The Governance of AI Governance – I

A few years ago, before LLMs took the world by storm, I led a small team of experts contracted to assess public institutions in an emerging economy. Under the umbrella of government assessments, the job was to evaluate the performance of over 20 institutions based on a methodology designed by international subject-matter experts closely working with local officials. We worked alongside several other teams to cover all entities under the scope. Our unavoidable first step was to learn the proposed methodology and, on that basis, read the materials the entities had submitted, which contained an unusually high number of performance indicators (PIs). We complemented that with additional desk research and fact-checking many institutions’ claims.

With that in hand, we visited various entities to interview top and senior managers. That could take six or more hours. Fortunately, all institutions offered coffee, tea, plenty of snacks and facilities to appease biological gaps and needs. After formal introductions, top managers shared briefs on the entity’s performance, backed by the PIs we had already examined. Then, the fun started as we poked around, asking critical questions we had previously developed and adding new ones as we went along. A few institutional reps had a hard time hiding their anxiety levels, but most were well-prepared indeed. Although the methodology was fuzzy about governance, policy and decision-making processes, I considered them fundamental to fully understanding the modus operandi of any public institution. So, I had a few related questions to put on the table. My strategy was to avoid asking direct questions, including yes or no ones, and instead, request the entity’s team to provide examples on a particular topic or issue.

A pattern emerged while interacting with the different entities’ IT departments or division heads. The governance examples they provided were always positioned within the umbrella of IT governance. Department heads were more than happy to discuss the relevance of the various IT governance frameworks such as COBIT, ITIL or the ISO/IEC 38500 standard in their decision-making process, thus always matching IT strategy with overall institutional mandates and goals. In one instance, an interviewee proudly informed us that the entity had recently deployed a state-of-the-art AI chatbot to support citizens’ interactions with the institution. I asked him if he could detail how such a decision was made.

He shared a rather remarkable story. While attending an international meeting in the US, he was approached by the company selling the chatbot, which he found impressive after seeing it in action. Once back home, he made a recommendation to top managers, who agreed with his assessment and proceeded to license the platform. Details were not provided when I asked about the actual procurement process. That was confidential information protected by already signed NDAs. In any event, this example shows the crucial difference between IT governance and the governance processes public institutions have in place to make such decisions. Matching IT strategy with institutional mandates is not automatic. It requires a governance structure that ensures that is undoubtedly the case. It is thereby not a technical issue but a governance one, first and foremost.

On the other hand, that example corroborates what academics have been discussing for decades. Conceptually, governance is a heavily contested territory. As with AI, consensus on its definition is still a pipe dream. I am almost sure researchers working in AI governance have not yet bumped into the IT governance firewall. In any case, one can easily argue that any AI strategy must match business targets or public entity mandates. The critical difference here is that AI, unlike older digital technologies, can be deployed to devise and develop such strategies. So, the crucial question is whether existing governance instances and processes can adequately handle that or if they need to be revisited, refurbished or even scrapped.

Governance, sans AI, has been a field of academic study for over 40 years. However, most people dealing with AI governance do not seem to openly acknowledge its existence. While terms such as “good” and “democratic” governance have been popularized and even politicized by multilateral institutions, others widely utilized within the governance literature, like institutional governance, network governance, multilevel governance, hybrid governance and meta-governance, are rarely cited by AI governance experts and practitioners. Indeed, there is a slight knowledge gap here.

For starters, a working definition of governance is undoubtedly required. The strategy here is to think about governance in general—that is, pinpoint critical traits in its simpler and more abstract form, regardless of political regime and historical context. Here, we can take a page from Pierre & Peters (2021), who define governance based on its etymological origins: to steer. In that light, governance comprises the structures and processes social groups deploy and use to steer their affairs in a particular direction or toward a given set of outcomes. Such a definition thus applies to any community, ranging from families and blood clans to more complex societies such as Ancient Egypt and modern national states. It is also helpful to review sectoral instances of governance, such as corporate or economic governance. However, it is insufficient to differentiate governance across historically different socio-economic formations and related political regimes.

To achieve this, we must examine the interactions between the various components of our governance definition: structures, processes, social groups and outcomes. Social groups or communities are the departing points as they set the overall context on which any governance instances emerge and eventually come into action. Governance instances in Indigenous Communities around the globe, for example, were and are still today very different from those established under the modern capitalist state, as they operate under drastically different logic and contextual circumstances.

Second, it is essential to distinguish between governance structures and processes, and the outcomes such social groups pursue. As suggested by some governance researchers, whether the final outcome is the “common good” or some other socially beneficial target is irrelevant from a pure governance perspective, as sequencing plays a critical role. By definition, governance presupposes a given goal towards which the social ship has to be steered. Here, we should be careful and avoid confounding means and ends, which seems to be one of the issues with so-called “good” governance. Indeed, governance is “good” only if the structures and processes set in motion reach the intended goal, regardless of its content (the rule of law, public services, etc.).

Of course, the other core question is how such outcomes are shaped, discussed and established as (“good”) social goals. Undoubtedly, the UN Declaration of Human Rights, encompassing economic, social, cultural, civic and political rights, could serve as the gold standard for modern nation-states. But, in any event, “good” or “democratic” governance is not the same as democracy, a difference usually ignored in the innumerable discussions on the topic.

So, how does all this relate to AI Governance? I will address that in the second part of this post.

Raúl