Expert Speak Digital Frontiers
Published on Mar 03, 2023

We must have checks and balances on our technologists and on those who govern technology, especially in the case of DPGs because of their increasingly broad public utility and dependence

Golden rules for regulating Digital Public Goods

This article is part of the series—Raisina Edit 2023


Governments the world over are grappling with how to regulate technology. As reflected in the Australian National University’s Tech Policy Atlas, tech policy, legislation, regulation, and strategy have proliferated in recent years. The increased focus by government is welcome and needed. When governments regulate technology, they shape the future of their societies. Tech regulation is not just technical, it involves fundamental questions about economic growth, security, equality, human rights, and agency. It is particularly important for governments to think carefully about the burden of responsibility they carry when regulating Digital Public Goods (DPGs). Like electricity and water, DPGs are public infrastructure upon which society increasingly depends.

< style="color: #0069a6;">Tech regulation is not just technical, it involves fundamental questions about economic growth, security, equality, human rights, and agency.

Consider two of the most pervasive DPGs: Digital Identity and Digital Payments Infrastructure. At their most basic, they are tools to prove who we are and to pay for the things we buy. But both raise complex questions of how the entire collection of information that we generate is stored and made available to governments and the private sector. Depending on the technical design of DPGs and the legal frameworks that are applicable to them, the foundational principles of democratic governance can be either reinforced or undermined, economic growth can be fostered or hindered, and human rights enhanced or impinged upon.  Our lived experiences, both online and offline, are subsequently affected by how technologists design DPGs and how governments decide to regulate them. Many, including the United Nations Secretary General, see DPGs as essential to promoting global development and attaining the Sustainable Development Goals. DPGs allow countries to leapfrog development milestones. The combined rollout of Digital Identity and Universal Payment Infrastructure is a case in point. In India, the percentage of the population with a bank account soared from 27 percent to 80 percent in just nine years (2008-2017). This supercharged a process, which, the Bank for International Settlements assessed, could have taken 47 years using traditional means.

< style="color: #0069a6;">Our lived experiences, both online and offline, are subsequently affected by how technologists design DPGs and how governments decide to regulate them.

Given this, its unsurprising that DPGs are increasingly being rolled out, especially in the Global South. Because of this proliferation, it is vital to be intentional about the technical design and regulation of DPGs from inception. Getting this right will be the difference between shaping a future world we all want to live in or, well, pick your favourite dystopian novel.

< style="color: #163449;">How do we ensure that DPGs—the foundational critical infrastructure of the 21st century—are well designed and well regulated?

As Sharad Sharma and Henri Verdier have observed, jurisdictions like the European Union rely on regulation to shape better technology, while others like India increasingly look to DPGs to build better technology. We think both are needed. The first wave of techno-utopianism in the nineties and noughties taught us that we cannot leave technology design purely to the technologists. But, likewise, history shows regulation struggles to keep pace with technology development. Well-designed technology and well-designed tech regulation is needed, especially when it comes to DPGs. With respect to the first, the Digital Public Goods Alliance, a multi-stakeholder initiative involving the United Nations Development Programme, United Nations Children’s Fund, and others, has developed a DPG Standard, a technical standard to guide design and implementation of DPGs. The standard provides for “open-source software, open data, open AI models, open standards, and open content.” When it comes to regulation of DPGs, however, little guidance exists. The assumption is that existing principles of regulatory design apply. But, too often, when tech regulation is developed, the emphasis is on “doing something” “urgently”, and foundational cornerstones of liberal democracies are absent from the resulting laws. If we are serious about shaping a positive future, we must correct this trend. This article offers three Golden Rules to ensure regulation of DPGs aligns with the public interest.

< style="color: #0069a6;">Any exercise of power authorised by law or regulation applicable to DPGs should be subject to independent appeal mechanisms whereby the person or people against whom the power is directed can seek review of the exercise of the power.
  1. Transparency: All law and regulation governing DPG should be public. When law bestows powers related to the oversight of DPGs, the government should publish data annually detailing how, how often, and against whom those powers were used.
  1. Right to Review: Any exercise of power authorised by law or regulation applicable to DPGs should be subject to independent appeal mechanisms whereby the person or people against whom the power is directed can seek review of the exercise of the power. ‘Independent’ means a body independent to the entity that exercises the power and from the government of the day, preferably judicial.
  1. Accountability: There should be independent oversight of the day-to-day exercise of any legal or regulatory powers applicable to DPGs. The independent oversight body should be adequately resourced to carry out its oversight function.

Alongside these golden rules,  Eight Tech Policy Design Principles, including proportionality, interoperability, and agility, help to give fuller context to the specifics of aspects of the policy design process. We also commend to tech policy makers the Best Practice Tech Policy Design Process. Just as we have checks and balances on our politicians, we must have checks and balances on our technologists and the technology they build.  This is especially the case for DPGs because of their increasingly broad public utility and dependence. In the digital era, considerable power is consolidated in the hands of governments, industry, and technologists. Open DPGs and effective regulation are powerful tools to hold each to account. It is up to us—all of us—to demand these tools be wielded actively in our interests.

The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.

Contributors

Johanna Weaver

Johanna Weaver

Professor Johanna Weaver is Director of the Tech Policy Design Centre at the Australian National University. The Design Centre is working to mature the tech ...

Read More +
Tanvi Nair

Tanvi Nair

Ms Tanvi Nair is a Research Fellow at the Tech Policy Design Centre at the Australian National University. The Tech Policy Design Centres mission is ...

Read More +