situation, eg in relation to diverging understandings of what is ‘recyclable’ or what is ‘social value’ and how to measure them. Whenever open-ended concepts are used, the data may be a poor source for comparative and aggregate analysis. Where there are other sources of standardisation or methodology, this issue may be minimised—eg in relation to the green public procurement criteria developed in the EU, if they are properly used. However, where there are no outside or additional sources of harmonisation, it seems that there is scope for quite a few difficult issues in trying to develop digital solutions on top of eForms data, except in relation to quantitative issues or in relation to information structured in clearly defined categories—which will mainly link back to the design of the procurement.

An opportunity about to be lost?

Overall, while the implementation of eForms could in theory build a big data architecture and facilitate the development of ML solutions, there are many challenges ahead and the generalised adoption of tier 2 eForms implementations seems unlikely, unless Member States make a positive decision in the process of national adoption. The importance of an ambitious tier 2 implementation of eForms should be assessed in light of its downstream importance for the potential deployment of digital technologies to extract data-driven insights and to automate parts of the procurement process. A minimalistic implementation of eForms would significantly constrain future possibilities of procurement digitalisation. Primarily in the specific jurisdiction, but also with spillover effects across the EU.

Therefore, a minimalistic eForms implementation approach would perpetuate (most of the) data deficit that prevents effective procurement digitalisation. It would be a short-sighted saving. Moreover, the effects of a ‘middle of the road’ approach should also be considered. A minimalistic implementation with a view to a more ambitious extension down the line could have short-term gains, but would delay the possibility of deploying digital technologies because the gains resulting from the data architecture are not immediate. In most cases, it will be necessary to wait for the accumulation of sufficiently big data. In some cases of infrequent procurement, missing data points will generate further time lags in the extraction of valuable insights. It is no exaggeration that every data point not captured carries an opportunity cost.

If Member States are serious about the digitalisation of public procurement, they will make the most of the coming year to develop tier 2 eForms implementations in their jurisdiction. They should also keep an eye on cross-border coordination. And the European Commission, both DG GROW and the Publications Office, would do well to put as much pressure on Member States as possible.

The perils of not carrying out technology-centered research into digital technologies and procurement governance -- re Sava and Dragos (2022), plus authors' response

This is a post in two parts. The first part addresses my methodological concerns with research on digital technologies and public procurement (and public governance more generally), as exemplified by a recent paper. The second part collects the response by the authors of that paper.

This pair of points of view are offered together to try to create debate. While the authors found my comments harsh (I cannot judge that), they engaged with them and provided their own counter-arguments. In itself, I think that is laudable and already has value. Any further discussion with the broader community, via comments (or email), would be a bonus.

Part 1: The perils of not carrying out technology-centered research into digital technologies and procurement governance -- re Sava and Dragos (2022)

When I started researching the interaction between digital technologies and procurement governance, it was clear to me that a technology-centered legal method was required. A significant amount of the scholarship that is published fails to properly address the governance implications of digital technologies because it simply does not engage with their functionality—or, put otherwise, because the technology is not understood. This can lead to either excessive claims of what ‘technology fixes’ can achieve or, perhaps even more problematic, it can generate analysis that is based on a misleading, shallow and oftentimes purely literal reading of the labels with which the technology is described and referred to.

A recent paper on smart contracts and procurement clearly exemplifies this problem: N.A. Sava & D. Dragos, ‘The Legal Regime of Smart Contracts in Public Procurement’ (2022) Transylvanian Review of Administrative Sciences, No. 66 E/2022, pp. 99–112.

Conceptual problems

From the outset, the paper is at pains to distinguish blockchain and smart contracts, and proposes ’a needed conceptual distinction that would fit the public contracts theory: before a contract is signed, it is logical to refer to blockchain technology when discussing digital means of awarding the procurement contract. As a result of this award, the concluded contract could be a “smart contract”’ (at 101).

The trap into which the paper falls, of course, is that of believing that blockchain and smart contracts can be distinguished ‘conceptually’ (in a legal sense), rather than on the basis of their technological characteristics and functionality.

Blockchain is a type of distributed ledger technology (DLT). In some more detail: ‘A DLT system is a system of electronic records that enables a network of independent participants to establish a consensus around the authoritative ordering of cryptographically-validated (‘signed’) transactions. These records are made persistent by replicating the data across multiple nodes, and tamper-evident by linking them by cryptographic hashes. The shared result of the reconciliation/consensus process - the ‘ledger’ - serves as the authoritative version for these records’ (M Rauchs et al, Distributed Ledger Technology Systems. A Conceptual Framework (2018), at 24). Blockchain is thus a ‘passive’ digital technology in the sense that it cannot perform any sort of automation of (decision-making) processes because it simply serves to create a data infrastructure.

In turn, smart contracts are a type of ‘active’ (or automating) digital technology that can be deployed on top of a DLT. In more detail: ‘Smart contracts are simply programs stored on a blockchain that run when predetermined conditions are met. They typically are used to automate the execution of an agreement so that all participants can be immediately certain of the outcome, without any intermediary’s involvement or time loss. They can also automate a workflow, triggering the next action when conditions are met’ (IBM, What are smart contracts on blockchain? (undated, accessed 1 July 2022)).

What this means is that, functionally, ‘smart contracts’ may or may not map onto the legal concept of contract, as a ‘smart contract’ can be a unilaterally programmed set of instructions aimed at the automation of a workflow underpinned by data held on a DLT.

Taking this to the public procurement context, it is then clear that both the management of the award process and the execution of an awarded public contract, to the extent that they could be automated, would both need to be instrumentalised via smart contracts plus an underlying blockchain (I would though be remiss not to stress that the practical possibilities of automating either of those procurement phases are extremely limited, if at all realistic; see here and here, which the paper refers to in passing). It does not make any (technological/functional) sense to try to dissociate both layers of digital technology to suggest that ‘blockchain technology [should be used] when discussing digital means of awarding the procurement contract. As a result of this award, the concluded contract could be a “smart contract”’ (Sava & Dragos, above, 101).

This is important, because that technology-incongruent conceptual distinction is then the foundation of legal analysis. The paper e.g. posits that ‘the award of public contracts is a unilateral procedure, organized by state authorities according to specific rules, and that automation of such procedure may be done using blockchain technology, but it is not a ‘“smart contract” (sic). Smart contracts, on the other hand, can be an already concluded procurement contract, which is executed, oversaw (sic) and even remedied transparently, using blockchain technology (sic)’ (ibid, 103, emphasis added).

There are three problems here. First, the automation of the procurement award procedure carried out on top of a DLT layer would require a smart contract (or a number of them). Second, the outcome of that automated award would only be a ‘smart contract’ in itself if it was fully coded and its execution fully automated. In reality, it seems likely that some parts of a public contract could be coded (e.g. payments upon invoice approval), whereas other parts could not (e.g. anything that has to happen offline). Third, the modification of the smart contract (ie coded) parts of a public contract could not be modified (solely) using blockchain technology, but would require another (or several) smart contract/s.

Some more problems

Similarly, the lack of technology-centricity of the analysis leads the paper to present as open policy choices some issues that are simply technologically-determined.

For example, the paper engages in this analysis:

… the question is where should the smart public contracts be awarded? In the electronic procurement systems already developed by the different jurisdictions? On separate platforms using blockchain technology? The best option for integrating smart contracts into the procurement procedures may be the already existing digital infrastructure, therefore on the electronic procurement platforms of the member states. We believe this would be an optimal solution, as smart contracts should enhance the current electronic procurement framework and add value to it, thus leveraging the existing system and not replacing it (at 103, emphasis added).

Unless the existing electronic procurement platforms ran on blockchain—which I do not think they do—then this is not a policy option at all, as it is not possible to deploy smart contracts on top of a different layer of information. It may be possible to automate some tasks using different types of digital technologies (e.g. robotic process automation), but not smart contracts (if the technological concept, as discussed above, is to be respected).

The problems continue with the shallow approach to the technology (and to the underlying legal and practical issues), as also evidenced in the discussion of the possibility of automating checks related to the European Single Procurement Document (ESPD), which is a self-declaration that the economic operator is not affected by exclusion grounds (see Art 59 Directive 2014/24/EU).

The paper states

In the context of automatized checks, the blockchain technology can provide an avenue for checking the validity of proofs presented. The system could automate the verifications of the exclusion grounds and the selection criteria by checking the original documents referenced in the ESPD in real time (that is, before determining the winning tender). The blockchain technology could verify the respect of the exclusions grounds and rule out any economic operator that does not comply with this condition (at 104, emphasis added).

This is a case of excessive claim based on a misunderstanding of the technology. A smart contract could only verify whatever information was stored in a DLT. There is no existing DLT capturing the information required to assess the multiplicity of exclusion grounds regulated under EU law. Moreover, the check would never be of the original documents, but rather of digital records that would either be self-declared by the economic operators or generated by a trusted authority. If the latter, what is the point of a blockchain (or other DLT), given that the authority and veracity of the information comes from the legal authority of the issuer, not the consensus mechanism?

There are also terminological/conceptual inconsistencies in the paper, which does not consistently stick to its conceptual distinction that blockchain should be used to refer to the automation of the award procedure, with smart contracts being reserved to the awarded contract. For example, it (correctly) asserts that ‘When it comes to selection criteria, the smart contract could also perform automatic checks on the elements listed in the contract notice’ (at 104). However, this can creates confusion for a reader not familiar with the technology.

Other issues point at the potentially problematic implications of analysis based on a lack of in-depth exploration of the technologies. For example, the paper discusses a project in Colombia, which ‘created a blockchain software that allowed for record keeping, real time auditability, automation through smart contracts and enhanced citizen engagement’ (at 105). After limited analysis, the paper goes on to stress that ‘Our opinion is that the system in Colombia resembles very much the regular e-procurement systems in Europe. For instance, Romania’s SEAP (Electronic Public Procurement System) insures exactly the same features — non-alteration of bids, traceability and automatic evaluation of tenders (price). So, the question is whether the smart contract system in Colombia is anything else than a functional e-procurement system’ (ibid). This reflects a conflation of functionality with technology, at best.

In the end, the lack of technology-centered (legal) analysis significantly weakens the paper and makes its insights and recommendations largely unusable.

The need for a technology-centric legal methodology

To avoid this type of problems in much-needed legal scholarship on the impact of digital technologies on public governance, it is necessary to develop a technology-centric legal methodology. This is something I am working on, in the context of my project funded by the British Academy. I will seek to publish a draft methodology towards the end of the year. Comments and suggestions on what to take into account would be most welcome: a.sanchez-graells@bristol.ac.uk.

Part 2: authors’ response

Dear Professor,

As a first-year PhD student, being read and offered feedback, especially in the incipient phase of the research, is an amazing learning opportunity. Not all PhD students have the chance to exchange on their topic, and even more with a revered name in the doctrine of public procurement like yourself, therefore am I am very grateful for this debate (Sava).

The co-author Dragos also shares the respect and gratitude for the scholarly critique, although considers the comments rather theoretical and lacking an alternative constructive conclusion.

Concerning the need to conduct a ʻtechnology-centered legal’ research, I fully agree, and I will try to integrate more technology-centered research into the thesis.

However, being lawyers, we believe that technology-centered research does not take into account the established concepts from law and especially public procurement law, therefore an interdisciplinary perspective is needed.

Now we will address the arguments you formulated.

1) Conceptual problems

Concerning the definitions of blockchain and smart contract that you offer, we are of course familiar with them and agree with them.

We agree that blockchain-based smart-contracts could automate certain aspects of the procurement procedures, both in the award and in the execution phase. In our paper, we acknowledge the fact that ʻsmart contracts could automate any process that can be presented as an IF+THEN formula’ (p. 100-101). In this sense, like you noticed, we give the example of automating the check of the selection criteria: ‘When it comes to selection criteria, the smart contract could also perform automatic checks on the elements listed in the contract notice’ (p. 104).

However, beyond these two concepts (blockchain and smart contracts), there is a third concept, that of a ʻsmart legal contract’.

DiMatteo, L., Cannarsa, M. and Poncibò, C., in The Cambridge Handbook of Smart Contracts, Blockchain Technology and Digital Platforms (Cambridge: Cambridge University Press, 2019, p. 63) draw attention to the inadequacy of the terminology: ʻFor blockchain-based smart contracts, a useful dichotomy can be drawn between the ‘smart contract code’ that is, the computer code that is ‘– stored, verified, and executed on a blockchain and the ‘smart legal contract’ - a complement (or maybe even a substitute) for a legal contract that applies that technology. In essence, a ‘smart legal contract’ is a combination of the ‘smart contract code’ and traditional legal language.

'The LawTech panel recently decided that (...) smart contracts could still be legally binding provided that they include the typical elements of a contract.’ (https://juro.com/learn/smart-contracts, consulted on the 2nd of July 2022). Like you mention, ‘functionally, ‘smart contracts’ may or may not map onto the legal concept of contract, as a ‘smart contract’ can be a unilaterally programmed set of instructions aimed at the automation of a workflow underpinned by data held on a DLT’.

Therefore, the correct conceptual distinction would be between ʻsmart contract code’ and ʻsmart legal contract’. In the paper, we tried to focus on the smart legal contract, and discuss its compatibility with public procurement contracts. Through the conceptual distinction, we actually wanted to point out the fact that it would be difficult to imagine a smart legal contract (legally binding) exclusively in the award phase. On the other hand, concerning the ʻsmart contract code’ we agree that it could be applicable to both the award and the execution phase, although the terminology remains debatable.

2) The question of where to integrate smart contracts

We state that ʻThe best option for integrating smart contracts into the procurement procedures may be the already existing digital infrastructure, therefore on the electronic procurement platforms of the member states. We believe this would be an optimal solution, as smart contracts should enhance the current electronic procurement framework and add value to it, thus leveraging the existing system and not replacing it’ (p. 103).

Of course, we do not believe that the current system works on blockchain (in the paper we explore why this would be a difficult task), but we did discuss the integration of emerging technologies in the existing context of e-procurement tools. However, this would be an integration among the e-procurement tools, not on top of the existing tools, as adequate infrastructure would be needed.

Actually we mean exactly what you pointed out in your conclusions, so we are in agreement here: some aspects of the procedure could be automated, yet the rest of the procedure could function based on the rules already in place. By the idea of not replacing the e-procurement system, we mean automatizing some punctual aspects, but not replacing the entire system.

3) The ESPD

The idea was that smart contracts could automatically check certain documents, such as the ones referenced in the ESPD.

In our text, we only discuss the idea of a verification, we do not describe in detail how this should be performed and we do not state that the DLT should capture on its own ʻthe information required to assess the multiplicity of exclusion grounds regulated under EU law’. Of course, these documents would need to be uploaded to the DLT and the uploaded documents would have a digital form. By ‘original document’ we refer to the document per se, the reference document and not the simple declaration from the ESPD.

An analogy of this idea could be made with the Canadian ‘Supplier information registration system, which facilitates the registration of supplier information on blockchain to validate it against different records and to validate it in an automated way’ (NTT Data Presentation at EPLD Meeting, May 2022).

4) The Colombian example

We could not understand your critique here. The referenced example described a system for selecting economic operators in public procurement (for more information: https://www.weforum.org/reports/exploring-blockchain-technology-for-government-transparency-to-reduce-corruption/), which we believe is comparable with a regular e-procurement portal.

5) Conclusions

Through our analysis, we intended to raise the following question: would automating some aspects of the public procurement procedure through “smart contracts” ensure the same characteristics and guarantees as the ones offered by an e-public procurement system of an EU member state? In that case, what is the added value of “smart contracts” in public procurement? It is a research question that we will try to focus on in the future, we merely pose it here.

This paper is an exploratory and incipient one. For the moment, our goal was to raise some questions and to explore some potential paths. Apart from theoretical “what ifs”, it is hard to find specificities of assertions that new digital technologies will definitely have numerous and game-changing applications in the procurement process, as long as the procurement process is still managed unilaterally by public bodies and entertains a public law regime.

The intention is to challenge a rather theoretical assumption on the role of digital technologies in public procurement and subsequently trying to find real, practical examples or applications, if any.

In no circumstance did we state that we are formulating policy recommendations, this was misunderstood. Only after extensive research conclusions may lead to policy recommendations but we are still far from that moment.

However, we believe that in order to actually draw some conclusions on the use of such technologies in public procurement, scholars should delve in more depth into the topic, by critically assessing the current literature in the field and trying to have an interdisciplinary (legal, technological and managerial) look at the topic. As of now, the literature is too theoretical.

In other words, in our opinion, the exclusive tech-centered approach that you suggest would be equally harmful as an exclusively legal one.

Thank you for this chance of a constructive dialogue, we are looking forward to future exchange on the topic.

Flexibility, discretion and corruption in procurement: an unavoidable trade-off undermining digital oversight?

Magic; Stage Illusions and Scientific Diversions, Including Trick Photography (1897), written by Albert Allis Hopkins and Henry Ridgely Evan.

As the dust settles in the process of reform of UK public procurement rules, and while we await for draft legislation to be published (some time this year?), there is now a chance to further reflect on the likely effects of the deregulatory, flexibility- and discretion-based approach to be embedded in the new UK procurement system.

An issue that may not have been sufficiently highlighted, but which should be of concern, is the way in which increased flexibility and discretion will unavoidably carry higher corruption risks and reduce the effectiveness of potential anti-corruption tools, in particular those based on the implementation of digital technologies for procurement oversight [see A Sanchez-Graells, ‘Procurement Corruption and Artificial Intelligence: Between the Potential of Enabling Data Architectures and the Constraints of Due Process Requirements’ in S Williams-Elegbe & J Tillipman (eds), Routledge Handbook of Public Procurement Corruption (Routledge, forthcoming)].

This is an inescapable issue, for there is an unavoidable trade-off between flexibility, discretion and corruption (in procurement, and more generally). And this does not bode well for the future of UK procurement integrity if the experience during the pandemic is a good predictor.

The trade-off between flexibility, discretion and corruption underpins many features of procurement regulation, such as the traditional distrust of procedures involving negotiations or direct awards, which may however stifle procurement innovation and limit value for money [see eg F Decarolis et al, ‘Rules, Discretion, and Corruption in Procurement: Evidence from Italian Government Contracting’ (2021) NBER Working Paper 28209].

The trade-off also underpins many of the anti-corruption tools (eg red flags) that use discretionary elements in procurement practice as a potential proxy for corruption risk [see eg M Fazekas, L Cingolani and B Tóth, ‘Innovations in Objectively Measuring Corruption in Public Procurement’ in H K Anheier, M Haber and M A Kayser (eds) Governance Indicators: Approaches, Progress, Promise (OUP 2018) 154-180; or M Fazekas, S Nishchal and T Søreide, ‘Public procurement under and after emergencies’ in O Bandiera, E Bosio and G Spagnolo (eds), Procurement in Focus – Rules, Discretion, and Emergencies (CEPR Press 2022) 33-42].

Moreover, economists and political scientists have clearly stressed that one way of trying to strike an adequate balance between the exercise of discretion and corruption risks, without disproportionately deterring the exercise of judgement or fostering laziness or incompetence in procurement administration, is to increase oversight and monitoring, especially through auditing mechanisms based on open data (see eg Procurement in a crisis: how to mitigate the risk of corruption, collusion, abuse and incompetence).

The difficulty here is that the trade-off is inescapable and the more dimensions on which there is flexibility and discretion in a procurement system, the more difficult it will be to establish a ‘normalcy benchmark’ or ‘integrity benchmark’ from which deviations can trigger close inspection. Taking into account that there is a clear trend towards seeking to automate integrity checks on the basis of big data and machine learning techniques, this is a particularly crucial issue. In my view, there are two main sources of difficulties and limitations.

First, that discretion is impossible to code for [see S Bratus and A Shubina, Computerization, Discretion, Freedom (2015)]. This both means that discretionary decisions cannot be automated, and that it is impossible to embed compliance mechanisms (eg through the definition of clear pathways based on business process modelling within an e-procurement system, or even in blockchain and smart contract approaches: Neural blockchain technology for a new anticorruption token: towards a novel governance model) where there is the possibility of a ‘discretion override’.

The more points along the procurement process where discretion can be exercised (eg choice of procedure, design of procedure, award criteria including weakening of link to subject matter of the contract and inclusion of non(easily)measurable criteria eg on social value, displacement of advantage analysis beyond sphere of influence of contracting authority, etc) the more this difficulty matters.

Second, the more deviations there are between the new rulebook and the older one, the lower the value of existing (big) data (if any is available or useable) and of any indicators of corruption risk, as the regulatory confines of the exercise of discretion will not only have shifted, but perhaps even lead to a displacement of corruption-related exercise of discretion. For example, focusing on the choice of procedure, data on the extent to which direct awards could be a proxy for corruption may be useless in a new context where that type of corruption can morph into ‘custom-made’ design of a competitive flexible procedure—which will be both much more difficult to spot, analyse and prove.

Moreover, given the inherent fluidity of that procedure (even if there is to be a template, which is however not meant to be uncritically implemented), it will take time to build up enough data to be able to single out specific characteristics of the procedure (eg carrying out negotiations with different bidders in different ways, such as sequentially or in parallel, with or without time limits, the inclusion of any specific award criterion, etc) that can be indicative of corruption risk reliably. And that intelligence may not be forthcoming if, as feared, the level of complexity that comes with the exercise of discretion deters most contracting authorities from exercising it, which would mean that only a small number of complex procedures would be carried out every year, potentially hindering the accumulation of data capable of supporting big data analysis (or even meaningful econometrical treatment).

Overall, then, the issue I would highlight again is that there is an unavoidable trade-off between increasing flexibility and discretion, and corruption risk. And this trade-off will jeopardise automation and data-based approaches to procurement monitoring and oversight. This will be particularly relevant in the context of the design and implementation of the tools at the disposal of the proposed Procurement Review Unit (PRU). The Response to the public consultation on the Transforming Public Procurement green paper emphasised that

‘… the PRU’s main focus will be on addressing systemic or institutional breaches of the procurement regulations (i.e. breaches common across contracting authorities or regularly being made by a particular contracting authority). To deliver this service, it will primarily act on the basis of referrals from other government departments or data available from the new digital platform and will have the power to make formal recommendations aimed at addressing these unlawful breaches’ (para [48]).

Given the issues raised above, and in particular the difficulty or impossibility of automating the analysis of such data, as well as the limited indicative value and/or difficulty of creating reliable red flags in a context of heightened flexibility and discretion, quite how effective this will be is difficult to tell.

Moreover, given the floating uncertainty on what will be identified as suspicious of corruption (or legal infringement), it is also possible that the PRU (initially) operates on the basis of indicators or thresholds arbitrarily determined (much like the European Commission has traditionally arbitrarily set thresholds to consider procurement practices problematic under the Single Market Scorecard; see eg here). This could have a signalling effect that could influence decision-making at contracting authority level (eg to avoid triggering those red flags) in a way that pre-empts, limits or distorts the exercise of discretion—or that further displaces corruption-related exercise of discretion to areas not caught by the arbitrary indicators or thresholds, thus making it more difficult to detect.

Therefore, these issues can be particularly relevant in establishing both whether the balance between discretion and corruption risk is right under the new rulebook’s regulatory architecture and approach, as well as whether there are non-statutory determinants of the (lack of) exercise of discretion, other than the complexity and potential litigation and challenge risk already stressed in earlier analysis and reflections on the green paper.

Another ‘interesting’ area of development of UK procurement law and practice post-Brexit when/if it materialises.

Recording of webinar on 'Digitalization and AI decision-making in administrative law proceedings'

The Centre for Global Law and Innovation of the University of Bristol Law School and the Faculty of Law at Universidade Católica Portuguesa co-organised an online workshop to discuss emerging issues in digitalization and AI decision-making in administrative law proceedings. I had the great pleasure of chairing it and I think quite a few important issues for further discussion and research were identified. The speakers kindly agreed to share a recording of the session (available here), of which details follow:

Digitalization and AI decision-making in administrative law proceedings

This is a hot area of legal and policy development that has seen an acceleration in the context of the covid-19 pandemic. Emerging research finds points of friction in the simple transposition of administrative law and existing procedures to the AI context, as well as challenges and shortcomings in the judicial review of decisions supported (or delegated) to an AI.

While more and more attention is paid to the use of AI by the public sector, key regulatory proposals such as the European Commission’s Proposal for an Artificial Intelligence Act would largely leave this area to (self)regulation via codes of practice, with the exception of public assistance benefits and services. Self-regulation is also largely the approach taken by the UK in its Guide to using artificial intelligence in the public sector, and the UK courts seem reluctant to engage with the technology underpinning automated decision-making. It is thus arguable that a regulatory gap is increasingly visible and that new solutions and regulatory approaches are required.

The panellists in this workshop covered a range of topics concerning transparency, data protection, automation of decision-making, and judicial review. The panel included (in order of participation):

• Dr Marta Vaz Canavarro Portocarrero de Carvalho, Assistant Professor at the Faculty of Law of Universidade Católica Portuguesa, specialising in administrative law, and member of the Centro de Arbitragem Administrativa (Portuguese Administrative Law Arbitration Centre).

• Dr Filipa Calvão, President of the Comissão Nacional de Proteção de Dados (Portuguese Data Protection Authority) since 2012, and Associate Professor at the Faculty of Law of Universidade Católica Portuguesa.

• Dr Pedro Cerqueira Gomes, Assistant Professor at Universidade Católica Portuguesa and Lawyer at Cerqueira Gomes & Associados, RL, specialising in administrative law and public procurement, and author of EU Public Procurement and Innovation - the innovation partnership procedure and harmonization challenges (Edward Elgar 2021).

• Mr Kit Fotheringham, Teaching Associate and postgraduate research student at the University of Bristol Law School. His doctoral thesis is on administrative law, specifically relating to the use of algorithms, machine learning and other artificial intelligence technologies by public bodies in automated decision-making procedures.

Is the ESPD the enemy of procurement automation in the EU (quick thoughts)

I have started to watch the three-session series on Intelligent Automation in US Federal Procurement hosted by the GW Law Government Procurement Law Program over the last few weeks (worth watching!), as part of my research for a paper on AI and corruption in procurement. The first session in the series focuses in large part on the intelligent automation of information gathering for the purposes of what in the EU context are the processes of exclusion and qualitative selection of economic providers. And this got me thinking about how it would (or not) be possible to replicate some of the projects in an EU jurisdiction (or even at EU-wide level).

And, once again, the issue of the lack of data on which to train algorithms, as well as the lack of representative/comprehensive databases from which to automatically extract information came up. But somehow it seems like the ESPD and the underlying regulatory approach may be making things more difficult.

In the EU, automating mandatory exclusion (not necessarily to have AI adopt decisions, but to have it prepare reports capable of supporting independent decision-making by contracting authorities) would primarily be a matter of checking against databases of prior criminal convictions, which is not only difficult to do due to the absence of structured databases themselves, but also due to the diversity of legal regimes and the languages involved, as well as the pervasive problem of beneficial ownership and (dis)continuity in corporate personality.

Similarly, for discretionary exclusion, automation would primarily be based on retrieving information concerning grounds not easily or routinely captured in existing databases (eg conflicts of interest), as well as limited by increasingly constraining CJEU case law demanding case-by-case assessments by the contracting authority in ways that diminish the advantages of automating eg red flags based on decisions taken by a different contracting authority (or centralised authority).

Finally, automating qualitative selection would be almost impossible, as it is currently mostly based on the self-certification implicit in the ESPD. Here, the 2014 Public Procurement Directives tried to achieve administrative simplification not through the once only principle (which would be useful in creating databases supporting automatisation of some parts of the project, but on which a 2017 project does not seem to have provided many advances), but rather through the ‘tell us only if successful’ (or suspected) principle. This naturally diminishes the amount of information the public buyer (and the broader public sector) holds, with repeat tenderers being completely invisible for the purposes of automation so long as they are not awarded contracts.

All of this leads me to think that there is a big blind spot in the current EU approach to open procurement data as the solution/enabler of automatisation in the context of EU public procurement practice. In fact, most of the crucial (back office) functions — and especially those relating to probity and quality screenings relating to tenderers — will not be susceptible of automation until (or rather unless) different databases are created and advanced mechanisms of interconnection of national databases are created at EU level. And creating those databases will be difficult (or simply not happen in practice) for as long as the ESPD is in place, unless a parallel system of registration (based on the once only principle) is developed for the purposes of registering onto and using eProcurement platforms (which seems to also raise some issues).

So, all in all, it would seem that more than ever we need to concentrate on the baby step of creating a suitable data architecture if we want to reap the benefits of AI (and robotic process automation in particular) any time soon. As other jurisdictions are starting to move (or crawl, to keep with the metaphor), we should not be wasting our time.

Where does the proposed EU AI Act place procurement?

Thinking about some of the issues raised in the earlier post ‘Can the robot procure for you?,’ I have now taken a close look at the European Commission’s Proposal for an Artificial Intelligence Act (AIA) to see how it approaches the use of AI in procurement procedures. It may (not) come as a surprise that the AI Act takes an extremely light-touch approach to the regulation of AI uses in procurement and simply subjects them to (yet to be developed) voluntary codes of conduct. I will detail my analysis of why this is the case in this post, as well as some reasons why I do not find it satisfactory.

Before getting to the details, it is worth stressing that this is reflective of a broader feature of the AIA: its heavy private sector orientation. When it comes to AI uses by the public sector, other than prohibiting some massive surveillance by the State (both for law enforcement and to generate a system of social scoring) and classifying as high-risk the most obvious AI uses by the law enforcement and judicial authorities (all of which are important, of course), the AIA remains silent on the use of AI in most administrative procedures, with the only exception of those concerning social benefits.

This approach could be generally justified by the limits to EU competence and, in particular, those derived from the principle of administrative self-organisation of the Member States. However, given the very broad approach taken by the Commission on the interpretation and use of Article 114 TFEU (which is the legal basis for the AIA, more below), this is not entirely consistent. It could rather be that the specific uses of AI by the public sector covered in the proposal reflect the increasingly well-known problematic uses of (biased) AI solutions in narrow aspects of public sector activity, rather than a broader reflection on the (still unknown, or still unimplemented) uses that could be problematic.

While the AIA is ‘future-proofed’ by including criteria for the inclusion of further use cases in its ‘high-risk’ category (which determines the bulk of compliance obligations), it is difficult to see how those criteria are suited to a significant expansion of the regulatory constraints to AI uses by the public sector, including in procurement. Therefore, as a broader point, I submit that the proposed AIA needs some revision to make it more suited to the potential deployment of AI by the public sector. To reflect on that, I am co-organising a webinar on ’Digitalization and AI decision-making in administrative law proceedings’, which will take place on 15 Nov 2021, 1pm UK (save the date, registration and more details here). All welcome.

Background on the AIA

Summarising the AIA is both difficult and has already been done (see eg this quick explainer of the Centre for Data Innovation, and for an accessible overview of the rationale and regulatory architecture of the AIA, this master class by Prof Christiane Wendehorst). So, I will just highlight here a few issues linked to the analysis of procurement’s position within its regulatory framework.

The AIA seeks to establish a proportionate approach to the regulation of AI deployment and use. While its primary concern is with the consolidation of the EU Single Digital Market and the avoidance of regulatory barriers to the circulation of AI solutions, its preamble also points to the need to ensure the effectiveness of EU values and, crucially, the fundamental rights in the Charter of Fundamental Rights of the EU.

Importantly for the purposes of our discussion, recital (28) AIA stresses that ‘The extent of the adverse impact caused by the AI system on the fundamental rights protected by the Charter is of particular relevance when classifying an AI system as high-risk. Those rights include ... right to an effective remedy and to a fair trial [Art 47 Charter] … [and] right to good administration {Art 41 Charter]’.

The AIA seeks to create such a proportionate approach to the regulation of AI by establishing four categories of AI uses: prohibited, high-risk, limited risk requiring transparency measures, and minimal risk. The two categories that carry regulatory constraints or compliance obligations are those concerning high-risk (Arts 8-15 AIA), and limited risk requiring transparency measures (Art 52 AIA, which also applies to some high-risk AI). Minimal risk AI uses are left unregulated, although the AIA (Art 69) seeks to promote the development of codes of conduct intended to foster voluntary compliance with the requirements applicable to high-risk AI systems.

Procurement within the AIA

Procurement AI practices could not be classified as prohibited uses (Art 5 AIA), except in the difficult to imagine circumstances in which they deployed subliminal techniques. It is also difficult to see how they could fall under the regime applicable to uses requiring special transparency (Art 52) because it only applies to AI systems intended to interact with natural persons, which must be ‘designed and developed in such a way that natural persons are informed that they are interacting with an AI system, unless this is obvious from the circumstances and the context of use.’ It would not be difficult for public buyers using external-facing AI solutions (eg chatbots seeking to guide tenderers through their e-submissions) to make it clear that the tenderers are interacting with an AI solution. And, even if not, the transparency obligations are rather minimal.

So, the crux of the issue rests on whether procurement-related AI uses could be classified as high-risk. This is regulated in Art 6 AIA, which cross-refers to Annex III AIA. The Annex contains a numerus clausus of high-risk AI uses, which is however susceptible of amendment under the conditions specified in Art 7 AIA. Art 6/Annex III do not contain any procurement-related AI uses. The only type of AI use linked to administrative procedures concerns ‘AI systems intended to be used by public authorities or on behalf of public authorities to evaluate the eligibility of natural persons for public assistance benefits and services, as well as to grant, reduce, revoke, or reclaim such benefits and services’ (Annex III(5)(a) AIA).

Clearly, then, procurement-related AI uses are currently left to the default category of those with minimal risk and, thus, subjected only to voluntary self-regulation via codes of conduct.

Could this change in the future?

Art 7 AIA establishes the following two cumulative criteria: (a) the AI systems are intended to be used in any of the areas listed in points 1 to 8 of Annex III; and (b) the AI systems pose a risk of harm to the health and safety, or a risk of adverse impact on fundamental rights, that is, in respect of its severity and probability of occurrence, equivalent to or greater than the risk of harm or of adverse impact posed by the high-risk AI systems already referred to in Annex III.

The first hurdle in getting procurement-related AI uses included in Annex III in the future is formal and concerns the interpretation of the categories listed therein. There are only two potential options: nesting them under uses related to ‘Access to and enjoyment of essential private services and public services and benefits’, or uses related to ‘Administration of justice and democratic processes’. It could (theoretically) be possible to squeeze them in one of them (perhaps the latter easier than the former), but this is by no means straightforward and, given the existing AI uses in each of the two categories, I would personally be disinclined to engage in such broad interpretation.

Even if that hurdle was cleared, the second hurdle is also challenging. Art 7(2) AIA establishes the criteria to assess that an AI use poses a sufficient ‘risk of adverse impact on fundamental rights’. Of those criteria, there are three that in my view would make it very difficult to classify procurement-related AI uses as high-risk. Those criteria require the European Commission to consider:

(c) the extent to which the use of an AI system has already caused … adverse impact on the fundamental rights or has given rise to significant concerns in relation to the materialisation of such … adverse impact, as demonstrated by reports or documented allegations submitted to national competent authorities;

(d) the potential extent of such harm or such adverse impact, in particular in terms of its intensity and its ability to affect a plurality of persons;

(e) the extent to which potentially harmed or adversely impacted persons are dependent on the outcome produced with an AI system, in particular because for practical or legal reasons it is not reasonably possible to opt-out from that outcome;

(g) the extent to which the outcome produced with an AI system is easily reversible …;

Meeting these criteria would require for the relevant AI systems to basically be making independent or fully automated decisions (eg on award of contract, or exclusion of tenderers), so that their decisions would be seen to affect the effectiveness of Art 41 and 47 Charter rights; as well as a (practical) understanding that those decisions cannot be easily reversed. Otherwise, the regulatory threshold is so high that most likely procurement-related AI uses (screening, recommender systems, support to human decision-making (eg automated evaluation of tenders), etc) are unlikely to be considered to pose a sufficient ‘risk of adverse impact on fundamental rights’.

Could Member States go further?

As mentioned above, one of the potential explanations for the almost absolute silence on the use of AI in administrative procedures in the AIA could be that the Commission considers that this aspect of AI regulation belongs to each of the Member States. If that was true, then Member States could further than the code of conduct self-regulatory approach resulting from the AIA regulatory architecture. An easy approach would be to eg legally mandate compliance with the AIA obligations for high-risk AI systems.

However, given the internal market justification of the AIA, to be honest, I have my doubts that such a regulatory intervention would withstand challenges on the basis of general EU internal market law.

The thrust of the AIA competential justification (under Art 114 TFEU, see point 2.1 of the Explanatory memorandum) is that

The primary objective of this proposal is to ensure the proper functioning of the internal market by setting harmonised rules in particular on the development, placing on the Union market and the use of products and services making use of AI technologies or provided as stand-alone AI systems. Some Member States are already considering national rules to ensure that AI is safe and is developed and used in compliance with fundamental rights obligations. This will likely lead to two main problems: i) a fragmentation of the internal market on essential elements regarding in particular the requirements for the AI products and services, their marketing, their use, the liability and the supervision by public authorities, and ii) the substantial diminishment of legal certainty for both providers and users of AI systems on how existing and new rules will apply to those systems in the Union.

All of those issues would arise if each Member State adopted its own rules constraining the use of AI for administrative procedures not covered by the AIA (either related to procurement or not), so the challenge to that decentralised approach on grounds of internal market law by eg providers of procurement-related AI solutions capable of deployment in all Member States but burdened with uneven regulatory requirements seems quite straightforward (if controversial), especially given the high level of homogeneity in public procurement regulation resulting from the 2014 Public Procurement Package. Not to mention the possibility of challenging those domestic obligation on grounds that they go further than the AIA in breach of Art 16 Charter (freedom to conduct a business), even if this could face some issues resulting from the interpretation of Art 51 thereof.

Repositioning procurement (and other aspects of administrative law) in the AIA

In my view, there is a case to be made for the repositioning of procurement-related AI uses within the AIA, and its logic can apply to other areas of administrative law/activity with similar market effects.

The key issue is that the development of AI solutions to support decision-making in the public sector not only concerns the rights of those directly involved or affected by those decisions, but also society at large. In the case of procurement, eg the development of biased procurement evaluation or procurement recommender systems can have negative social effects via its effects on the market (eg on value for money, to mention the most obvious) that are difficult to identify in single tender procurement decisions.

Moreover, it seems that the public administration is well-placed to comply with the requirements of the AIA for high-risk AI systems as a matter of routine procedure, and the arguments on the need to take a proportionate approach to the regulation of AI so as not to stifle innovation lose steam and barely have any punch when it comes to imposing them on the public sector user. Further, to a large extent, the AIA requirements seem to me mostly aligned with the requirements for running a proper (and challenge proof) eProcurement system, and they would also facilitate compliance with duties of good administration when specific decisions are challenged.

Therefore, on balance, I see no good reason not to expand the list in Annex III AIA to include the use of AI systems in all administrative procedures, and in particular in public procurement and in other regulatory sectors where ex post interventions to correct market distortions resulting from biased AI implementations can simply be practically impossible. I submit that this should be done before its adoption.