The nature of data use in modern technology could require anticipatory regulation, but its principles have ramifications for international regulatory cooperation. Lawrence Kay, ODI Senior Policy Advisor, discusses.
In our post on regulation and combinatorial innovation, we described the difficulties that domestic policymakers face in regulating the use of data in modern technology. But there are also difficulties when considering how to create a better environment for trusted data flows in global trade through international regulatory cooperation.
Here, we outline arguments that have been made for anticipatory regulation, and hence the principles that regulators may need to consider when coordinating with their peers abroad.
The ‘Collingridge dilemma’ highlights that efforts by policymakers to affect the development of technology suffer from a ‘double-bind’ problem: it’s difficult to predict the effects of a technological change until it has become widely adopted; but that once a technology has become entrenched in business and social practices, changing its effects will have become hard.
David Collingridge, an academic at the University of Aston in the 1980s, suggested some ideas for regulators dealing with these problems, such as trying to keep as many options open for as long as possible; enhancing controllability; managing the entrenchment of technology; and widening the range and flexibility of solutions.
Trusted data flows and international regulatory cooperation
In recent years organisations such as Nesta, the Wellcome Trust, and Doteveryone have attempted to define how such ideas might be implemented. We summarise their ideas here as a way to start listing the approaches that might help international regulatory cooperation for trusted data flows in trade.
Implementing anticipatory regulation
In ‘Renewing Regulation: ‘anticipatory regulation’ in an age of disruption’, Nesta argues for approaches that are:
- inclusive and collaborative, or include lots of voices and use their capabilities to play roles in the regulatory process.
- future-facing, or try to get a handle on the future path of technology development, understanding its possible effects through scenario analysis.
- proactive, open and accessible, or being approachable to affected organisations, encouraging data sharing, using challenges and other schemes to direct innovation, and using experimentation.
- iterative, or developing regulations with a learning mentality rather than a ‘solve-and-leave’ one.
- outcomes-based, or thinking about regulation in terms of working towards broad outcomes rather than setting rules.
- experimental, or using schemes that allow companies to test innovations in a small way that show some of their effects, before being expanded.
In Regulating for Responsible Technology, Doteveryone argues for a super-regulator for technology that sits above other regulators and does the following:
- Independently reviews regulators.
- Acts as a centre for expertise on digital technology.
- Elaborates the responsible technology principles.
- Tries to predict technological change.
- Undertakes research.
- Communicates with the public.
- Consults with a range of sectors.
- Establishes practice for digital services in handling complaints.
- Provides mediation in disputes, and learns from complaints.
In A blueprint for the oversight of emerging science and technologies, Wellcome call for regulation that is the following:
- Inclusive, or brings together voices from many sectors.
- Anticipatory, or not being reactive.
- Innovative, or being experimental.
- Proportionate, or balancing between the potential benefits and harms of new technology.
These suggestions can be summarised as: advising regulators to try and get ahead of problems in new technology by expecting things to change; listening to and coordinating plural views of technology that help with setting levels of risk tolerance; running schemes that allow companies with new ideas to test the boundaries of old rules; and working with a sense of balance between innovation gains, and risk, allied to a set of guiding principles rather than strict rules.
What is experimentation?
Calls for ‘experimentation’ are a consistent theme in the work listed above and the wider literature on regulating modern technology. Examples of it include the financial technology (fintech) sandbox run by the Dutch central bank. In ‘An experimental approach to regulating non-military unmanned aircraft systems’, Michiel A. Heldeweg and Haomiao Du of the University of Twente in the Netherlands, argue for experimentation that fosters ‘responsible innovation through legitimate regulation’ and discuss parameters for the experimental regulation that could facilitate it:
- ‘Temporary rules’ that mean a regulation is first tested for no more than a few months or a few years.
- Application of the new regulations to only a limited geographic area.
- Evaluation of the effects of the regulation at set points, with a view to making them permanent for a bigger population.
Heldeweg and Du believe that there are three types of experimental regulation:
- Experimentation by derogation, through licences and other means that allow some companies the freedom to not comply with existing regulations. A regulatory sandbox is an example of this.
- Experimentation by devolution, where one or multiple administrative bodies are allowed to set regulations that diverge from national rules in force elsewhere. The different approaches to regulation taken by states in the United States – such as towards driverless cars – is the classic example of this.
- Experimentation by open texture, by which broad outcomes are set and companies are allowed to self-regulate towards those outcomes while accepting monitoring and evaluation. An example of this is the UK’s Digital Competition Expert Panel recommending that big technology firms follow a code of conduct that may lessen the need for regulatory intervention.
What does this mean for International Regulatory Cooperation?
If the nature of modern combinatorial innovation means that regulators need to think of themselves as helping to test and shape modern technology – rather than set tough rules for it – this may affect how they approach IRC. Schemes for encouraging trustworthy global data flows face the prospect of doing IRC differently, compared with more established approaches used for stable technology. Approaches for doing this might include international cooperation schemes that involve lots of communication and learning; or a few countries getting together and establishing data sharing institutions between them that effect new norms, practices, and perhaps rules.
The International Council for Harmonisation of Technical Requirements for Pharmaceuticals for Human Use (ICH) is an example of how such a global approach can develop, in ways that also keep costs low for companies. The ICH was founded in 1990 to rationalise the requirements for demonstrating the safety and effectiveness of new drugs and treatments to regulators, particularly when companies are trying to enter a foreign market having developed a product in a different one.
This has led to accepted standards for drug trials across major markets; common standards for submitting information about pharmaceuticals; and expert working groups with members from across the world that discuss new research discoveries, helping regulators to prepare for new ethics and technology questions in good time. Some reports have argued that these changes have reduced the reporting burden on pharmaceutical companies while raising the efficacy of regulation.
There are also new examples from the financial sector, which has long experience of international cooperation over standards such as through the Basel Accords for banking supervision. In our blog on the Global Financial Innovation Network, we discuss how financial regulators around the world have used a cross-border sandbox to try and accommodate new technology and foster market entry, while preventing the introduction of harmful practices.
If you are interested in exploring any of the topics discussed here, please contact us to arrange a call. We offer a range of data-related consultancy and advice services, as well as established and bespoke training courses.