Democratic accountability in the digital age

DEMOCRATIC ACCOUNTABILITY IN THE DIGITAL AGE RESEARCH BRIEF-I ANITA GURUMURTHY NANDINI CHAMI DEEPTI BHARTHUR Cover photo: Deepti Bharthur IT FOR CHANGE I 2016 FO ELBAT CONTENTS 1 SUMMARY 2 MAPPING THE FIELD 3 FRAMING THE ISSUES 4 TOWARDS A ROAD MAP IT for Change Research Brief-I 1. Summary of key issues We are witness to the emergence of a new governance paradigm, characterised by the rise of ‘governance by networks’ and ‘rule by data’. This flux is marked by a hollowing out of the state, replacement of human functions in public administration by digital technologies, and networks with private actors becoming (part of) government. The resultant crisis of governability calls for new institutional mechanisms to protect and promote democratic values, as old ones are rendered inadequate. For actors concerned with questions of rights and social justice two imperatives arise: • • To articulate and call for institutional norms, rules and practices that guarantee democratic accountability in this emerging context, and To claim the civic-public value of digital technologies so that data and the new possibilities for networking are harnessed towards a robust and vibrant grassroots democracy and citizen empowerment. This paper examines and discuss these shifts in our contemporary democratic fabric by focussing on emerging technological practices in government. It explores key concerns, and articulates the gaps in current legal-policy measures necessary to promote participatory democracy in the digital age1. 2. Digital technologies, datafication and democratic accountability – mapping the field As digital technologies become near-ubiquitous, we see an overwhelming growth in the volume of data production, proliferation in the variety of data available and an unprecedented velocity of data processing2. The nervous system of our institutions – social, political and economic – is being rewired by this pervasive phenomenon of datafication. Governance systems are no exception to these fundamental changes. The hallmark of the datafied system is that it is autonomous, and hence resists steering and norm-development. The ensuing crisis of governability brings to the fore the foundational question about how democracy can be directed in the age of the digital. 2.1 Risks and pitfalls of Big Data driven development The rise of data can be seen as the death of politics. As algorithmic correlations and patterns of the here-and-now world become the technical knowledge guiding decisions, data ceases to be the ‘source’ of knowledge. It becomes knowledge itself3. Its extension to tackling social issues that require a deeper social grasp or theory dismisses social, economic and environmental causes and antecedents of marginality. Whereas information, for instance, from real time mapping of peak hour transport demands, can help city governance, responding to structures of marginality requires much more than an efficient data system. 1 A version of this paper was written as a background note for a workshop organised by IT for Change on 14th and 15th November, 2016 at New Delhi. 2 WEF (2014), Global Information Technology Report 2014, The Rewards and Risks of Big Data, http://www3.weforum.org/docs/WEF_GlobalInformationTechnology_Report_2014.pdf 3 Kitchin, R. (2014), Big data, new epistemologies and paradigm shifts, http://bds.sagepub.com/content/1/1/2053951714528481 1 IT for Change Research Brief-I Given the socio-economic differences that play out in digital access and capabilities, the marginalised leave smaller data trails and are less vocal online 4. As a result of this, even in mature democracies Big Data tends to be exclusionary 5. Data-driven decision-making must hence be reexamined for how it is currently employed by the state and by international development actors. 2.2 Big Data for public good and citizen empowerment Although current models of Big Data tend to promote techno-managerialism and undermine the democratic content of governance, the potential for reflexivity and real time response in Big Data science also points to new horizons for development policies. This extends to many areas from the spread of diseases and food grain supply to energy consumption and more. Local experience can be made visible and legible, and hence governable, locally, with power to the people. This democratic dividend from data, however, calls for human decisions on what needs to be made visible and legible in the here-and-now. It requires that descriptions of phenomena that data allows not be treated as proxies for social understanding and collective wisdom. It necessitates a data capability at local levels that is sophisticated, which presupposes legal and institutional guarantees for citizens’ right to connectivity. It also calls for the socialisation of data through the creation of a Big Data Commons that furthers collective decision-making without undermining individual right to informational privacy6. 2.3 Private actors and non-accountability Policy and governance practices based on digital mediation have given rise to ‘governance by networks’, a post-democratic system that favours elite interests and shuts out the public 7. When expertise becomes the staple of democratic decision-making, governance must then transform into a networked activity through win-win partnerships between those with the know-how to change the world. As private entities come in to take on core governance functions, the integral process of democracy is subverted into a data economy, driven by corporate interests and opaque to citizens producing the data. The result is a blurring and obfuscation of who retains control and responsibility for outcomes of such approaches. 2.4 Algorithms and subversion of deliberative democracy Policymakers are increasingly resorting to Big Data analytics as a method for capturing citizen feedback and opinion. But passive, indirect interaction decoded from data cannot become a substitute for participatory and deliberative methods to shape government decision-making. Much of the ‘how’ and ‘what’ behind data-driven participation remains hidden in proprietary black boxes, belying the unlimited transparency promised to citizens through new governance paradigms8. 2.5 Need to strengthen ‘new governance’ for citizen rights Emerging ‘new governance’ trends (characterised by networks and rapid datafication) pose critical concerns for citizenship and people’s democratic rights. But given that digital networks can be steered to reach the ideals of participatory democracy, evolving principles for their governability 4 Gordon, C. (2015), Big data exclusions and disparate impact: investigating the exclusionary dynamics of the Big Data phenomenon, http://www.lse.ac.uk/media@lse/research/mediaWorkingPapers/MScDissertationSeries/2014/CharlyGordon-MSc-Dissertation-Series-AF.pdf 5 Tenney, M.and Sieber, R. (2016), Data-driven participation: Algorithms, Cities, Citizens and Corporate Control, http://www.cogitatiopress.com/ojs/index.php/urbanplanning/article/view/645 6 Big Data in our Hands, https://berlinergazette.de/big-data-in-our-hands/?p=20 7 http://www.twn.my/title2/resurgence/2014/287-288/cover02.htm 8 Tenney, M.and Sieber, R. (2016), Data-driven participation: Algorithms, Cities, Citizens and Corporate Control, http://www.cogitatiopress.com/ojs/index.php/urbanplanning/article/view/645 2 IT for Change Research Brief-I becomes a priority. This, inter alia, involves development of: standards and benchmarks and the legal limits to manage and steer the data economy; guarantees for representation of the plurality of experience and diversity of standpoints – especially of the marginalised – in democratic governance; and public interest data and algorithms to empower local communities for participatory democracy and collective action. 3. Datafication and governance in India – framing the issues The vision, design and implementation of e-governance in India and the shift to a ‘digital by default’ discourse in government must be examined and interrogated from a citizen rights standpoint. 3.1 E-governance and public services delivery 3.1.1 New exclusions from welfare services Digitalisation and lack of last-mile bank linkages: As the Economic Survey of 2016 has pointed out, the national level push for JAM-based cash transfers is not backed by institutional preparedness. Even though 95 per cent of India's adult population has an Aadhaar card, and mobile penetration in rural households is over 67 per cent, hardly 27 per cent of villages have access to a bank within 5 kms. Thus, getting money from the banks to the beneficiaries at the last mile remains a huge impediment in the implementation of JAM9. Errors in Aadhaar seeding: Errors in the seeding of beneficiary databases of departments with Aadhaar numbers, as part of the switch to Aadhaar-authenticated service delivery at the last mile, have led to unfair denial of benefits. A well-known example is the case of old age pensions in Rajasthan, where data entry errors have resulted in many beneficiaries being struck off the pensions list, and even transfers of pensions into wrong bank accounts10. Authentication failures at the last-mile: The fingerprint authentication technology being used in last mile service delivery has been found to be highly susceptible to errors. For example, in Andhra Pradesh, failure analysis reports for Social Security Pensions (SSP) and the National Rural Employment Guarantee Act (NREGA) show that failures due to ‘biometric mismatch’ have remained around 20 per cent - i.e. one in every five fingerprint authentication fails 11. Similarly, in Aadhaar linkages in MGNREGS in Jharkhand, a UNDP study has found that only 4 per cent of the surveyed beneficiaries reported successful fingerprint authentication at the first attempt 12. In addition to glitches in biometrics, interrupted power supply, patchy Internet connectivity, and server issues pose challenges for Aadhaar verification at the last-mile. Lack of room for local flexibility: The centralised nature of the Aadhaar data operations may not guarantee the decentralisation of discretion necessary at the last mile for responsive action on beneficiary identification and selection. For instance, more powers to the Gram Sabha/ Ward Sabha may be needed in this regard so that the dynamic nature of poverty and vulnerability can be accounted for. 9 http://www.thehindu.com/todays-paper/tp-business/dbt-jammed-by-lastmile-challenge/article8287095.ece 10 http://www.medianama.com/2016/08/223-aadhaar-rajasthan-scroll/ 11 http://www.ndtv.com/opinion/yes-aadhaar-is-a-game-changer-in-wrecking-welfare-schemes-1434424 12 http://www.frontline.in/cover-story/freedom-in-peril/article8408760.ece 3 IT for Change Research Brief-I 3.1.2 Lack of redress mechanisms for citizens There is currently no provision in the Aadhaar Act that enables beneficiaries to seek redress against unfair denial of entitlements due to hiccups in JAM roll-out or authentication failure at the last mile. There is only a weak sub-section, Clause 23(2)(s), that permits the UIDAI to set up grievance redress mechanisms at the block level to address these issues, if it deems fit. 3.1.3 Privacy and Aadhaar While the Aadhaar Act restricts access to the identity information and authentication records stored on the UIDAI database for protecting confidentiality of individuals, it sidesteps privacy rights 13. In fact, owing to two broad exceptions, the provision for restricted access is significantly diluted14. • • Exception 1: District judges can pass orders that authorise state agencies’ access to Aadhaar data without any disclosure or discussion with the citizen affected, and without any avenue for appeal. Exception 2: In the interest of ‘national security’, any Joint Secretary authorised by the government can direct disclosure of information. The only review mechanism instituted for such orders is the constitution of a committee comprising of the Cabinet Secretary and the Secretaries to the Government of India in the Department of Legal Affairs and the Department of Electronics and Information Technology. There is no independent oversight mechanism for reviewing the disclosure orders issued by the executive. These gaps are worrisome in the post-Snowden era, especially in India, where the national security establishment has adopted mass surveillance programs like the Centralised Monitoring System with almost no safeguards in place to prevent abuse of power. Further, in May 2016, following the enactment of the Aadhaar Act, the Secretary of the Department of Electronics and Information Technology announced a plan to create a convergent database of beneficiaries for Aadhaar-enabled service delivery, positioning this as the foundation for an efficient welfare regime in the country15. The Secretary also shared that the government is contemplating the handing over of powers of updation of this database to CEOs of janpad (block level administration) in rural areas, and to the Chief Municipal Officer in urban areas. Against this backdrop, plans for creating a centralised, convergent service delivery database are likely to compromise individual privacy, giving the state immense powers to track citizens. 3.2 Data ownership and control 3.2.1 Lack of a data commons roadmap Local democracy in the digital age requires locally available data for planning, budgeting and community monitoring. Such a public data commons, owned and managed by local communities and allowing for disruptive citizenship opportunities, especially for the hitherto marginalised, needs to be grounded in a strong legal-policy framework. While the rhetoric in the Digital India documents underlines the importance of decentralised planning, it does not spell out the necessary institutional arrangements to promote ‘local data for local democracy’. As demonstrated by the ‘information utilities’ proposal that was widely disseminated in the early days of Aadhaar, the state has been more than willing to collect citizen-data, hand it over to private parties and pay them to 13 http://www.caravanmagazine.in/vantage/aadhaar-bill-another-legistlation-leaves-power-centre 14 http://www.thehindu.com/opinion/lead/lead-article-on-aadhaar-bill-by-chinmayi-arun-privacy-is-a-fundamentalright/article8366413.ece 15 http://www.governancenow.com/gov-next/egov/using-data-improve-social-welfare-schemes 4 IT for Change Research Brief-I buy back analysed data16! The much-publicised Smart Cities programme also seems to follow the same trajectory, partnering with technology companies and promoting a data-based solutionism. The guidelines underpinning the scheme make no reference to the need to ensure that civic data generated in the Smart City projects must be retained as a data commons, and not appropriated/ locked in by the IT vendor. 3.2.2 Lack of a comprehensive data governance framework that speaks to concerns of privacy, transparency and ownership India currently lacks a data governance framework to oversee the multifarious dimensions of data governance, affirming citizen right to privacy (and protection from abuse by state and non-state actors), while balancing considerations around the public value of data. The government’s approach to protection of citizen data has been rather ad-hoc. A recent study by the Centre for Internet and Society found that of 33 schemes initiated by the government under the Digital India programme, 20 have published their privacy policies online. While 22 schemes specify that the ownership of the data is with the individual, 7 state that ownership lies with the government agency. Only two schemes explicitly state that data collected may be re-used. Though all 33 schemes take consent, the form and comprehensiveness of the consent varies17. Data re-use without explicit consent can directly violate citizen rights. The Big Data landscape is a mammoth, unregulated industry, posing ever new ethical challenges to governance. Google’s DeepMind, for example, is currently collaborating with the National Health Service (NHS) in UK to support health care solutions. The NHS has used a loophole around ‘implied consent’ in the rule book, and handed over access to personal records of 1.6 million patients to Google, without their knowledge18. 3.3 Citizen participation and digital rights The National E-Governance Division is building a Rapid Assessment System (RAS) that will enable individual departments to mine SMS feedback from citizens about services, to determine follow-up action19. The Government of India is also engaged in Big Data analysis of citizen voice on its MyGov platform and social media accounts. Policy priorities in 19 areas are being determined through this process20. This switch to data-based decision-making is part of a larger trend of reducing the idea of public dialogue and consultation from a complex process that includes debate, deliberation and answerability to an individualised exercise of fixing a grievance. What these developments mean for democratic participation will be a key question in the coming years, considering the overwhelming evidence about the lack of representativity and potential for structural exclusion of minority view-points in algorithmic decision-making21. A related concern is the absence of meaningful cultures of citizen participation online. This is owing to many interrelated factors: Although the National Telecom Policy (NTP), 2012, speaks of a right to broadband, this does not translate into a de facto right, the quality of connectivity for the majority being poor. Consider this: while the NTP defines broadband as an Internet connection with upload and download speeds equal to, or greater than, 512 kilobits per second (kbps), this benchmark is vastly lower than the 25 mbps for downloads and 3 mbps for uploads, set by the Federal Communications Commission in the US. 16 http://www.thehindu.com/opinion/op-ed/your-data-going-on-sale-soon/article4733606.ece 17 http://slides.com/cisindia/big-data-in-indian-governance-preliminary-findings-6#/ 18 http://www.wired.co.uk/article/nhs-deepmind-google-data-sharing 19 http://jan-sampark.nic.in/jansampark/images/campaign/2016/30-Jul/index.html 20 http://articles.economictimes.indiatimes.com/2014-11-26/news/56490626_1_mygov-digital-india-modi-government 21 FTC Report 2016 5 IT for Change • • Research Brief-I Common Service Centres at the village level, despite the intent of their architects, have not emerged as key public access spaces that facilitate marginalised rural users’ access to governance services and citizen engagement platforms, or as key nodes galvanising local civic networks. Even though the National Digital Literacy Mission was set up to promote a digital literacy model that would enable “citizens to actively and effectively participate in the democratic and developmental process”, it has not been able to move beyond a narrow, skills-training approach. Open data efforts, despite the existence of the National Data Sharing and Accessibility Policy, have not been able to effectively open up access to information that can bring about real change on the ground. As observed by a 2015 research study, “critical datasets are unavailable on (the government’s official data portal), available datasets are often outdated, duplicated, incomplete, inadequately referenced and lack common terms used to describe the data. Top level meta data such as data collection methodology and a description of the variables are also either missing or incomplete22.” As a result, the meaningful re-use of open data by citizens, to strengthen their claims-making on state structures and demand accountability from authorities, becomes difficult. 3.4 Privatising government Public Private Partnerships (PPPs) seem to be the preferred modus operandi in the emerging digitalised governance ecosystem. The result is a marketisation of governance functions, a process in which democratic accountability is completely compromised. 3.4.1 Corporatisation of the welfare apparatus Welfare service delivery is undergoing end-to-end privatisation, under the Common Service Centre (CSC) scheme, which aims at setting up 2,50,000 last-mile service delivery kiosks across rural India. In this initiative, the state is partnering with private companies to set up points of service through a PPP model. It has been noted by researchers that profitability of service delivery, rather than inclusion, gains primacy in the CSC model. Most worryingly, there are no legal safeguards to ensure accountability to citizens in this entire privatised welfare delivery apparatus. 3.4.2 Privatisation of data management in governance systems As part of the Digital India vision, government data centres are currently being modernised by commercial entities – particularly foreign entities23. Creation and maintenance of data systems for government agencies are outsourced to private vendors, often without clear rules about data management protocols24. As a result, de facto control of the data is vested in the private partner. The state agency finds itself in a position of dependency vis-a-vis the private partner, lacking bargaining power in the PPP. In the context of Aadhaar, the management of identity information is being undertaken by a government agency, the Central Identities Data Repository (CIDR), with a network of registrars who will assist in enrollment and authentication processes at the last mile. Registrars can be public or private sector agencies. Though in the initial stages of UIDAI roll-out most registrars were government agencies and commercial banks, the involvement of data companies at a future stage is very likely. 22 http://webfoundation.org/2015/11/india-must-do-more-to-see-impact-of-open-data/ 23 ibid 24 Primary research by IT for Change. Details withheld to protect confidentiality of sources. 6 IT for Change Research Brief-I Under the Smart Cities programme, the government has embarked on creating IT-enabled cities under a PPP model. IT solutions such as “Smart Parking, Smart CCTV Surveillance, Smart Street Lighting, Smart Water Management/Leak Detection and Community Messaging” are being proposed for urban infrastructural problems. The model is likely to create a situation where city governments and citizens end up as consumers of a range of IT-enabled applications and platformbased services that are developed, owned and maintained by foreign companies. The risks such an arrangement can pose for citizen-data in a context without robust privacy and data protection legislation are quite huge. 4. Towards a road-map for democratic accountability and citizen empowerment in digital times Reclaiming democracy in the digital age calls for action on many fronts: • • • • Norm development for a digitalised public service delivery model that guarantees citizen rights. Laws and protocols on data that cover privacy safeguards, transparency and accountability considerations (including open data practices), social ownership of data, regulation of the data economy. Rules and protocols for participatory and deliberative democracy, including digital rights of citizens. Reining in run-away ‘network governance’ through legal-institutional mechanisms that check anti-democratic practices of private and public actors. Questions Our policy research raises the following questions for democratic accountability and citizen empowerment in digital times: 1. How can we develop a digitalised system for welfare services that not only ensures effective targeting and efficient service delivery, but is also locally responsive and accountable? • • • • • • • What safeguards need to be explored to prevent exclusions arising from authentication failures? How can individuals have better control over their personal data in Aadhaar? Can there be alternatives to bio-metric based authentication? What redress mechanisms are necessary to tackle denial of services stemming from authentication failures? How can we move towards a decentralised data system in welfare management? How can responsiveness to the citizen be programmed through discretion and flexibility in beneficiary databases? What is the role for the panchayat and citizen forums in relation to digitalised welfare? 2. How can we move towards a regulatory framework that effectively balances the multiple considerations for an effective data governance (data-in-governance) regime? • What kind of design principles are necessary, if the starting point for all networked infrastructure is based on ‘privacy by design’? 7 IT for Change • • • • Research Brief-I How can techno-design architectures ensure distributed data storage and retrieval? What new institutional arrangements may be necessary for independent oversight of data protocols and practices in governance? How can these address the need for socialising public data ownership? What are the technical approaches to balancing transparency and privacy considerations effectively, in governance data systems? What kind of information about digitalised welfare delivery must be in the public domain and what guarantees does the citizen need while using authentication systems? 3. How should we rethink the right to participation in the digital age? What does it mean to extend this right to online spaces and what new guarantees and institutional safeguards are required? • • • • What would qualify as a ‘right to (quality) connectivity’? What legal-institutional mechanisms are necessary to address emerging challenges to civilpolitical rights in online spaces? Do we need new laws? What principles would be necessary to tackle the impunity of Internet platforms/ corporations? What mechanisms can be contemplated to make data-driven decision making transparent and respectful of individual privacy? 4. How can we check anti-democratic tendencies of private actors in network governance arrangements? • • How do we address the corporatisation of public services delivery and its governance from the standpoint of accountability to the last citizen? As we enter a no-looking-back era of algorithmic decision making (in programmes such as Smart Cities), what kind of correctives are necessary to take back the control from corporations over people’s data? 8 Author profiles Anita Gurumurthy is the founding member and executive director at IT for Change. She also heads the research responsibilities at the organisation. Nandini Chami is a senior research associate at IT for Change. He work is in the areas of digital rights and development, and women's rights in the information society. Deepti Bharthur is a research associate at IT for Change. Her work is in the areas of e-governance and digital citizenship, data economy, platforms and digital exclusions. About the project This research has been produced with the financial support of Making All Voices Count. Making All Voices Count is a programme working towards a world in which open, effective and participatory governance is the norm and not the exception. This Grand Challenge focuses global attention on creative and cutting-edge solutions to transform the relationship between citizens and their governments. Making All Voices Count is supported by the U.K. Department for International Development (DFID), U.S. Agency for International Development (USAID), Swedish International Development Cooperation Agency, and Omidyar Network (ON), and is implemented by a consortium consisting of Hivos, the Institute of Development Studies (IDS) and Ushahidi. The programme is inspired by and supports the goals of the Open Government Partnership. Disclaimer: The views expressed in this publication do not necessarily reflect the official policies of Making All Voices Count or our funders. Editorial Team Design - Deepti Bharthur & Swati Mehta Editorial Support - Amria Vasudevan & Swati Mehta Copyright: Research outputs from this project are licensed under a Creative Commons License AttributionNonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4). IT FOR CHANGE I 2016