The Office for Responsible Technology: Empowering Regulators
Last week we published Regulating for Responsible Technology: Capacity, evidence and redress. In the first in a series of four posts, I outlined Doteveryone’s proposals for a new independent regulatory body — the Office for Responsible Technology — to empower regulators, inform the public and policymakers around digital technologies and support people to seek redress from technology-driven harms.
This post describes in greater depth the first of these three functions and explores how the Office can make the UK’s existing regulatory system more resilient, responsive and intelligent.
We see the paper as an important step in an ongoing and lively conversation around digital regulation, and throughout the post I’ve included a few tweets to give you a flavour of the many interesting discussions that have taken place since we published our proposals. To share your thoughts get in touch at @doteveryoneuk or firstname.lastname@example.org.
If the UK is to positively shape digital technologies, it’s important to move on from idea that this task can be left to a small group of “digital” regulators alone. Innovations in the Internet of Things, artificial intelligence, distributed ledger technologies and the data economy are transforming every part of society and mean all regulators must now reckon with the impacts of digital technologies on their sectors.
“The focus on providing central support to existing regulators, not creating a single regulator to handle all digital things is v important (given everything is becoming digital, it would end up being the regulator of everything)” Richard Pope
Against this backdrop, the Office for Responsible Technology will not be another “command-and-control” sectoral regulator. Instead, it will strengthen the UK’s existing regulatory system by:
- Addressing the gaps in regulation and recommending new remits and powers for regulators
- Building regulators’ digital capabilities and promote knowledge transfer with industry
- Future-proofing the regulatory system by enabling regulators to anticipate the opportunities and challenges of digital technologies.
1. Addressing the Gaps in Regulation
As digital technologies stretch and blur the boundary lines separating our sectors, they leave regulatory gaps in their wake.
Ofcom’s CEO Sharon White, for example, recently pointed out the failure to regulate content hosted on social media. But without direction from Parliament, Ofcom cannot step outside its existing remit to address this.
A National Audit Office report found regulators also vary in the legislative freedom and resources they have to flag up shortcomings in their remits, and our research interviews found some bodies are nervous about overstepping the mark when calling for new powers.
So we recommend that the Office for Responsible Technology:
leads independent reviews of regulators’ powers, resources, governance structures and remits and publishes recommendations to parliament on how they should be amended or what new bodies are required.
Initiatives such as the Better Regulation Executive and the EU Commission’s regulatory fitness and performance (REFIT) programme already exist to cut regulatory red-tape and costs to business by hunting for outdated legislation. The Office can use similar tools (such as regulatory impact assessments, market studies and ongoing consultations) in the service of a broader, socially-focused scope.
“Having been the board-level “digital guy” at two regulators in my career I heartily agree — often main issues are the framing of the limits of regulator’s powers and overlap or lack of it between regulator’s remits.” Anthony Lilley
2. Building regulators’ digital capabilities
Remits and powers are important, but without the expertise to deliver them effectively regulators risk being either toothless or heavy-handed.
But tech talent is expensive, and competing with the allure of Silicon Valleys and Roundabouts is not easy. It’s unreasonable, therefore, to expect each of the UK’s 90 regulators to have industry-standard digital expertise in-house. Even the Information Commissioner’s Office (ICO) has been criticised for lacking technical know-how.
“ One of the weak points of the ICO is the lack of technical people. The fact is they’ve had to ask me a lot of questions that a database engineer would not ask.” Christopher Wylie, speaking to the Digital Culture, Media and Sport Committee
Recent developments in ICO hiring policies and a cash-injection are starting to address this. But it took the combined force of the Cambridge Analytica scandal, a GDPR-induced workload increase and repeated public pleas from Elizabeth Denham to break the political inertia around these changes.
Across the wider regulatory system there remains a major gap between industry and regulators. To address this imbalance the Office will work alongside regulators, combining tech expertise with invaluable sectoral insights. It will build digital capabilities by:
- Providing a hub of high-level knowledge in areas such as algorithmic testing, cyber security and design patterns that carry broad relevance across regulatory sectors
- Facilitating collaboration between regulators for cross-sectoral tech issues, emulating existing programmes such as the FCA, Bank of England and Treasury’s planned joint cryptocurrency taskforce
- Promoting knowledge exchange between regulators and other stakeholders, such as secondment schemes and fellowship programmes for tech company leaders, ethicists, civil society and academia to work with regulators (and vice-versa).
“Of all our public institutions in need of remaking, the regulators are by some distance the most important. From health to education our regulators are being left for dust by the tech giants and their data practices.” Mike Bracken
3. Future-proofing the regulatory system
Strengthened remits, resources and digital capabilities lay the foundations for regulators to effectively respond to the impacts of digital technologies. But when regulating an industry that “moves fast and breaks things”, anticipating what exactly these impacts will be is equally important.
Some regulators, notably the Financial Conduct Authority and the Human Fertilisation and Embryology Authority, are already looking ahead to the opportunities and risks on their sectoral horizons.
But many are reactive, not proactive, leaving them stuck in a cycle of whack-a-mole ad hoc reactions to digital technologies. In the case of the Electoral Commission for example, their reports on the challenges they face with online political advertising are welcome. But publishing them after the results are in, when elections are already settled or Article 50 has already been invoked, is less so.
To create a cultural shift towards forward-looking regulation, we see a need for the Office of Responsible Technology to:
- Lead horizon scanning to predict digital impacts, and work with regulators to develop their own foresight teams and approaches
- Foster communities of practice around wider regulatory approaches for supporting responsible innovation, such as the FCA’s regulatory sandboxes or the tripartite agreement between Ofgem, Ombudsman Services and Citizens Advice
- Champion tools to promote the responsible design of technologies upstream and good organisational governance. These could bring together various initiatives such as the government’s Secure by Design and the Internet Research Task Force’s Human Rights by Design programmes, and our own Responsible Technology toolkit.
In the next post, I’ll explore how the Office for Responsible Technology will inform policymakers and the public about the impacts digital technologies.