Exploring the implications of the digitalisation of government
To achieve successful digitalisation of government, legal and regulatory frameworks must exist alongside institutions with autonomy and capacity, as well as a culture of data protection in both private and public organisations says Beatriz Kira.
As digitalisation becomes a priority for governments across the world, Beatriz Kira explores the legal, regulatory and privacy implications of this process with João Pedro Caleiro
For many people, digital government means merely transferring services and processes from analogue to digital. But it can also mean much more. How has this concept evolved over time and what does its evolution mean for public policy?
Governments are under increasing pressure to deliver more effective services from limited resources, and a key aspect of digital government is indeed to intensify the use of digital technologies to improve bureaucracies’ productivity and service delivery. In the more ‘traditional’ sense, yes, digital government refers to the digitalisation of analogue procedures, such as creating an online form to replace a paper-based document. But digital government can also be understood as a government-led process of digital transformation, which describes efforts to redesign full stack policies, processes, and services to enable people and institutions to harness the benefits of digitalisation.
In this sense, digital government comprises the use of digital technologies to support policy outcomes and digitalise bureaucracies. It can involve drawing on various types of big data sources, for example, and thinking about digital interactions and representation of different groups in the policymaking process. Hence, understanding ‘digital government’ necessarily requires investigating the governance of digital technologies, and this is part of the research agenda that I am developing within the Lemann Foundation Programme.
You were one of the people responsible for putting together the Oxford COVID-19 Government Response Tracker (OxCGRT), which has monitored government policies to fight the pandemic all over the world. But your main area of research is digital government and competition law. In what ways are these two topics linked, and what do you see as the specific challenges of digital government in large, unequal, developing countries, like Brazil?
The two topics are linked—and one way that this is the case is that both the pandemic and digital government risk exacerbating inequality.
The Brazilian arm of the OxCGRT decided early on to study all three levels of government in Brazil, allowing us to complement the policy data our volunteers collect with detailed surveys of how people have experienced the pandemic on the ground. Putting these together we have a lot of high-quality data to analyse, from which to draw policy lessons for Brazil and beyond—this is rich information for the Lemann Foundation Programme to use. Our surveys show that the pandemic has exacerbated inequality in Brazil, with poorer people shouldering the larger economic consequences and facing a higher risk of getting sick. The post-pandemic recovery could be an opportunity to make progress towards addressing Brazil’s structural inequalities and drive digital transformation in an inclusive and sustainable way.
To answer your second question, there is the challenge for large, unequal countries of ensuring affordable internet is available to everyone. For example, the OxCGRT surveys in Brazil also show that the poorest children studied least during the pandemic, and probably without the most appropriate material and tools for their level of education. There are also human capital challenges, such as providing basic digital literacy and digital skills, not only for end users, but also for civil servants and those who will be part of an e-bureaucracy. And as governments increasingly rely on data and data insights, the correct regulatory frameworks need to be in place to protect citizens’ information and to make sure that systems are secure against cyber threats. Those are all important challenges—for Brazil and beyond.
Data collection and privacy protection are key themes in digital regulation, and Brazil has recently approved a General Bill of Data Protection. Its success, however, depends on how it is implemented and regulated. How can we make this regulation work in the public interest?
What makes Brazil unusual globally is that Brazilians are early adopters of technologies and the country has been a pioneer in passing internet legislation, such as the Internet Bill of Rights (Marco Civil da Internet) in 2014. As you mentioned, Brazil approved a comprehensive data protection law (Lei Geral de Proteção de Dados – LGPD) in 2018, inspired in many ways by the European Data Protection Regulation – a global ‘gold standard’. Yet, challenges for implementation remain. In early 2021, for example, Brazil suffered one of the largest data breaches in world history, encompassing 223 million personal records (more than Brazil’s entire population!) and exposing valuable information, from taxpayer registration numbers to credit rating assessments.
The key for a successful data governance framework is not only having the legal and regulatory framework, but also institutions with autonomy and capacity, as well as a culture of data protection in both private and public organisations. The creation of the National Data Protection Authority (ANDP) was an important first step, as this will be the main agency responsible for enforcing the law. However, questions remain about its autonomy (since its directly linked to the President’s office), its ability to attract and retain people with technical expertise, and about how it will coordinate with other organisations with overlapping mandates, such as the competition authority and the central bank.
There are cultural challenges, too. The effective enforcement of the data protection regulation requires having a clear understanding of its public purpose, and the rules shouldn’t be considered ‘red tape’ or an obstacle for doing business.
Competition law in digital government is an emerging area of study, and a theme less explored in the Global South. How can developing countries, where the big internet companies are not based, effectively regulate their activities?
This is another area of my research. A key challenge in the governance of digital technologies is that digital is fast by nature, but laws and regulations are not and often can’t keep up with technological progress. My work has focused on the extent to which existing legal tools are able to promote competition in digital markets effectively and supervise the economic power of technology companies.
It is unquestionable that technology companies provide important services, but governments and academics around the world have been worried with the increasing market concentration in the technology sector in recent years. Facebook, Google and Amazon, and others are now some of the most valuable and powerful companies in the world, and there are concerns that the structure and operations of these platforms give rise to a novel set of harms to consumers and to society, which existing legal mechanisms are unable to address. For example, Facebook’s acquisition of WhatsApp led to concerns related to data sharing and data protection, and yet was not reviewed by most competition authorities.
My PhD research involved a qualitative analysis of cases decided by CADE (Brazil’s competition authority), and I identified areas where enforcement of the law could be improved to more effectively address the risks posed by increasing concentration in digital markets. In other words, I investigated how the lenses employed by the competition authority to review these markets can be adjusted to more clearly see emerging problems.
Of course, there is a strong international dimension, as well. Most of the largest technology companies are based either in the US or in China, and many of the solutions that are often proposed by regulators and policymakers to make digital markets more competitive require international cooperation, for example, adopting shared standards to increase platform interoperability. There are arguments to support greater regulatory coherence, not only to reduce the costs for business, but also because any solutions adopted by the world’s leading economies will have ripple effects in other jurisdictions.
Several jurisdictions have initiated similar investigations into the business models of large tech companies, such as the Google Shopping case, and the arguments developed by competition authorities in major powers with regards to ‘big tech’ – notably those of the EU – are influencing the decisions and practices of competition authorities elsewhere. However, there are also legitimate concerns as to how global solutions would be crafted, where the relevant decision-making centres would be located, who would be the hegemonic actors leading the debate, and how multiple levels or norms would interact, among others.