Implementation Challenges for the Procurement Act 2023

I have put together a consolidated overview of the primary challenges for the implementation of the Procurement Act 2023, to be included as a country report in a forthcoming issue of the European Procurement & Public Private Partnership Law Review.

It brings together developments discussed in the blog over the last year or so, including the transparency ambition, the innovation ambition, and the training offer linked to the Transforming Public Procurement project.

In case of interest, it can be downloaded from SSRN: https://ssrn.com/abstract=4692660.

It contains nothing new, though, so assiduous readers may want to skip this one!

G7 Guiding Principles and Code of Conduct on Artificial Intelligence -- some comments from a UK perspective

On 30 October 2023, G7 leaders published the Hiroshima Process International Guiding Principles for Advanced AI system (the G7 AI Principles), a non-exhaustive list of guiding principles formulated as a living document that builds on the OECD AI Principles to take account of recent developments in advanced AI systems. The G7 stresses that these principles should apply to all AI actors, when and as applicable to cover the design, development, deployment and use of advanced AI systems.

The G7 AI Principles are supported by a voluntary Code of Conduct for Advanced AI Systems (the G7 AI Code of Conduct), which is meant to provide guidance to help seize the benefits and address the risks and challenges brought by these technologies.

The G7 AI Principles and Code of Conduct came just two days before the start of the UK’s AI Safety Summit 2023. Given that the UK is part of the G7 and has endorsed the G7 Hiroshima Process and its outcomes, the interaction between the G7’s documents, the UK Government’s March 2023 ‘pro-innovation’ approach to AI and its aspirations for the AI Safety Summit deserves some comment.

G7 AI Principles and Code of Conduct

The G7 AI Principles aim ‘to promote safe, secure, and trustworthy AI worldwide and will provide guidance for organizations developing and using the most advanced AI systems, including the most advanced foundation models and generative AI systems.’ The principles are meant to be cross-cutting, as they target ‘among others, entities from academia, civil society, the private sector, and the public sector.’ Importantly, also, the G7 AI Principles are meant to be a stop gap solution, as G7 leaders ‘call on organizations in consultation with other relevant stakeholders to follow these [principles], in line with a risk-based approach, while governments develop more enduring and/or detailed governance and regulatory approaches.’

The principles include the reminder that ‘[w]hile harnessing the opportunities of innovation, organizations should respect the rule of law, human rights, due process, diversity, fairness and non-discrimination, democracy, and human-centricity, in the design, development and deployment of advanced AI system’, as well as a reminder that organizations developing and deploying AI should not undermine democratic values, harm individuals or communities, ‘facilitate terrorism, enable criminal misuse, or pose substantial risks to safety, security, and human rights’. State (AI users) are reminder of their ‘obligations under international human rights law to promote that human rights are fully respected and protected’ and private sector actors are called to align their activities ‘with international frameworks such as the United Nations Guiding Principles on Business and Human Rights and the OECD Guidelines for Multinational Enterprises’.

These are all very high level declarations and aspirations that do not go much beyond pre-existing commitments and (soft) law norms, if at all.

The G7 AI Principles comprises a non-exhaustive list of 11 high-level regulatory goals that organizations should abide by ‘commensurate to the risks’—ie following the already mentioned risk-based approach—which introduces a first element of uncertainty because the document does not establish any methodology or explanation on how risks should be assessed and tiered (one of the primary, and debated, features of the proposed EU AI Act). The principles are the following, prefaced by my own labelling between square brackets:

  1. [risk identification, evaluation and mitigation] Take appropriate measures throughout the development of advanced AI systems, including prior to and throughout their deployment and placement on the market, to identify, evaluate, and mitigate risks across the AI lifecycle;

  2. [misuse monitoring] Patterns of misuse, after deployment including placement on the market;

  3. [transparency and accountability] Publicly report advanced AI systems’ capabilities, limitations and domains of appropriate and inappropriate use, to support ensuring sufficient transparency, thereby contributing to increase accountability.

  4. [incident intelligence exchange] Work towards responsible information sharing and reporting of incidents among organizations developing advanced AI systems including with industry, governments, civil society, and academia.

  5. [risk management governance] Develop, implement and disclose AI governance and risk management policies, grounded in a risk-based approach – including privacy policies, and mitigation measures, in particular for organizations developing advanced AI systems.

  6. [(cyber) security] Invest in and implement robust security controls, including physical security, cybersecurity and insider threat safeguards across the AI lifecycle.

  7. [content authentication and watermarking] Develop and deploy reliable content authentication and provenance mechanisms, where technically feasible, such as watermarking or other techniques to enable users to identify AI-generated content.

  8. [risk mitigation priority] Prioritize research to mitigate societal, safety and security risks and prioritize investment in effective mitigation measures.

  9. [grand challenges priority] Prioritize the development of advanced AI systems to address the world’s greatest challenges, notably but not limited to the climate crisis, global health and education.

  10. [technical standardisation] Advance the development of and, where appropriate, adoption of international technical standards.

  11. [personal data and IP safeguards] Implement appropriate data input measures and protections for personal data and intellectual property.

Each of the principles is accompanied by additional guidance or precision, where possible, and this is further developed in the G7 Code of Conduct.

In my view, the list is a bit of a mixed bag.

There are some very general aspirations or steers that can hardly be considered principles of AI regulation, for example principle 9 setting a grand challenges priority and, possibly, principle 8 setting a risk mitigation priority beyond the ‘requirements’ of principle 1 on risk identification, evaluation and mitigation—which thus seems to boil down to the more specific steer in the G7 Code of Conduct for (private) organisations to ‘share research and best practices on risk mitigation’.

Quite how these principles could be complied by current major AI developers seems rather difficult to foresee, especially in relation to principle 9. Most developers of generative AI or other AI applications linked to eg social media platforms will have a hard time demonstrating their engagement with this principle, unless we accept a general justification of ‘general purpose application’ or ‘dual use application’—which to me seems quite unpalatable. What is the purpose of this principle if eg it pushes organisations away from engaging with the rest of the G7 AI Principles? Or if organisations are allowed to gloss over it in any (future) disclosures linked to an eventual mechanism of commitment, chartering, or labelling associated with the principles? It seems like the sort of purely political aspiration that may have been better left aside.

Some other principles seem to push at an open door, such as principle 10 on the development of international technical standards. Again, the only meaningful detail seems to be in the G7 Code of Conduct, which specifies that ‘In particular, organizations also are encouraged to work to develop interoperable international technical standards and frameworks to help users distinguish content generated by AI from non-AI generated content.’ However, this is closely linked to principle 7 on content authentication and watermarking, so it is not clear how much that adds. Moreover, this comes to further embed the role of industry-led technical standards as a foundational element of AI regulation, with all the potential problems that arise from it (for some discussion from the perspective of regulatory tunnelling, see here and here).

Yet other principles present as relatively soft requirements or ‘noble’ commitments issues that are, in reality, legal requirements already binding on entities and States and that, in my view, should have been placed as hard obligations and a renewed commitment from G7 States to enforce them. These include principle 11 on personal data and IP safeguards, where the G7 Code of Conduct includes as an apparent after thought that ‘Organizations should also comply with applicable legal frameworks’. In my view, this should be starting point.

This reduces the list of AI Principles ‘proper’. But, even then, they can be further grouped and synthesised, in my view. For example, principles 1 and 5 are both about risk management, with the (outward-looking) governance layer of principle 5 seeking to give transparency to the (inward-looking) governance layer in principle 1. Principle 2 seems to simply seek to extend the need to engage with risk-based management post-market placement, which is also closely connected to the (inward-looking) governance layer in principle 1. All of them focus on the (undefined) risk-based approach to development and deployment of AI underpinning the G7’s AI Principles and Code of Conduct.

Some aspects of the incident intelligence exchange also relate to principle 1, while some other aspects relate to (cyber) security issues encapsulated in principle 6. However, given that this principle may be a placeholder for the development of some specific mechanisms of collaboration—either based on cyber security collaboration or other approaches, such as the much touted aviation industry’s—it may be treated separately.

Perhaps, then, the ‘core’ AI Principles arising from the G7 document could be trimmed down to:

  • Life-cycle risk-based management and governance, inclusive of principles 1, 2, and 5.

  • Transparency and accountability, principle 3.

  • Incident intelligence exchange, principle 4.

  • (Cyber) security, principle 6.

  • Content authentication and watermarking, principle 7 (though perhaps narrowly targeted to generative AI).

Most of the value in the G7 AI Principles and Code of Conduct thus arises from the pointers for collaboration, the more detailed self-regulatory measures, and the more specific potential commitments included in the latter. For example, in relation to the potential AI risks that are identified as potential targets for the risk assessments expected of AI developers (under guidance related to principle 1), or the desirable content of AI-related disclosures (under guidance related to principle 3).

It is however unclear how these principles will evolve when adopted at the national level, and to what extent they offer a sufficient blueprint to ensure international coherence in the development of the ‘more enduring and/or detailed governance and regulatory approaches’ envisaged by G7 leaders. It seems for example striking that both the EU and the UK have supported these principles, given that they have relatively opposing approaches to AI regulation—with the EU seeking to finalise the legislative negotiations on the first ‘golden standard’ of AI regulation and the UK taking an entirely deregulatory approach. Perhaps this is in itself an indication that, even at the level of detail achieved in the G7 AI Code of Conduct, the regulatory leeway is quite broad and still necessitates significant further concretisation for it to be meaningful in operational terms—as evidenced eg by the US President’s ‘Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence’, which calls for that concretisation and provides a good example of the many areas for detailed work required to translate high level principles into actionable requirements (even if it leaves enforcement still undefined).

How do the G7 Principles compare to the UK’s ‘pro-innovation’ ones?

In March 2023, the UK Government published its white paper ‘A pro-innovation approach to AI regulation’ (the ‘UK AI White Paper’; for a critique, see here). The UK AI White Paper indicated (at para 10) that its ‘framework is underpinned by five principles to guide and inform the responsible development and use of AI in all sectors of the economy:

  • Safety, security and robustness

  • Appropriate transparency and explainability

  • Fairness

  • Accountability and governance

  • Contestability and redress’.

A comparison of the UK and the G7 principles can show a few things.

First, that there are some areas where there seems to be a clear correlation—in particular concerning (cyber) security as a self-standing challenge requiring a direct regulatory focus.

Second, that it is hard to decide at which level to place incommensurable aspects of AI regulation. Notably, the G7 principles do not directly refer to fairness—while the UK does. However, the G7 Principles do spend some time in the preamble addressing the issue of fairness and unacceptable AI use (though in a woolly manner). Whether placing this type of ‘requirement’ at a level or other makes a difference (at all) is highly debatable.

Third, that there are different ways of ‘packaging’ principles or (soft) obligations. Just like some of the G7 principles are closely connected or fold into each other (as above), so do the UK’s principles in relation to the G7’s. For example, the G7 packaged together transparency and accountability (principle 3), while the UK had them separated. While the UK explicitly mentioned the issue of AI explainability, this remains implicit in the G7 principles (also in principle 3).

Finally, in line with the considerations above, that distinct regulatory approaches only emerge or become clear once the ‘principles’ become specific (so they arguably stop being principles). For example, it seems clear that the G7 Principles aspire to higher levels of incident intelligence governance and to a specific target of generative AI watermarking than the UK’s. However, whether the G7 or the UK principles are equally or more demanding on any other dimension of AI regulation is close to impossible to establish. In my view, this further supports the need for a much more detailed AI regulatory framework—else, technical standards will entirely occupy that regulatory space.

What do the G7 AI Principles tell us about the UK’s AI Safety Summit?

The Hiroshima Process that has led to the adoption of the G7 AI Principles and Code of Conduct emerged from the Ministerial Declaration of The G7 Digital and Tech Ministers’ Meeting of 30 April 2023, which explicitly stated that:

‘Given that generative AI technologies are increasingly prominent across countries and sectors, we recognise the need to take stock in the near term of the opportunities and challenges of these technologies and to continue promoting safety and trust as these technologies develop. We plan to convene future G7 discussions on generative AI which could include topics such as governance, how to safeguard intellectual property rights including copyright, promote transparency, address disinformation, including foreign information manipulation, and how to responsibly utilise these technologies’ (at para 47).

The UK Government’s ambitions for the AI Safety Summit largely focus on those same issues, albeit within the very narrow confines of ‘frontier AI’, which it has defined as ‘highly capable general-purpose AI models that can perform a wide variety of tasks and match or exceed the capabilities present in today’s most advanced models‘. While the UK Government has published specific reports to focus discussion on (1) Capabilities and risks from frontier AI and (2) Emerging Processes for Frontier AI Safety, it is unclear how the level of detail of such narrow approach could translate into broader international commitments.

The G7 AI Principles already claim to tackle ‘the most advanced AI systems, including the most advanced foundation models and generative AI systems (henceforth "advanced AI systems")’ within their scope. It seems unclear that such approach would be based on a lack of knowledge or understanding of the detail the UK has condensed in those reports. It rather seems that the G7 was not ready to move quickly to a level of detail beyond that included in the G7 AI Code of Conduct. Whether significant further developments can be expected beyond the G7 AI Principles and Code of Conduct just two days after they were published seems hard to fathom.

Moreover, although the UK Government is downplaying the fact that eg Chinese participation in the AI Safety Summit is unclear and potentially rather marginal, it seems that, at best, the UK AI Safety Summit will be an opportunity for a continued conversation between G7 countries and a few others. It is also unclear whether significant progress will be made in a forum that seems rather clearly tilted towards industry voice and influence.

Let’s wait and see what the outcomes are, but I am not optimistic for significant progress other than, worryingly, a risk of further displacement of regulatory decision-making towards industry and industry-led (future) standards.

UK's 'pro-innovation approach' to AI regulation won't do, particularly for public sector digitalisation

Regulating artificial intelligence (AI) has become the challenge of the time. This is a crucial area of regulatory development and there are increasing calls—including from those driving the development of AI—for robust regulatory and governance systems. In this context, more details have now emerged on the UK’s approach to AI regulation.

Swimming against the tide, and seeking to diverge from the EU’s regulatory agenda and the EU AI Act, the UK announced a light-touch ‘pro-innovation approach’ in its July 2022 AI regulation policy paper. In March 2023, the same approach was supported by a Report of the Government Chief Scientific Adviser (the ‘GCSA Report’), and is now further developed in the White Paper ‘AI regulation: a pro-innovation approach’ (the ‘AI WP’). The UK Government has launched a public consultation that will run until 21 June 2023.

Given the relevance of the issue, it can be expected that the public consultation will attract a large volume of submissions, and that the ‘pro-innovation approach’ will be heavily criticised. Indeed, there is an on-going preparatory Parliamentary Inquiry on the Governance of AI that has already collected a wealth of evidence exploring the pros and cons of the regulatory approach outlined there. Moreover, initial reactions eg by the Public Law Project, the Ada Lovelace Institute, or the Royal Statistical Society have been (to different degrees) critical of the lack of regulatory ambition in the AI WP—while, as could be expected, think tanks closely linked to the development of the policy, such as the Alan Turing Institute, have expressed more positive views.

Whether the regulatory approach will shift as a result of the expected pushback is unclear. However, given that the AI WP follows the same deregulatory approach first suggested in 2018 and is strongly politically/policy entrenched—for the UK Government has self-assessed this approach as ‘world leading’ and claims it will ‘turbocharge economic growth’—it is doubtful that much will necessarily change as a result of the public consultation.

That does not mean we should not engage with the public consultation, but the opposite. In the face of the UK Government’s dereliction of duty, or lack of ideas, it is more important than ever that there is a robust pushback against the deregulatory approach being pursued. Especially in the context of public sector digitalisation and the adoption of AI by the public administration and in the provision of public services, where the Government (unsurprisingly) is unwilling to create regulatory safeguards to protect citizens from its own action.

In this blogpost, I sketch my main areas of concern with the ‘pro-innovation approach’ in the GCSA Report and AI WP, which I will further develop for submission to the public consultation, building on earlier views. Feedback and comments would be gratefully received: a.sanchez-graells@bristol.ac.uk.

The ‘pro-innovation approach’ in the GCSA Report — squaring the circle?

In addition to proposals on the intellectual property (IP) regulation of generative AI, the opening up of public sector data, transport-related, or cyber security interventions, the GCSA Report focuses on ‘core’ regulatory and governance issues. The report stresses that regulatory fragmentation is one of the key challenges, as is the difficulty for the public sector in ‘attracting and retaining individuals with relevant skills and talent in a competitive environment with the private sector, especially those with expertise in AI, data analytics, and responsible data governance‘ (at 5). The report also further hints at the need to boost public sector digital capabilities by stressing that ‘the government and regulators should rapidly build capability and know-how to enable them to positively shape regulatory frameworks at the right time‘ (at 13).

Although the rationale is not very clearly stated, to bridge regulatory fragmentation and facilitate the pooling of digital capabilities from across existing regulators, the report makes a central proposal to create a multi-regulator AI sandbox (at 6-8). The report suggests that it could be convened by the Digital Regulatory Cooperation Forum (DRCF)—which brings together four key regulators (the Information Commissioner’s Office (ICO), Office of Communications (Ofcom), the Competition and Markets Authority (CMA) and the Financial Conduct Authority (FCA))—and that DRCF should look at ways of ‘bringing in other relevant regulators to encourage join up’ (at 7).

The report recommends that the AI sandbox should operate on the basis of a ‘commitment from the participant regulators to make joined-up decisions on regulations or licences at the end of each sandbox process and a clear feedback loop to inform the design or reform of regulatory frameworks based on the insights gathered. Regulators should also collaborate with standards bodies to consider where standards could act as an alternative or underpin outcome-focused regulation’ (at 7).

Therefore, the AI sandbox would not only be multi-regulator, but also encompass (in some way) standard-setting bodies (presumably UK ones only, though), without issues of public-private interaction in decision-making implying the exercise of regulatory public powers, or issues around regulatory capture and risks of commercial determination, being considered at all. The report in general is extremely industry-orientated, eg in stressing in relation to the overarching pacing problem that ‘for emerging digital technologies, the industry view is clear: there is a greater risk from regulating too early’ (at 5), without this being in any way balanced with clear (non-industry) views that the biggest risk is actually in regulating too late and that we are collectively frog-boiling into a ‘runaway AI’ fiasco.

Moreover, confusingly, despite the fact that the sandbox would be hosted by DRCF (of which the ICO is a leading member), the GCSA Report indicates that the AI sandbox ‘could link closely with the ICO sandbox on personal data applications’ (at 8). The fact that the report is itself unclear as to whether eg AI applications with data protection implications should be subjected to one or two sandboxes, or the extent to which the general AI sandbox would need to be integrated with sectoral sandboxes for non-AI regulatory experimentation, already indicates the complexity and dubious practical viability of the suggested approach.

It is also unclear why multiple sector regulators should be involved in any given iteration of a single AI sandbox where there may be no projects within their regulatory remit and expertise. The alternative approach of having an open or rolling AI sandbox mechanism led by a single AI authority, which would then draw expertise and work in collaboration with the relevant sector regulator as appropriate on a per-project basis, seems preferable. While some DRCF members could be expected to have to participate in a majority of sandbox projects (eg CMA and ICO), others would probably have a much less constant presence (eg Ofcom, or certainly the FCA).

Remarkably, despite this recognition of the functional need for a centralised regulatory approach and a single point of contact (primarily for industry’s convenience), the GCSA Report implicitly supports the 2022 AI regulation policy paper’s approach to not creating an overarching cross-sectoral AI regulator. The GCSA Report tries to create a ‘non-institutionalised centralised regulatory function’, nested under DRCF. In practice, however, implementing the recommendation for a single AI sandbox would create the need for the further development of the governance structures of the DRCF (especially if it was to grow by including many other sectoral regulators), or whichever institution ‘hosted it’, or else risk creating a non-institutional AI regulator with the related difficulties in ensuring accountability. This would add a layer of deregulation to the deregulatory effect that the sandbox itself creates (see eg Ranchordas (2021)).

The GCSA Report seems to try to square the circle of regulatory fragmentation by relying on cooperation as a centralising regulatory device, but it does this solely for the industry’s benefit and convenience, without paying any consideration to the future effectiveness of the regulatory framework. This is hard to understand, given the report’s identification of conflicting regulatory constraints, or in its terminology ‘incentives’: ‘The rewards for regulators to take risks and authorise new and innovative products and applications are not clear-cut, and regulators report that they can struggle to trade off the different objectives covered by their mandates. This can include delivery against safety, competition objectives, or consumer and environmental protection, and can lead to regulator behaviour and decisions that prioritise further minimising risk over supporting innovation and investment. There needs to be an appropriate balance between the assessment of risk and benefit’ (at 5).

This not only frames risk-minimisation as a negative regulatory outcome (and further feeds into the narrative that precautionary regulatory approaches are somehow not legitimate because they run against industry goals—which deserves strong pushback, see eg Kaminski (2022)), but also shows a main gap in the report’s proposal for the single AI sandbox. If each regulator has conflicting constraints, what evidence (if any) is there that collaborative decision-making will reduce, rather than exacerbate, such regulatory clashes? Are decisions meant to be arrived at by majority voting or in any other way expected to deactivate (some or most) regulatory requirements in view of (perceived) gains in relation to other regulatory goals? Why has there been no consideration of eg the problems encountered by concurrency mechanisms in the application of sectoral and competition rules (see eg Dunne (2014), (2020) and (2021)), as an obvious and immediate precedent of the same type of regulatory coordination problems?

The GCSA report also seems to assume that collaboration through the AI sandbox would be resource neutral for participating regulators, whereas it seems reasonable to presume that this additional layer of regulation (even if not institutionalised) would require further resources. And, in any case, there does not seem to be much consideration as to the viability of asking of resource-strapped regulators to create an AI sandbox where they can (easily) be out-skilled and over-powered by industry participants.

In my view, the GCSA Report already points at significant weaknesses in the resistance to creating any new authorities, despite the obvious functional need for centralised regulation, which is one of the main weaknesses, or the single biggest weakness, in the AI WP—as well as in relation to a lack of strategic planning around public sector digital capabilities, despite well-recognised challenges (see eg Committee of Public Accounts (2021)).

The ‘pro-innovation approach’ in the AI WP — a regulatory blackhole, privatisation of ai regulation, or both

The AI WP envisages an ‘innovative approach to AI regulation [that] uses a principles-based framework for regulators to interpret and apply to AI within their remits’ (para 36). It expects the framework to ‘pro-innovation, proportionate, trustworthy, adaptable, clear and collaborative’ (para 37). As will become clear, however, such ‘innovative approach’ solely amounts to the formulation of high-level, broad, open-textured and incommensurable principles to inform a soft law push to the development of regulatory practices aligned with such principles in a highly fragmented and incomplete regulatory landscape.

The regulatory framework would be built on four planks (para 38): [i] an AI definition (paras 39-42); [ii] a context-specific approach (ie a ‘used-based’ approach, rather than a ‘technology-led’ approach, see paras 45-47); [iii] a set of cross-sectoral principles to guide regulator responses to AI risks and opportunities (paras 48-54); and [iv] new central functions to support regulators to deliver the AI regulatory framework (paras 70-73). In reality, though, there will be only two ‘pillars’ of the regulatory framework and they do not involve any new institutions or rules. The AI WP vision thus largely seems to be that AI can be regulated in the UK in a world-leading manner without doing anything much at all.

AI Definition

The UK’s definition of AI will trigger substantive discussions, especially as it seeks to build it around ‘the two characteristics that generate the need for a bespoke regulatory response’: ‘adaptivity’ and ‘autonomy’ (para 39). Discussing the definitional issue is beyond the scope of this post but, on the specific identification of the ‘autonomy’ of AI, it is worth highlighting that this is an arguably flawed regulatory approach to AI (see Soh (2023)).

No new institutions

The AI WP makes clear that the UK Government has no plans to create any new AI regulator, either with a cross-sectoral (eg general AI authority) or sectoral remit (eg an ‘AI in the public sector authority’, as I advocate for). The Ministerial Foreword to the AI WP already stresses that ‘[t]o ensure our regulatory framework is effective, we will leverage the expertise of our world class regulators. They understand the risks in their sectors and are best placed to take a proportionate approach to regulating AI’ (at p2). The AI WP further stresses that ‘[c]reating a new AI-specific, cross-sector regulator would introduce complexity and confusion, undermining and likely conflicting with the work of our existing expert regulators’ (para 47). This however seems to presume that a new cross-sector AI regulator would be unable to coordinate with existing regulators, despite the institutional architecture of the regulatory framework foreseen in the AI WP entirely relying on inter-regulator collaboration (!).

No new rules

There will also not be new legislation underpinning regulatory activity, although the Government claims that the WP AI, ‘alongside empowering regulators to take a lead, [is] also setting expectations‘ (at p3). The AI WP claims to develop a regulatory framework underpinned by five principles to guide and inform the responsible development and use of AI in all sectors of the economy: [i] Safety, security and robustness; [ii] Appropriate transparency and explainability; [iii] Fairness; [iv] Accountability and governance; and [v] Contestability and redress (para 10). However, they will not be put on a statutory footing (initially); ‘the principles will be issued on a non-statutory basis and implemented by existing regulators’ (para 11). While there is some detail on the intended meaning of these principles (see para 52 and Annex A), the principles necessarily lack precision and, worse, there is a conflation of the principles with other (existing) regulatory requirements.

For example, it is surprising that the AI WP describes fairness as implying that ‘AI systems should (sic) not undermine the legal rights of individuals or organisations, discriminate unfairly against individuals or create unfair market outcomes‘ (emphasis added), and stresses the expectation ‘that regulators’ interpretations of fairness will include consideration of compliance with relevant law and regulation’ (para 52). This encapsulates the risks that principles-based AI regulation ends up eroding compliance with and enforcement of current statutory obligations. A principle of AI fairness cannot modify or exclude existing legal obligations, and it should not risk doing so either.

Moreover, the AI WP suggests that, even if the principles are supported by a statutory duty for regulators to have regard to them, ‘while the duty to have due regard would require regulators to demonstrate that they had taken account of the principles, it may be the case that not every regulator will need to introduce measures to implement every principle’ (para 58). This conflates two issues. On the one hand, the need for activity subjected to regulatory supervision to comply with all principles and, on the other, the need for a regulator to take corrective action in relation to any of the principles. It should be clear that regulators have a duty to ensure that all principles are complied with in their regulatory remit, which does not seem to entirely or clearly follow from the weaker duty to have due regard to the principles.

perpetuating regulatory gaps, in particular regarding public sector digitalisation

As a consequence of the lack of creation of new regulators and the absence of new legislation, it is unclear whether the ‘regulatory strategy’ in the AI WP will have any real world effects within existing regulatory frameworks, especially as the most ambitious intervention is to create ‘a statutory duty on regulators requiring them to have due regard to the principles’ (para 12)—but the Government may decide not to introduce it if ‘monitoring of the effectiveness of the initial, non-statutory framework suggests that a statutory duty is unnecessary‘ (para 59).

However, what is already clear that there is no new AI regulation in the horizon despite the fact that the AI WP recognises that ‘some AI risks arise across, or in the gaps between, existing regulatory remits‘ (para 27), that ‘there may be AI-related risks that do not clearly fall within the remits of the UK’s existing regulators’ (para 64), and the obvious and worrying existence of high risks to fundamental rights and values (para 4 and paras 22-25). The AI WP is naïve, to say the least, in setting out that ‘[w]here prioritised risks fall within a gap in the legal landscape, regulators will need to collaborate with government to identify potential actions. This may include identifying iterations to the framework such as changes to regulators’ remits, updates to the Regulators’ Code, or additional legislative intervention’ (para 65).

Hoping that such risk identification and gap analysis will take place without assigning specific responsibility for it—and seeking to exempt the Government from such responsibility—seems a bit too much to ask. In fact, this is at odds with the graphic depiction of how the AI WP expects the system to operate. As noted in (1) in the graph below, it is clear that the identification of risks that are cross-cutting or new (unregulated) risks that warrant intervention is assigned to a ‘central risk function’ (more below), not the regulators. Importantly, the AI WP indicates that such central function ‘will be provided from within government’ (para 15 and below). Which then raises two questions: (a) who will have the responsibility to proactively screen for such risks, if anyone, and (b) how has the Government not already taken action to close the gaps it recognises exists in the current legal landscape?

AI WP Figure 2: Central risks function activities.

This perpetuates the current regulatory gaps, in particular in sectors without a regulator or with regulators with very narrow mandates—such as the public sector and, to a large extent, public services. Importantly, this approach does not create any prohibition of impermissible AI uses, nor sets any (workable) set of minimum requirements for the deployment of AI in high-risk uses, specially in the public sector. The contrast with the EU AI Act could not be starker and, in this aspect in particular, UK citizens should be very worried that the UK Government is not committing to any safeguards in the way technology can be used in eg determining access to public services, or by the law enforcement and judicial system. More generally, it is very worrying that the AI WP does not foresee any safeguards in relation to the quickly accelerating digitalisation of the public sector.

Loose central coordination leading to ai regulation privatisation

Remarkably, and in a similar functional disconnect as that of the GCSA Report (above), the decision not to create any new regulator/s (para 15) is taken in the same breath as the AI WP recognises that the small coordination layer within the regulatory architecture proposed in the 2022 AI regulation policy paper (ie, largely, the approach underpinning the DRCF) has been heavily criticised (para 13). The AI WP recognises that ‘the DRCF was not created to support the delivery of all the functions we have identified or the implementation of our proposed regulatory framework for AI’ (para 74).

The AI WP also stresses how ‘[w]hile some regulators already work together to ensure regulatory coherence for AI through formal networks like the AI and digital regulations service in the health sector and the Digital Regulation Cooperation Forum (DRCF), other regulators have limited capacity and access to AI expertise. This creates the risk of inconsistent enforcement across regulators. There is also a risk that some regulators could begin to dominate and interpret the scope of their remit or role more broadly than may have been intended in order to fill perceived gaps in a way that increases incoherence and uncertainty’ (para 29), which points at a strong functional need for a centralised approach to AI regulation.

To try and mitigate those regulatory risks and shortcomings, the AI WP proposes the creation of ‘a number of central support functions’, such as [i} a central monitoring function of overall regulatory framework’s effectiveness and the implementation of the principles; [ii] central risk monitoring and assessment; [iii] horizon scanning; [iv] supporting testbeds and sandboxes; [v] advocacy, education and awareness-raising initiatives; or [vi] promoting interoperability with international regulatory frameworks (para 14, see also para 73). Cryptically, the AI WP indicates that ‘central support functions will initially be provided from within government but will leverage existing activities and expertise from across the broader economy’ (para 15). Quite how this can be effectively done outwith a clearly defined, adequately resourced and durable institutional framework is anybody’s guess. In fact, the AI WP recognises that this approach ‘needs to evolve’ and that Government needs to understand how ‘existing regulatory forums could be expanded to include the full range of regulators‘, what ‘additional expertise government may need’, and the ‘most effective way to convene input from across industry and consumers to ensure a broad range of opinions‘ (para 77).

While the creation of a regulator seems a rather obvious answer to all these questions, the AI WP has rejected it in unequivocal terms. Is the AI WP a U-turn waiting to happen? Is the mention that ‘[a]s we enter a new phase we will review the role of the AI Council and consider how best to engage expertise to support the implementation of the regulatory framework’ (para 78) a placeholder for an imminent project to rejig the AI Council and turn it into an AI regulator? What is the place and role of the Office for AI and the Centre for Data Ethics and Innovation in all this?

Moreover, the AI WP indicates that the ‘proposed framework is aligned with, and supplemented by, a variety of tools for trustworthy AI, such as assurance techniques, voluntary guidance and technical standards. Government will promote the use of such tools’ (para 16). Relatedly, the AI WP relies on those mechanisms to avoid addressing issues of accountability across AI life cycle, indicating that ‘[t]ools for trustworthy AI like assurance techniques and technical standards can support supply chain risk management. These tools can also drive the uptake and adoption of AI by building justified trust in these systems, giving users confidence that key AI-related risks have been identified, addressed and mitigated across the supply chain’ (para 84). Those tools are discussed in much more detail in part 4 of the AI WP (paras 106 ff). Annex A also creates a backdoor for technical standards to directly become the operationalisation of the general principles on which the regulatory framework is based, by explicitly identifying standards regulators may want to consider ‘to clarify regulatory guidance and support the implementation of risk treatment measures’.

This approach to the offloading of tricky regulatory issues to the emergence of private-sector led standards is simply an exercise in the transfer of regulatory power to those setting such standards, guidance and assurance techniques and, ultimately, a privatisation of AI regulation.

A different approach to sandboxes and testbeds?

The Government will take forward the GCSA recommendation to establish a regulatory sandbox for AI, which ‘will bring together regulators to support innovators directly and help them get their products to market. The sandbox will also enable us to understand how regulation interacts with new technologies and refine this interaction where necessary’ (p2). This thus is bound to hardwire some of the issues mentioned above in relation to the GCSA proposal, as well as being reflective of the general pro-industry approach of the AI WP, which is obvious in the framing that the regulators are expected to ‘support innovators directly and help them get their products to market’. Industrial policy seems to be shoehorned and mainstreamed across all areas of regulatory activity, at least in relation to AI (but it can then easily bleed into non-AI-related regulatory activities).

While the AI WP indicates the commitment to implement the AI sandbox recommended in the GCSA Report, it is by no means clear that the implementation will be in the way proposed in the report (ie a multi-regulator sandbox nested under DRCF, with an expectation that it would develop a crucial coordination and regulatory centralisation effect). The AI WP indicates that the Government still has to explore ‘what service focus would be most useful to industry’ in relation to AI sandboxes (para 96), but it sets out the intention to ‘focus an initial pilot on a single sector, multiple regulator sandbox’ (para 97), which diverges from the approach in the GCSA Report, which would be that of a sandbox for ‘multiple sectors, multiple regulators’. While the public consultation intends to gather feedback on which industry sector is the most appropriate, I would bet that the financial services sector will be chosen and that the ‘regulatory innovation’ will simply result in some closer cooperation between the ICO and FCA.

Regulator capabilities — ai regulation on a shoestring?

The AI WP turns to the issue of regulator capabilities and stresses that ‘While our approach does not currently involve or anticipate extending any regulator’s remit, regulating AI uses effectively will require many of our regulators to acquire new skills and expertise’ (para 102), and that the Government has ‘identified potential capability gaps among many, but not all, regulators’ (para 103).

To try to (start to) address this fundamental issue in the context of a devolved and decentralised regulatory framework, the AI WP indicates that the Government will explore, for example, whether it is ‘appropriate to establish a common pool of expertise that could establish best practice for supporting innovation through regulatory approaches and make it easier for regulators to work with each other on common issues. An alternative approach would be to explore and facilitate collaborative initiatives between regulators – including, where appropriate, further supporting existing initiatives such as the DRCF – to share skills and expertise’ (para 105).

While the creation of ‘common regulatory capacity’ has been advocated by the Alan Turing Institute, and while this (or inter-regulator secondments, for example) could be a short term fix, it seems that this tries to address the obvious challenge of adequately resourcing regulatory bodies without a medium and long-term strategy to build up the digital capability of the public sector, and to perpetuate the current approach to AI regulation on a shoestring. The governance and organisational implications arising from the creation of common pool of expertise need careful consideration, in particular as some of the likely dysfunctionalities are only marginally smaller than current over-reliance on external consultants, or the ‘salami-slicing’ approach to regulatory and policy interventions that seems to bleed from the ’agile’ management of technological projects into the realm of regulatory activity, which however requires institutional memory and the embedding of knowledge and expertise.

Algorithmic transparency: some thoughts on UK's first four published disclosures and the standards' usability

© Fabrice Jazbinsek / Flickr.

The Algorithmic Transparency Standard (ATS) is one of the UK’s flagship initiatives for the regulation of public sector use of artificial intelligence (AI). The ATS encourages (but does not mandate) public sector entities to fill in a template to provide information about the algorithmic tools they use, and why they use them [see e.g. Kingsman et al (2022) for an accessible overview].

The ATS is currently being piloted, and has so far resulted in the publication of four disclosures relating to the use of algorithms in different parts of the UK’s public sector. In this post, I offer some thoughts based on these initial four disclosures, in particular from the perspective of the usability of the ATS in facilitating an enhanced understanding of AI use cases, and accountability for those.

The first four disclosed AI use cases

The ATS pilot has so far published information in two batches (on 1 June and 6 July 2022), comprising the following four AI use cases:

  1. Within Cabinet Office, the GOV.UK Data Labs team piloted the ATS for their Related Links tool; a recommendation engine built to aid navigation of GOV.UK (the primary UK central government website) by providing relevant onward journeys from a content page, with the aim of helping users find useful information and content, aiding navigation.

  2. In the Department for Health and Social Care and NHS Digital, the QCovid team piloted the ATS with a COVID-19 clinical tool used to predict how at risk individuals might be from COVID-19. The tool was developed for use by clinicians in support of conversations with patients about personal risk, and it uses algorithms to combine a number of factors such as age, sex, ethnicity, height and weight (to calculate BMI), and specific health conditions and treatments in order to estimate the combined risk of catching coronavirus and being hospitalised or catching coronavirus and dying. Importantly, “The original version of the QCovid algorithms were also used as part of the Population Risk Assessment to add patients to the Shielded Patient List in February 2021. These patients were advised to shield at that time were provided support for doing so, and were prioritised for COVID-19 vaccination.

  3. The Information Commissioner's Office has piloted the ATS with its Registration Inbox AI, which uses a machine learning algorithm to categorise emails sent to the Information Commissioner's Office’s registration inbox and to send out an auto-reply where the algorithm “detects … a request about changing a business address. In cases where it detects this kind of request, the algorithm sends out an autoreply that directs the customer to a new online service and points out further information required to process a change request. Only emails with an 80% certainty of a change of address request will be sent an email containing the link to the change of address form.”

  4. The Food Standards Agency piloted the ATS with its Food Hygiene Rating Scheme (FHRS) – AI, which is an algorithmic tool to help local authorities to prioritise inspections of food businesses based on their predicted food hygiene rating by predicting which establishments might be at a higher risk of non-compliance with food hygiene regulations. Importantly, the tool is of voluntary use and “it is not intended to replace the current approach to generate a FHRS score. The final score will always be the result of an inspection undertaken by [a local authority] officer.

Harmless (?) use cases

At first glance, and on the basis of the implications of the outcome of the algorithmic recommendation, it would seem that the four use cases are relatively harmless, i.e..

  1. If GOV.UK recommends links to content that is not relevant or helpful, the user may simply ignore them.

  2. The outcome of the QCovid tool simply informs the GPs’ (or other clinicians’) assessment of the risk of their patients, and the GPs’ expertise should mediate any incorrect (either over-inclusive, or under-inclusive) assessments by the AI.

  3. If the ICO sends an automatic email with information on how to change their business address to somebody that had submitted a different query, the receiver can simply ignore that email.

  4. Incorrect or imperfect prioritisation of food businesses for inspection could result in the early inspection of a low-risk restaurant, or the late(r) inspection of a higher-risk restaurant, but this is already a risk implicit in allowing restaurants to open pending inspection; AI does not add risk.

However, this approach could be too simplistic or optimistic. It can be helpful to think about what could really happen if the AI got it wrong ‘in a disaster scenario’ based on possible user reactions (a useful approach promoted by the Data Hazards project). It seems to me that, on ‘worse case scenario’ thinking (and without seeking to be exhaustive):

  1. If GOV.UK recommends content that is not helpful but is confusing, the user can either engage in red tape they did not need to complete (wasting both their time and public resources) or, worse, feel overwhelmed, confused or misled and abandon the administrative interaction they were initially seeking to complete. This can lead to exclusion from public services, and be particularly problematic if these situations can have a differential impact on different user groups.

  2. There could be over-reliance on the QCovid algorithm by (too busy) GPs. This could lead to advising ‘as a matter of routine’ the taking of excessive precautions with significant potential impacts on the day to day lives of those affected—as was arguably the case for some of the citizens included in shielding categories in the earlier incarnation of the algorithm. Conversely, GPs that identified problems in the early use of the algorithm could simply ignore it, thus potentially losing the benefits of the algorithm in other cases where it could have been helpful—potentially leading to under-precaution by individuals that could have otherwise been better safeguarded.

  3. Similarly to 1, the provision of irrelevant and potentially confusing information can lead to waste of resource (e.g. users seeking to change their business registration address because they wrongly think it is a requirement to process their query or, at a lower end of the scale, users having to read and consider information about an administrative process they have no interest in). Beyond that, the classification algorithm could generate loss of queries if there was no human check to verify that the AI classification was correct. If this check takes place anyway, the advantages of automating the sending of the initial email seem rather marginal.

  4. Similar to 2, the incorrect prediction of risk can lead to misuse of resources in the carrying out of inspections by local authorities, potentially pushing down the list of restaurants pending inspection some that are high-risk and that could thus be seen their inspection repeatedly delayed. This could have important public health implications, at least for those citizens using the to be inspected restaurants for longer than they would otherwise have. Conversely, inaccurate prioritisations that did not seem to catch more ‘risky’ restaurants could also lead to local authorities abandoning its use. There is also a risk of profiling of certain types of businesses (and their owners), which could lead to victimisation if the tool was improperly used, or used in relation to restaurants that have been active for a longer period (eg to trigger fresh (re)inspections).

No AI application is thus entirely harmless. Of course, this is just a matter of theoretical speculation—as could also be speculated whether reduced engagement with the AI would generate a second tier negative effect, eg if ‘learning’ algorithms could not be revised and improved on the basis of ‘real-life’ feedback on whether their predictions were or not accurate.

I think that this sort of speculation offers a useful yardstick to assess the extent to which the ATS can be helpful and usable. I would argue that the ATS will be helpful to the extent that (a) it provides information susceptible of clarifying whether the relevant risks have been taken into account and properly mitigated or, failing that (b) it provides information that can be used to challenge the insufficiency of any underlying risk assessments or mitigation strategies. Ultimately, AI transparency is not an end in itself, but simply a means of increasing accountability—at least in the context of public sector AI adoption. And it is clear that any degree of transparency generated by the ATS will be an improvement on the current situation, but is the ATS really usable?

Finding out more on the basis of the ATS disclosures

To try to answer that general question on whether the ATS is usable and serves to facilitate increased accountability, I have read the four disclosures in full. Here is my summary/extracts of the relevant bits for each of them.

GOV.UK Related Links

Since May 2019, the tool has been using an algorithm called node2vec (machine learning algorithm that learns network node embeddings) to train a model on the last three weeks of user movement data (web analytics data). The benefits are described as “the tool … predicts related links for a page. These related links are helpful to users. They help users find the content they are looking for. They also help a user find tangentially related content to the page they are on; it’s a bit like when you are looking for a book in the library, you might find books that are relevant to you on adjacent shelves.

The way the tool works is described in some more detail: “The tool updates links every three weeks and thus tracks changes in user behaviour.” “Every three weeks, the machine learning algorithm is trained using the last three weeks of analytics data and trains a model that outputs related links that are published, overwriting the existing links with new ones.” “The average click through rate for related links is about 5% of visits to a content page. For context, GOV.UK supports an average of 6 million visits per day (Jan 2022). True volumes are likely higher owing to analytics consent tracking. We only track users who consent to analytics cookies …”.

The decision process is fully automated, but there is “a way for publishers to add/amend or remove a link from the component. On average this happens two or three times a month.” “Humans have the capability to recommend changes to related links on a page. There is a process for links to be amended manually and these changes can persist. These human expert generated links are preferred to those generated by the model and will persist.” Moreover, “GOV.UK has a feedback link, “report a problem with this page”, on every page which allows users to flag incorrect links or links they disagree with.” The tool was subjected to a Data Protection Impact Assessment (DPIA), but no other impact assessments (IAs) are listed.

When it comes to risk identification and mitigation, the disclosure indicates: “A recommendation engine can produce links that could be deemed wrong, useless or insensitive by users (e.g. links that point users towards pages that discuss air accidents).” and that, as mitigation: “We added pages to a deny list that might not be useful for a user (such as the homepage) or might be deemed insensitive (e.g. air accident reports). We also enabled publishers or anyone with access to the tagging system to add/amend or remove links. GOV.UK users can also report problems through the feedback mechanisms on GOV.UK.

Overall, then, the risk I had identified is only superficially identified, in that the ATS disclosure does not show awareness of the potential differing implications of incorrect or useless recommendations across the spectrum. The narrative equating the recommendations to browsing the shelves of a library is quite suggestive in that regard, as is the fact that the quality controls are rather limited.

Indeed, it seems that the quality control mechanisms require a high level of effort by every publisher, as they need to check every three weeks whether the (new) related links appearing in each of the pages they publish are relevant and unproblematic. This seems to have reversed the functional balance of convenience. Before the implementation of the tool, only approximately 2,000 out of 600,000 pieces of content on GOV.UK had related links, as they had to be created manually (and thus, hopefully, were relevant, if not necessarily unproblematic). Now, almost all pages have up to five related content suggestions, but only two or three out of 600,000 pages see their links manually amended per month. A question arises whether this extremely low rate of manual intervention is reflective of the high quality of the system, or the reverse evidence of lack of resource to quality-assure websites that previously prevented 98% of pages from having this type of related information.

However, despite the queries as to the desirability of the AI implementation as described, the ATS disclosure is in itself useful because it allows the type of analysis above and, in case someone considers the situation unsatisfactory or would like to prove it further, there are is a clear gateway to (try to) engage the entity responsible for this AI deployment.

QCovid algorithm

The algorithm was developed at the onset of the Covid-19 pandemic to drive government decisions on which citizens to advise to shield, support during shielding, and prioritise for vaccination rollout. Since the end of the shielding period, the tool has been modified. “The clinical tool for clinicians is intended to support individual conversations with patients about risk. Originally, the goal was to help patients understand the reasons for being asked to shield and, where relevant, help them do so. Since the end of shielding requirements, it is hoped that better-informed conversations about risk will have supported patients to make appropriate decisions about personal risk, either protecting them from adverse health outcomes or to some extent alleviating concerns about re-engaging with society.

In essence, the tool creates a risk calculation based on scoring risk factors across a number of data fields pertaining to demographic, clinical and social patient information.“ “The factors incorporated in the model include age, ethnicity, level of deprivation, obesity, whether someone lived in residential care or was homeless, and a range of existing medical conditions, such as cardiovascular disease, diabetes, respiratory disease and cancer. For the latest clinical tool, separate versions of the QCOVID models were estimated for vaccinated and unvaccinated patients.

It is difficult to assess how intensely the tool is (currently) used, although the ATS indicates that “In the period between 1st January 2022 and 31st March 2022, there were 2,180 completed assessments” and that “Assessment numbers often move with relative infection rate (e.g. higher infection rate leads to more usage of the tool).“ The ATS also stresses that “The use of the tool does not override any clinical decision making but is a supporting device in the decision making process.” “The tool promotes shared decision making with the patient and is an extra point of information to consider in the decision making process. The tool helps with risk/benefit analysis around decisions (e.g. recommendation to shield or take other precautionary measures).

The impact assessment of this tool is driven by those mandated for medical devices. The description is thus rather technical and not very detailed, although the selected examples it includes do capture the possibility of somebody being misidentified “as meeting the threshold for higher risk”, as well as someone not having “an output generated from the COVID-19 Predictive Risk Model”. The ATS does stress that “As part of patient safety risk assessment, Hazardous scenarios are documented, yet haven’t occurred as suitable mitigation is introduced and implemented to alleviate the risk.” That mitigation largely seems to be that “The tool is designed for use by clinicians who are reminded to look through clinical guidance before using the tool.

I think this case shows two things. First, that it is difficult to understand how different parts of the analysis fit together when a tool that has had two very different uses is the object of a single ATS disclosure. There seems to be a good argument for use case specific ATS disclosures, even if the underlying AI deployment is the same (or a closely related one), as the implications of different uses from a governance perspective also differ.

Second, that in the context of AI adoption for healthcare purposes, there is a dual barrier to accessing relevant (and understandable) information: the tech barrier and the medical barrier. While the ATS does something to reduce the former, the latter very much remains in place and perhaps turn the issue of trustworthiness of the AI to trustworthiness of the clinician, which is not necessarily entirely helpful (not only in this specific use case, but in many other one can imagine). In that regard, it seems that the usability of the ATS is partially limited, and more could be done to increase meaningful transparency through AI-specific IAs, perhaps as proposed by the Ada Lovelace Institute.

In this case, the ATS disclosure has also provided some valuable information, but arguably to a lesser extent than the previous case study.

ICO’s Registration Inbox AI

This is a tool that very much resembles other forms of email classification (e.g. spam filters), as “This algorithmic tool has been designed to inspect emails sent to the ICO’s registration inbox and send out autoreplies to requests made about changing addresses. The tool has not been designed to automatically change addresses on the requester’s behalf. The tool has not been designed to categorise other types of requests sent to the inbox.

The disclosure indicates that “In a significant proportion of emails received, a simple redirection to an online service is all that is required. However, sifting these types of emails out would also require time if done by a human. The algorithm helps to sift out some of these types of emails that it can then automatically respond to. This enables greater capacity for [Data Protection] Fees Officers in the registration team, who can, consequently, spend more time on more complex requests.” “There is no manual intervention in the process - the links are provided to the customer in a fully automated manner.

The tool has been in use since May 2021 and classifies approximately 23,000 emails a month.

When it comes to risk identification and mitigation, the ATS disclosure stresses that “The algorithmic tool does not make any decisions, but instead provides links in instances where it has calculated the customer has contacted the ICO about an address change, giving the customer the opportunity to self-serve.” Moreover, it indicates that there is “No need for review or appeal as no decision is being made. Incorrectly classified emails would receive the default response which is an acknowledgement.” It further stresses that “The classification scope is limited to a change of address and a generic response stating that we have received the customer’s request and that it will be processed within an estimated timeframe. Incorrectly classified emails would receive the default response which is an acknowledgement. This will not have an impact on personal data. Only emails with an 80% certainty of a change of address request will be sent an email containing the link to the change of address form.”

In my view, this disclosure does not entirely clarify the way the algorithm works (e.g. what happens to emails classified as having requested information on change of address? Are they ‘deleted’ from the backlog of emails requiring a (human) non-automated response?). However, it does provide sufficient information to further consolidate the questions arising from the general description. For example, it seems that the identification of risks is clearly partial in that there is not only a risk of someone asking for change of address information not automatically receiving it, but also a risk of those asking for other information receiving the wrong information. There is also no consideration of additional risks (as above), and the general description makes the claim of benefits doubtful if there has to be a manual check to verify adequate classification.

The ATS disclosure does not provide sufficient contact information for the owner of the AI (perhaps because they were contracted on limited after service terms…), although there is generic contact information for the ICO that could be used by someone that considered the situation unsatisfactory or would like to prove it further.

Food Hygiene Rating Scheme – AI

This tool is also based on machine learning to make predictions. “A machine learning framework called LightGBM was used to develop the FHRS AI model. This model was trained on data from three sources: internal Food Standards Agency (FSA) FHRS data, publicly available Census data from the 2011 census and open data from HERE API. Using this data, the model is trained to predict the food hygiene rating of an establishment awaiting its first inspection, as well as predicting whether the establishment is compliant or not.” “Utilising the service, the Environmental Health Officers (EHOs) are provided with the AI predictions, which are supplemented with their knowledge about the businesses in the area, to prioritise inspections and update their inspection plan.”

Regarding the justification for the development, the disclosure stresses that “the number of businesses classified as ‘Awaiting Inspection’ on the Food Hygiene Rating Scheme website has increased steadily since the beginning of the pandemic. This has been the key driver behind the development of the FHRS AI use case.” “The objective is to help local authorities become more efficient in managing the hygiene inspection workload in the post-pandemic environment of constrained resources and rapidly evolving business models.

Interestingly, the disclosure states that the tool “has not been released to actual end users as yet and hence the maintenance schedule is something that cannot be determined at this point in time (June 2022). The Alpha pilot started at the beginning of April 2022, wherein the end users (the participating Local Authorities) have access to the FHRS AI service for use in their day-to-day workings. This section will be updated depending on the outcomes of the Alpha Pilot ...” It remains to be seen whether there will be future updates on the disclosure, but an error in copy-pasting in the ATS disclosure makes it contain the same paragraph but dated February 2022. This stresses the need to date and reference (eg v.1, v.2) the successive versions of the same disclosure, which does not seem to be a field of the current template, as well as to create a repository of earlier versions of the same disclosure.

The section on oversight stresses that “the system has been designed to provide decision support to Local Authorities. FSA has advised Local Authorities to never use this system in place of the current inspection regime or use it in isolation without further supporting information”. It also stresses that “Since there will be no change to the current inspection process by introducing the model, the existing appeal and review mechanisms will remain in place. Although the model is used for prioritisation purposes, it should not impact how the establishment is assessed during the inspection and therefore any challenges to a food hygiene rating would be made using the existing FHRS appeal mechanism.”

The disclosure also provides detailed information on IAs: “The different impact assessments conducted during the development of the use case were 1. Responsible AI Risk Assessment; 2. Stakeholder Impact Assessment; [and] 3. Privacy Impact Assessment.” Concerning the responsible AI risk assessment, in addition to a personal data issue that should belong in the DPIA, the disclosure reports three identified risks very much in line with the ones I had hinted at above: “2. Potential bias from the model (e.g. consistently scoring establishments of a certain type much lower, less accurate predictions); 3. Potential bias from inspectors seeing predicted food hygiene ratings and whether the system has classified the establishment as compliant or not. This may have an impact on how the organisation is perceived before receiving a full inspection; 4. With the use of AI/ML there is a chance of decision automation bias or automation distrust bias occurring. Essentially, this refers to a user being over or under reliant on the system leading to a degradation of human-reasoning.”

The disclosure presents related mitigation strategies as follows: “2. Integration of explainability and fairness related tooling during exploration and model development. These tools will also be integrated and monitored post-alpha testing to detect and mitigate potential biases from the system once fully operational; 3. Continuously reflect, act and justify sessions with business and technical subject matter experts throughout the delivery of the project, along with the use of the three impact assessments outlined earlier to identify, assess and manage project risks; 4. Development of usage guidance for local authorities specifically outlining how the service is expected to be used. This document also clearly states how the service should not be used, for example, the model outcome must not be the only indicator used when prioritising businesses for inspection.

In this instance, the ATS disclosure is in itself useful because it allows the type of analysis above and, in case someone considers the situation unsatisfactory or would like to prove it further, there are is a clear gateway to (try to) engage the entity responsible for this AI deployment. It is also interesting to see that the disclosure specifies that the private provider was engaged “As well as [in] a development role [… to provide] Responsible AI consulting and delivery services, including the application of a parallel Responsible AI sprint to assess risk and impact, enable model explainability and assess fairness, using a variety of artefacts, processes and tools”. This is clearly reflected in the ATS disclosure and could be an example of good practice where organisations lack that in-house capability and/or outsource the development of the AI. Whether that role should fall with the developer, or should rather be separate to avoid organisational conflicts of interest is a discussion for another day.

Final thoughts

There seems to be a mixed picture on the usability of the ATS disclosures, with some of them not entirely providing (full) usability, or a clear pathway to engage with the specific entity in charge of the development of the algorithmic tool, specifically if it was an outsourced provider. In those cases, the public authority that has implemented the AI (even if not the owner of the project) will have to deal with any issues arising from the disclosure. There is also a mixed practice concerning linking to resources other than previously available (open) data (eg open source code, data sources), with only one project (GOV.UK) including them in the disclosures discussed above.

It will be interesting to see how this assessment scales up (to use a term) once disclosures increase in volume. There is clearly a research opportunity arising as soon as more ATS disclosures are published. As a hypothesis, I would submit that disclosure quality is likely to reduce with volume, as well as with the withdrawal of whichever support the pilot phase has meant for those participating institutions. Let’s see how that empirical issue can be assessed.

The other reflection I have to offer based on these first four disclosures is that there are points of information in the disclosures that can be useful, at least from an academic (and journalistic?) perspective, to assess the extent to which the public sector has the capabilities it needs to harness digital technologies (more on that soon in this blog).

The four reviewed disclosures show that there was one in-house development (GOV.UK), while the other ones were either procured (QCovid, which disclosure includes a redacted copy of the contract), or contracted out, perhaps even directly awarded (ICO email classifier FSA FHRS - AI). And there are some in between the line indications that some of the implementations may have been relatively randomly developed, unless there was strong pre-existing reliable statistical data (eg on information requests concerning change of business address). Which in itself triggers questions on the procurement or commissioning strategy developed by institutions seeking to harness AI potential.

From this perspective, the ATS disclosures can be a useful source of information on the extent to which the adoption of AI by the public sector depends as strongly on third party capabilities as the literature generally hypothesises or/and is starting to demonstrate empirically.

Initial comments on the UK's Procurement Bill: A lukewarm assessment

Having read the Procurement Bill, its Impact Assessment and the Explanatory Notes, I have some initial comments, which I have tried to articulate in a working paper.

In the paper I offer some initial comments on the Bill and related documents, including: (i) the economic justification in its impact assessment; (ii) some general comments on legislative technique and the quality of the Bill and its Explanatory Notes; (iii) some observations on what may have not been carried over from the Transforming Public Procurement consultation and government response; (iv) a mapping of important aspects of procurement regulation that the Bill does not cover and will thus have to wait for secondary legislation and/or guidance; (v) some general considerations on the unclear impact of different wording for ‘terms of art’, including their interpretation; and (vi) fifty selected issues I have spotted in my first reading of the Bill. I close with some considerations on the difficulty of ensuring a sufficient fix along the legislative process.

In case of interest, the paper can be dowloaded here: https://ssrn.com/abstract=4114141.

More than ever, this is work in progress and I would be grateful for any feedback or discussion: a.sanchez-graells@bristol.ac.uk.

Not a hot take on the UK's Procurement Bill

As anticipated, the UK Government has moved at tremendous speed to introduce the Procurement Bill for Parliamentary passage. The text of the Bill as introduced, and information on the Parliamentary process, are available here.

The Procurement Bill comprises 116 sections and 11 schedules, and it will take some careful reading to identify how the Bill:

  • meets the UK’s international commitments under the WTO GPA, the EU-UK TCA, and other FTAs with procurement chapters;

  • deviates from the current EU-derived Public Contracts Regulations 2015, and the rest of the regulations transposing EU procurement law;

  • embeds the key changes resulting from the Transforming Public Procurement consultation — which will also largely depend on secondary legislation and guidance yet to be published;

  • generates potential interpretative issues that could be ironed out through the Parliamentary procedure; and

  • is likely to work out in practice to deliver the ambitious goals of the UK Government.

So this is not material suitable for a hot take. Sorry to disappoint! I will try to publish a more considered view by the end of the month, although it may take longer… For now, happy reading of the Bill.

UK procurement law reform: Queen's Speech update

© Morten Morland / The Times.

The post-Brexit de/re/regulation of public procurement in the UK requires legislative reform to create the new overarching framework supporting the policy and regulatory changes described in the 2020-21 Transforming Public Procurement public consultation (see here and here).

However, finding Parliamentary time to take the process forward has proved difficult. A Procurement Bill was initially announced in the 2021 Queen’s Speech, but was not introduced in the last Parliamentary session. This delayed the timeline for the entry into force of the new procurement regime, which the Government’s response to the public consultation considered ‘unlikely to come into force until 2023 at the earliest’.

In April 2022, the Government confirmed that it would be introducing the Procurement Bill for the coming session, and this was also considered a clear possibility in recent Parliamentary briefings and quasi-insider commentators.

Today’s 2022 Queen’s Speech has reiterated that ‘Public sector procurement will be simplified to provide new opportunities for small businesses’.

What does this mean for the timeline of UK procurement law reform?

Unfortunately, this is not entirely clear. Or, as you would expect from a lawyer, the answer is that it depends.

First, because a Bill being announced in the Queen’s Speech does not guarantee that it will be effectively introduced, as we saw in the 2021 session (although this may have had to do with the large volume of responses to the public consultation, which made the process more protracted and could have had a knock-on effect on the Cabinet Office team’s bandwidth to work on the Procurement Bill itself). The likelihood of the Bill being effectively introduced is hard to guess, as the 2022 Queen’s Speech also included proposed legislation to tackle quite a few urgent challenges with electoral tags clearly attached to them (eg cost of living crisis), as well as controversial constitutional reform bills that, by themselves, could take up most Parliamentary time—especially if there is extended ping-pong with the House of Lords, as one would hope.

Second, because the Procurement Bill has been announced as part of the ‘Brexit Package’ in the Queen’s Speech, together with the Brexit Freedoms Bill, as well as the reform of the Data Protection Bill, and the Financial Services Bill. It will be interesting to see if there is internal competition for Parliamentary time within this group of Brexit-related Bills. If that is the case, I would not be surprised if the Procurement Bill was put on the backburner again, especially if the Government is aware of the limited practical changes that a new Procurement Bill can deliver in terms of one of their main political promises linked to procurement: a (sort of ) Buy British procurement policy.

However, there are also indications that the procurement reform team within Cabinet Office is pushing hard for advances in procurement reform. On 29 April 2022, the UK Government published a new programme website where it states that ‘New legislation is introducing a reformed public procurement regime that will come into effect in 2023’ (emphasis added, and note the change of wording compared to ‘unlikely … until 2023 at the earliest’ above — unless there are different intended meanings between ‘entry into force’ and ‘entry into effect’ — one for legal drafting aficionados…). A few job ads linked to the rollout of the training programme supporting the transition to the new regime have also been published, so investment in this area seems to have started to materialise (could not find details, though).

If there is indeed a push, and given that the Government has committed to giving a minimum of 6 months’ notice before the new regime goes live, the Procurement Bill should receive Royal Assent by end of June 2023 at the latest, if the 2023 deadline is to be met (in extremis). Based on the outcome of the public consultation, the likely approach will be to have a minimalistic, bare bones legislative instrument twinned with voluminous guidance. Therefore, the Procurement Bill can be expected to be relatively short.

However, it will include some controversial issues and, as above, it will be competing for limited Parliamentary time — and perhaps appetite for and attention to highly technical legislation. If the Government wants to have the new system in place at the end of 2023 (or even 1 Jan 2024, or early April 2024 to match the fiscal year …), the Procurement Bill should be introduced sooner rather than later.

Therefore, we may be about to enter a rather intense 12-month period of discussion (and public scrutiny) of the more definite plans for UK public procurement law reform. Watch this space.

Flexibility, discretion and corruption in procurement: an unavoidable trade-off undermining digital oversight?

Magic; Stage Illusions and Scientific Diversions, Including Trick Photography (1897), written by Albert Allis Hopkins and Henry Ridgely Evan.

As the dust settles in the process of reform of UK public procurement rules, and while we await for draft legislation to be published (some time this year?), there is now a chance to further reflect on the likely effects of the deregulatory, flexibility- and discretion-based approach to be embedded in the new UK procurement system.

An issue that may not have been sufficiently highlighted, but which should be of concern, is the way in which increased flexibility and discretion will unavoidably carry higher corruption risks and reduce the effectiveness of potential anti-corruption tools, in particular those based on the implementation of digital technologies for procurement oversight [see A Sanchez-Graells, ‘Procurement Corruption and Artificial Intelligence: Between the Potential of Enabling Data Architectures and the Constraints of Due Process Requirements’ in S Williams-Elegbe & J Tillipman (eds), Routledge Handbook of Public Procurement Corruption (Routledge, forthcoming)].

This is an inescapable issue, for there is an unavoidable trade-off between flexibility, discretion and corruption (in procurement, and more generally). And this does not bode well for the future of UK procurement integrity if the experience during the pandemic is a good predictor.

The trade-off between flexibility, discretion and corruption underpins many features of procurement regulation, such as the traditional distrust of procedures involving negotiations or direct awards, which may however stifle procurement innovation and limit value for money [see eg F Decarolis et al, ‘Rules, Discretion, and Corruption in Procurement: Evidence from Italian Government Contracting’ (2021) NBER Working Paper 28209].

The trade-off also underpins many of the anti-corruption tools (eg red flags) that use discretionary elements in procurement practice as a potential proxy for corruption risk [see eg M Fazekas, L Cingolani and B Tóth, ‘Innovations in Objectively Measuring Corruption in Public Procurement’ in H K Anheier, M Haber and M A Kayser (eds) Governance Indicators: Approaches, Progress, Promise (OUP 2018) 154-180; or M Fazekas, S Nishchal and T Søreide, ‘Public procurement under and after emergencies’ in O Bandiera, E Bosio and G Spagnolo (eds), Procurement in Focus – Rules, Discretion, and Emergencies (CEPR Press 2022) 33-42].

Moreover, economists and political scientists have clearly stressed that one way of trying to strike an adequate balance between the exercise of discretion and corruption risks, without disproportionately deterring the exercise of judgement or fostering laziness or incompetence in procurement administration, is to increase oversight and monitoring, especially through auditing mechanisms based on open data (see eg Procurement in a crisis: how to mitigate the risk of corruption, collusion, abuse and incompetence).

The difficulty here is that the trade-off is inescapable and the more dimensions on which there is flexibility and discretion in a procurement system, the more difficult it will be to establish a ‘normalcy benchmark’ or ‘integrity benchmark’ from which deviations can trigger close inspection. Taking into account that there is a clear trend towards seeking to automate integrity checks on the basis of big data and machine learning techniques, this is a particularly crucial issue. In my view, there are two main sources of difficulties and limitations.

First, that discretion is impossible to code for [see S Bratus and A Shubina, Computerization, Discretion, Freedom (2015)]. This both means that discretionary decisions cannot be automated, and that it is impossible to embed compliance mechanisms (eg through the definition of clear pathways based on business process modelling within an e-procurement system, or even in blockchain and smart contract approaches: Neural blockchain technology for a new anticorruption token: towards a novel governance model) where there is the possibility of a ‘discretion override’.

The more points along the procurement process where discretion can be exercised (eg choice of procedure, design of procedure, award criteria including weakening of link to subject matter of the contract and inclusion of non(easily)measurable criteria eg on social value, displacement of advantage analysis beyond sphere of influence of contracting authority, etc) the more this difficulty matters.

Second, the more deviations there are between the new rulebook and the older one, the lower the value of existing (big) data (if any is available or useable) and of any indicators of corruption risk, as the regulatory confines of the exercise of discretion will not only have shifted, but perhaps even lead to a displacement of corruption-related exercise of discretion. For example, focusing on the choice of procedure, data on the extent to which direct awards could be a proxy for corruption may be useless in a new context where that type of corruption can morph into ‘custom-made’ design of a competitive flexible procedure—which will be both much more difficult to spot, analyse and prove.

Moreover, given the inherent fluidity of that procedure (even if there is to be a template, which is however not meant to be uncritically implemented), it will take time to build up enough data to be able to single out specific characteristics of the procedure (eg carrying out negotiations with different bidders in different ways, such as sequentially or in parallel, with or without time limits, the inclusion of any specific award criterion, etc) that can be indicative of corruption risk reliably. And that intelligence may not be forthcoming if, as feared, the level of complexity that comes with the exercise of discretion deters most contracting authorities from exercising it, which would mean that only a small number of complex procedures would be carried out every year, potentially hindering the accumulation of data capable of supporting big data analysis (or even meaningful econometrical treatment).

Overall, then, the issue I would highlight again is that there is an unavoidable trade-off between increasing flexibility and discretion, and corruption risk. And this trade-off will jeopardise automation and data-based approaches to procurement monitoring and oversight. This will be particularly relevant in the context of the design and implementation of the tools at the disposal of the proposed Procurement Review Unit (PRU). The Response to the public consultation on the Transforming Public Procurement green paper emphasised that

‘… the PRU’s main focus will be on addressing systemic or institutional breaches of the procurement regulations (i.e. breaches common across contracting authorities or regularly being made by a particular contracting authority). To deliver this service, it will primarily act on the basis of referrals from other government departments or data available from the new digital platform and will have the power to make formal recommendations aimed at addressing these unlawful breaches’ (para [48]).

Given the issues raised above, and in particular the difficulty or impossibility of automating the analysis of such data, as well as the limited indicative value and/or difficulty of creating reliable red flags in a context of heightened flexibility and discretion, quite how effective this will be is difficult to tell.

Moreover, given the floating uncertainty on what will be identified as suspicious of corruption (or legal infringement), it is also possible that the PRU (initially) operates on the basis of indicators or thresholds arbitrarily determined (much like the European Commission has traditionally arbitrarily set thresholds to consider procurement practices problematic under the Single Market Scorecard; see eg here). This could have a signalling effect that could influence decision-making at contracting authority level (eg to avoid triggering those red flags) in a way that pre-empts, limits or distorts the exercise of discretion—or that further displaces corruption-related exercise of discretion to areas not caught by the arbitrary indicators or thresholds, thus making it more difficult to detect.

Therefore, these issues can be particularly relevant in establishing both whether the balance between discretion and corruption risk is right under the new rulebook’s regulatory architecture and approach, as well as whether there are non-statutory determinants of the (lack of) exercise of discretion, other than the complexity and potential litigation and challenge risk already stressed in earlier analysis and reflections on the green paper.

Another ‘interesting’ area of development of UK procurement law and practice post-Brexit when/if it materialises.

Recent developments in UK procurement regulation -- consolidated overview

I have put together a consolidated review of recent developments in UK procurement regulation, to be included as a country report in a forthcoming issue of the European Procurement & Public Private Partnership Law Review.

It brings together developments discussed in the blog in recent months. including the Post-Brexit rulebook reform, the proposal of special rules for healthcare services commissioning, the procurement chapter in the UK-Australia Free Trade Agreement, and a recent decision in the PPE procurement litigation saga.

In case of interest, it can be downloaded from SSRN: https://ssrn.com/abstract=4016424.

It contains nothing new, though, so assiduous readers may want to skip this one!

Procurement chapter in the UK-Australia Free Trade Agreement -- GPA+ or GPA complex?

Both the UK and Australia are members of the World Trade Organisation Government Procurement Agreement (GPA). The GPA is a multilateral agreement and its members generally make commitments applicable to all other members, but the GPA’s operation is also largely bilateral in the sense that countries can tailor their coverage schedules to include specific rules or derogations of commitments vis-a-vis specific GPA members (either on the basis of expected reciprocity, or otherwise).

Given this possibility of differentiated bilateral treatment within the multilateral framework of the GPA, it could seem surprising that the recent bilateral UK-Australia Free Trade Agreement (UK-AUS FTA) includes a chapter on public procurement (chapter 16). However, this approach to the inclusion of procurement chapters that go beyond existing GPA commitments (GPA+) in bilateral FTAs rather than through the GPA is not new. Australia has long engaged with this approach [see eg D Collins, ‘Government Procurement with Strings Attached: The Uneven Control of Offsets by the World Trade Organization and Regional Trade Agreements’ (2018) 8(2) Asian Journal of International Law 301–321]. As has the UK, in a manner that carries on from the EU’s approach that bound the UK until it gained independent GPA membership on 1 January 2021 [see eg M Garcia, ‘Procurement Liberalization Diffusion in EU Agreements: Signalling Stewardship?’ (2014) 48(3) Journal of World Trade 481-500].

Ways of going GPA+ in bilateral FTAs

There are two primary approaches to the creation of bilateral GPA+ procurement regimes in FTAs. One is to simply incorporate the GPA and the relevant schedules of coverage into the bilateral FTA by reference, and then add whichever ‘plus’ elements are agreed in specific FTA provisions and/or expanded schedules of coverage. This is the approach followed in the EU-UK Trade and Cooperation Agreement (EU-UK TCA), which Art 277 incorporates certain provisions of the GPA and covered procurement, and Arts 278-286 establish additional rules for covered procurement—with additional requirements for not covered procurement also contained in the TCA (Art 287-288), as well as a specific set of rules on modification of coverage, dispute resolution and cooperation (Arts 289-294).

The alternative approach is to replicate the text of the GPA itself in the bilateral FTA and to include additional commitments either as part of those provisions (eg by reducing optionality and making specific requirements mandatory), or by adding additional provisions, as well as including expanded schedules of coverage. This is for example the approach followed in the EU-Singapore FTA (Chapter 9), or the EU-Canada FTA (CETA, Chapter 19). And this is also the approach followed by the UK-AUS FTA, which includes a significant number of variations on the GPA text worth assessing (below).

Complications of going GPA+ in bilateral FTAs

From a legal interpretation perspective, the first approach (incorporation by reference) is likely to minimise risks of inconsistency between the GPA and the FTA because, unless the additional obligations overlap (and contradict) the basic obligations in the GPA, it is more likely that the FTA really only deals with the ‘plus’ agreed between its parties. In contrast, the second approach (replication) creates significant scope for legal uncertainty where the text of the GPA is altered in the process of its inclusion into the FTA, as it will not always be clear whether the parties sought to deviate from GPA obligations and, in my view, establishing the purpose of a specific deviation is more difficult to do in the context of a provision that is mostly like the GPA’s, rather than in a self-standing provision.

Either way, under both approaches, where the bilateral FTA deviates from the GPA in a way that is not clearly adding obligations or expanding scope of coverage, but rather varying or reducing the parties’ obligations towards each other, the extent to which the inclusion of an incompatible clause in the FTA will generate a change in the legal position of the parties under the GPA or more generally is unclear as, more importantly, is unclear whether it will generate a practical effect.

This can be a rather tricky issue of treaty interpretation governed by the 1969 Vienna Convention on the Law of the Treaties (Art 30), on which I will have to defer to specialists. However, from a practical perspective, it seems to me that the GPA+ approach is incapable of generating practical effects concerning a reduction or variation of the requirements applicable to the tendering of public contracts where the specific procurement is subject to dual coverage. Given that GPA+ extensions of coverage are usually only incremental above the general coverage included in the GPA schedules for each of the parties, most of the procurement opportunities covered by the FTA will be subject to such dual regulation.

Imagine a bilateral FTA that excludes a specific obligation (eg concerning the need to mention in the notice of intended procurement that the procurement is covered by the FTA) while that obligation is, however, included in the GPA. If a procurement is covered both by the GPA and the FTA, the procuring Member State will have to comply with the most demanding legal regime between the GPA and the FTA (at least vis-a-vis the other GPA members; in the example, it will have to indicate that the procurement is covered by the GPA) and, in that scenario, the practical effects of the deviation in the FTA from the GPA regulatory benchmark will be nullified (eg because it will be possible for tenderers from the FTA jurisdiction to identify the opportunity as also open to them).

While there can be some marginal circumstances in which there can be a practical effect (eg reducing or excluding access to remedies vis-a-vis tenderers from the FTA jurisdiction), those are unlikely to go unchallenged (eg on the basis that more unfavourable treatment under the bilateral FTA is incompatible with the GPA commitments, subject to issue of treaty interpretation, as above).

All in all, it seems difficult to understand why countries would want to vary or reduce their obligations under the GPA in bilateral FTAs—given that, at the end of the day, those are regulatory constraints they had accepted in the context of the GPA that bound them (also bilaterally) prior to entering into the FTA. It could be that reduced procedural or substantive guarantees are a trade-off they are willing to make in exchange for increased economic coverage of their bilateral procurement trade. But this seems to unnecessarily overcomplicate the legal environment, potentially with unpredictable consequences. However, this is clearly the approach followed in the procurement chapter of the UK-AUS FTA, which is worth looking at closely. Some of the analysis of the UK-AUS FTA will be applicable to other GPA+ FTAs, to the extent that they include the same, or similar deviations from the GPA.

Selected complications in the GPA+ (or GPA-) approach of the UK-AUS FTA

The procurement chapter of the UK-AUS FTA includes relevant deviations from the GPA (a full list is available below, Appendix). Some of these variations raise interpretive and practical issues, such as the effect of a change in the national treatment clause (arguably the pillar of the GPA regime), or a change in the wording of the main clause on remedies (another of the crucial provisions in the GPA). I will now address these two issues in detail, as they seem to me to be indicative of a GPA- rather than a GPA+ approach in the UK-AUS FTA—and thus liable to the sort of complication laid out above.

Remit of the national treatment obligation

The GPA imposes national treatment and non-discrimination obligations as the foundation of its regulatory architecture. The GPA national treatment clause reads ‘With respect to any measure regarding covered procurement, each Party, including its procuring entities, shall accord immediately and unconditionally to the goods and services of any other Party and to the suppliers of any other Party offering the goods or services of any Party, treatment no less favourable than the treatment the Party, including its procuring entities, accords to: a) domestic goods, services and suppliers; and b) goods, services and suppliers of any other Party’ (Art IV(1) emphasis added). This creates a two-tier requirement of ‘most favoured treatment’, both between the goods, services and suppliers of two given GPA members (procuring and supplying) and across the goods, services and suppliers of all GPA parties other than the procuring party.

The underlined clause leaves the possibility open for differential treatment of suppliers of a GPA party offering goods or services of a non-GPA party. This is in line with the GPA non-discrimination clause, which reads: ‘With respect to any measure regarding covered procurement, a Party, including its procuring entities, shall not: a) treat a locally established supplier less favourably than another locally established supplier on the basis of the degree of foreign affiliation or ownership; or b) discriminate against a locally established supplier on the basis that the goods or services offered by that supplier for a particular procurement are goods or services of any other Party’ (Art IV(2) emphasis added). Again, the possibility is open for differential treatment of suppliers of a GPA party offering goods or services of a non-GPA party—on the implicit assumption that domestic suppliers offering goods or services of a non-GPA party are subjected to the same differential treatment.

The UK-AUS FTA replicates these two clauses in Art 16.4(1) and (2). However, Art 16.4(1) simply states that ‘With respect to any measure regarding covered procurement, each Party, including its procuring entities, shall accord immediately and unconditionally to the goods and services of the other Party and to the suppliers of the other Party, treatment no less favourable …’. Similarly, Art 16.4(2) establishes that ‘With respect to any measure regarding covered procurement, neither Party, including its procuring entities, shall: … (b) discriminate against a locally established supplier on the basis that the good or service offered by that supplier for a particular procurement is a good or service of the other Party.

The deviation in the UK-AUS FTA from the GPA clause can raise interpretive issues concerning the possibility of differential treatment of UK or AUS suppliers offering the goods or services of a third party, which can lead to two views. One view, based on a literal interpretation of the clause, is that suppliers of either of the parties are protected under the national treatment regime, even if they offer goods or services from third parties (unless domestic suppliers offering goods or services from third parties are also subjected to specific differential treatment—eg exclusion). The other view, based on a functional/systematic interpretation that took account of the fact that Art 16.4(2)(b) only refers to locally established suppliers offering goods or services of the other party, would be that it is implicit in Art 16.4(1) that suppliers are only protected as long as they offer goods or services of one of the parties (ie UK or AUS goods or services).

The interpretation is not limited to the FTA itself, but needs to take into account the interplay with the GPA, given that the UK and AUS are bound by it in relation to the other GPA parties. In that regard, if a procurement is dually covered by the FTA and the GPA, the second interpretation in my view just does not hold water because eg a UK tenderer for an AUS contract covered by both the FTA and the GPA offering the goods of another GPA member (eg the EU) would necessarily be protected by the GPA national treatment clause in order for the EU goods not to be ultimately discriminated against in breach of the AUS-EU obligations under the GPA. And a similar effect would result from the triangular interaction between the UK-AUS FTA and other FTAs binding either of the parties.

If this is correct, it also seems difficult to argue that the interpretation of Art 16.4(1) in the FTA varies, depending on whether the third country goods or services for the purposes of the FTA being offered by a UK or AUS supplier, are (or not) also third country goods for the purposes of the GPA and/or other applicable FTAs. It should also be stressed that (pragmatically) not all third countries will be seen as deserving the same treatment (eg exclusion), so that there can be undesirable implications in eg applying differential treatment to both domestic and foreign (UK and AUS) suppliers offering third country goods or services, where the origin of those services is not the same.

Therefore, it would have been much preferable to include a specific clause in Art 16.4(1) establishing that national treatment needs to be granted to suppliers of either party offering goods or services covered by this or any other international agreements requiring equal treatment of goods or services of a specific origin — or something to that effect. An alternative would have been to change the drafting and adopt a broader clause, eg based on Art 25 of Directive 2014/24/EU [for analysis, see A La Chimia, ‘Art 25’ in R Caranta and A Sanchez-Graells, European Public Procurement. Commentary on Directive 2014/24/EU (Edward Elgar, 2021) 274-286].

Overall, this will primarily be relevant in procurement covered by the UK-AUS FTA and not the GPA (either because of differential value thresholds, or differences in scope of coverage: notably, in the concessions sector). But some of these contracts can have very high values. Against that background, it seems that the uncertainty on the proper meaning of the (reduced) national treatment clause in the FTA generates an unnecessary complication.

Watering down of procedural guarantees and access to remedies?

The GPA develops a rather robust set of requirements for the design of domestic review procedures (Art XVIII GPA). The UK-AUS FTA deviates from the GPA benchmark in two important aspects.

First, the FTA limits the right to be heard in the context of a procurement challenge. While the GPA states that ‘the participants to the proceedings … shall have the right to be heard prior to a decision of the review body being made on the challenge’ (Art XVIII(6)(b)), the FTA provides instead that ‘a supplier that initiates a complaint shall be provided an opportunity to reply to the procuring entity’s response before the review authority takes a decision on the complaint’ (Art 16.19(6)(b)). Although the relevance of these differences in wording will depend on how the review bodies and courts interpret them, there seem to be two clear intended changes:

First, a reduction of the potential scope of beneficiaries of the right to be heard, which is constrained to the supplier that initiates a complaint. Whether other ‘challengers’ are allowed in a procurement review procedures will depend on the rules on active standing, but this is clearly more prescriptive than the broader term ‘participants’ used by the GPA. It is also interesting to note that the FTA uses the term ‘participants’ in the rest of Art 16.19(6), eg concerning the right to be represented and accompanied (c), or the right to access to all proceedings (d), or the right to request that the proceedings take place in public and that witnesses may be presented (e).

Second, there is a parallel reduction of the extent of the right to be heard, which is limited to replying to the procurement entity’s response to the initial complaint. The practical implications of these changes are difficult to understand in abstract terms—although they do seem to put significant pressure on the comprehensiveness of the initial complaint and perhaps seek to bar the addition of further grounds for challenge as discovery takes place—but there must be some reason behind this (eg seeking to reduce the cost of defending procurement challenges, perhaps especially in UK Courts?).

In a similarly restrictive fashion, the FTA also includes changes in the regulation of remedies. There are two issues.

The first one is an omission of the possibility to obtain a suspension of proceedings as an interim measure. While the GPA clearly indicates that the obligation to provide for rapid interim measures includes the possibility that ‘Such interim measures may result in suspension of the procurement process’ (Art XVIII(7)(a) GPA), the FTA omits that explicit reference (Art 16.19(7)(a) FTA). In general, the FTA would to me seem insufficient to exclude suspension as a potential interim measure if it is generally available under the applicable procedural rules, but this should perhaps be analysed with the second change in the regulation of remedies.

The second change is a relocation of the public interest clause allowing for the overriding adverse consequences of a procurement challenge to be taken into account, so that it not only applies to the possibility of seeking interim relief, but also to corrective action. In the GPA, the obligation to provide for rapid interim measures is caveated as follows: ‘The procedures may provide that overriding adverse consequences for the interests concerned, including the public interest, may be taken into account when deciding whether such measures should be applied. Just cause for not acting shall be provided in writing’ (Art XVIII(7)(a) GPA). This clearly is meant to allow a review body not to adopt interim measures, but without prejudice of an eventual decision on corrective action or financial compensation, which are separately regulated (Art XVIII(7)(b) GPA).

Conversely, in the FTA, the public interest clause is placed at the end of the relevant provision (Art 16.19(7)) and covers both the obligation to adopt or maintain procedures that provide for (a) prompt interim measures to preserve the supplier's opportunity to participate in the procurement; and (b) corrective action that may include compensation. This can hardly be seen as a clerical error, but the likely intended effect of excluding financial compensation on grounds of an overriding public interest is, in my view, unlikely to be upheld in case of challenge, especially bearing in mind that the FTA has already significantly limited the scope for financial compensation in establishing that ‘If the review authority has determined that there has been a breach or a failure [of the claimant’s rights under the FTA or the domestic rules implementing it] a Party may limit compensation for the loss or damages suffered to either the costs reasonably incurred in the preparation of the tender or in bringing the complaint, or both’ (Art 16.19(5)).

The possibility to completely exclude financial compensation for breach of the FTA obligations would render the system toothless. Moreover, this is clearly a deviation that would be disputed in terms of legal interpretation (eg in relation to dual coverage procurements under the GPA and the FTA). Once again, it seems that the uncertainty on the proper meaning of the watered down procedural guarantees and access to remedies in the FTA generate an unnecessary complication.

Some final thoughts on increased coverage, and its bilateral nature

A final issue worth considering is the technical complexity (and tediousness) of identifying the economic coverage gains expected of a GPA+ procurement chapter in an FTA. While this is probably abundantly clear to negotiating teams, it is quite difficult to assess on the basis of the written agreement, even carefully combing through the schedules of coverage of the GPA and the FTA. In that regard, it would be helpful if those assessments were published, or for the relevant publications to include more detail.

The Impact Assessment of the UK-AUS FTA published by the Department for International Trade (DIT) solely contains a brief paragraph (and a complicated footnote) to support rather large headline claims:

‘Australia has offered the UK more legally guaranteed procurement market access than it has offered in any other FTA, amounting to approximately £10 billion of new legally guaranteed market access for UK businesses per year.[34] In return, the UK has offered to build on the legally guaranteed market access offered to Australia in the GPA by offering additional sub-central entities and coverage of additional services’ (Impact assessment, at 21).

[34] This estimate has been derived using a combination of publicly available contract award notices (AusTender, 2018-2019). Where data is missing or unavailable, individual expenditure reports for relevant entities have been sourced. Certain assumptions have then been applied using published OECD statistics (OECD Government at a Glance, 2019). Australia provided estimates for the value of their services offer. Detailed UNSPSC-CPC matching was undertaken, with the help of Australia, to determine which exact services would come into scope of their offer. This estimate was then verifed by DIT analysts.

As things stand, the only other way of getting a sense of how much more procurement volume is susceptible of trade liberalisation and in which sectors is by looking into the documents published to ‘sell’ the conclusion of the FTA. In the specific case of the UK-AUS FTA, this other DIT document on ‘UK-Australia Free Trade Agreement: Benefits for the UK’ is illustrative. However, there are a couple of points to note about the way the ‘trade gains’ are presented.

One point is that these documents would be more useful (and credible) if they made it very clear that most of the additional opening in procurement is either reciprocal (in strict terms) or based on mutual concessions. For the agreement to be balanced, both parties need to see a similar volume of benefits and, while it is possible to compensate for net gains in one chapter (eg procurement) against another (eg financial or digital services), it would seem odd if one of the parties was clearly massively better off than the other in any given chapter, or at least in the procurement chapter, given that FTA concessions build on already existing GPA concessions and a very unbalanced FTA chapter on procurement could put pressure on the relevant party to review its GPA schedules more generally).

This is important eg in the context of the inclusion of public works concession contracts under the UK-AUS FTA because the DIT document makes significant emphasis on the opportunities for UK companies to bid for opportunities in Australia, especially in the rail sector, but this perhaps is slightly dampened by the fact that this opening up is reciprocal, as well as by the fact that some of the largest operators of rail franchises in the UK already are not ‘British’ (see eg here), which raises some questions on the extent to which there are direct advantages to UK companies commensurate to the economic claims in the impact assessment or the more accessible document on benefits for the UK.

The other point is that these documents need to be precise as to the incremental opening of procurement specifically brought by the FTA. In the second DIT document, there is eg a rather broad claim that 'UK companies will have a legally guaranteed right to bid for all contracts for financial and business services procured by Australian government bodies covered by this deal. For example, UK businesses will now have a right to bid for financial and business service contracts procured by the Australian Financial Security Authority and other federal and state-level finance departments. This will help UK businesses compete on an equal footing with Australian companies’ (emphasis added).

This is, well ... at least imprecise. The Australian Financial Security Authority (AFSA) is already covered in the GPA (AUS Annex 3), so its procurement of services is already covered (AUS Annex 5, and thanks to reciprocity of coverage of financial and related services in the UK's own Annex 5), as long as the value threshold of SDR 400,000 is crossed. What the UK-AUS FTA does is changing AFSA's classification as a Section A entity (equivalent to AUS Annex 1 in the GPA) and this reduces the value threshold for services to SDR 130,000. So, while there is clearly an incremental change, it is also clear that UK businesses already had a right to bid for AFSA contracts for financial services (just not the right to bid for those between SDR 400k and 130k). In my view, avoiding potentially misleading simplifications of the complex and incremental ways in which a GPA+ FTA extends procurement liberalisation would be desirable.

Conclusion

Until now, I had never really looked in detail at GPA+ procurement chapters in FTAs, but it does seem like there is plenty to reflect upon and perhaps even a research project hidden somewhere. If anyone has any useful suggestions, or if anyone can point me to existing research on this topic that I may have overlooked, I would be most grateful: a.sanchez-graells@bristol.ac.uk.

Appendix: The procurement chapter in the UK-AUS FTA in detail

Comparing the text of the procurement chapter in the UK-AUS FTA with the GPA, I have identified the differences below (I may have overlooked some, but hopefully not):

Art 16.1 Definitions - two seemingly technical differences:

  • it includes a definition of ‘build-operate-transfer contract’ / ‘public works concession contract’ to reflect the expanded coverage (below, 16.2).

  • it also includes a modification in the definition of ‘technical specifications’ as applicable to ‘services’, which adds ‘applicable administrative provisions’ as part of the definition.

Art 16.2 Scope

Scope of application reflects an extension of scope (GPA+), including:

  • there is no exclusion of procurement ‘with a view to commercial sale or resale, or for use in the production or supply of goods or services for commercial sale or resale’ (cfr Art II(2)(a)(ii) GPA).

  • coverage is extended to include procurement by means of ‘build-operate-transfer contracts and public works concessions contracts’, which brings concessions (especially in transport) under the scope of the FTA.

Given the bilateral nature of the FTA, the Schedules are required to regulate issues included in the core text of the GPA (a threshold adjustment formula and information on the procurement system).

Excludes the rule on delegated procurement in Art II(5) GPA.

A new section on Compliance includes:

  • a general ‘good faith’ obligation (16.2(5))

  • a varied non-circumvention clause (16.2(6)) that excludes the intentional element of the GPA equivalent (Art II(6)(a))

  • a clause explicitly allowing both parties and their contracting authorities to develop ‘developing new procurement policies, procedures or contractual means, provided that they are not inconsistent with this Chapter’ (16.2(7)) — which I read as an (unnecessary) hint to the ongoing process of reform of the UK’s procurement rulebook following the Transforming Public Procurement green paper consultation.

The section on Valuation includes

  • a specific addition in the rules on the calculation of contract value to capture any ‘other revenue stream that may be provided for under the contract’, which will be particularly relevant for concessions;

  • a looser regulation of the rule on recurring contracts than in the GPA (cfr Art II(7)); and

  • a streamlined and seemingly stricter approach to the coverage of contracts with unknown total value (cfr Art II(8) GPA), which will also be particularly relevant for concessions.

Art 16.3 General exceptions

  • does not include the defence exception in Art III(1) GPA.

  • creates a new clarification seemingly tailored to the climate crisis, whereby it is stressed that the possibility of adopting or maintaining measures ‘necessary to protect human, animal or plant life or health’ ‘includes environmental measures’.

Art 16.4 General principles

In regulating the general principle of National Treatment and Non-Discrimination, the FTA introduces two variations on the GPA:

  • the wording of the national treatment requirement excludes an important element of the GPA’s clause concerning ‘suppliers of any other Party offering the goods or services of any Party’ (Art IV(1) emphasis added). See analysis above.

  • there is a specific clause clarifying that ‘All orders under contracts awarded for covered procurement shall be subject’ to the national treatment and non-discrimination obligations (Art 16.4(3)), which will be particularly relevant in the context of framework agreements and similar procurement vehicles.

The FTA makes the Use of Electronic Means mandatory beyond GPA requirements.

The FTA also seems to strengthen the prohibition of Offsets by stressing that they cannot take place ‘at any stage of a procurement’ (Art 16.4(8)). However, given eg the general notes of the Australian schedule (Section G 1(c) and 1(d)), the practical effectiveness of this remains to be seen.

Art 16.6 Notices

The FTA imposes the Electronic Publication of Notices, also at sub-central level (Art 16.6(1)).

There are some changes concerning the content of the Notice of Intended Procurement:

  • there is no reference to the ‘cost and terms of payment, if any’ related to access to procurement documents, which could suggest that charges are forbidden;

  • there is no reference to an obligation to include ‘a description of any options’ (which would seem like an unwanted omission);

  • there is no obligation to include ‘an indication that the procurement is covered by this Agreement’ (but see above re interplay with that requirement in Art VII(2)(l) GPA);

  • there are no references to the publication of summary notices - which are a language-based specific requirement of the GPA that is probably irrelevant in the context of an FTA between two English-speaking countries;

  • there is no option for the use of a Notice of Planned Procurement as a Notice of Intended Procurement for sub-central and other procuring entities ex Art VII(5) GPA.

Art 16.7 Conditions for participation

Art 16.7(2)(a) extends the prohibition on requirements for local experience, forbidding not only requirements that ‘the supplier has previously been awarded one or more contracts by a procuring entity of a Party’ (as in the GPA), but also requirements that ‘the supplier has prior work experience in the territory of that Party’.

Art 16.8 Qualification of suppliers

There are some precisions concerning Registration Systems and Qualification Procedures, including:

  • an explicit (if unnecessary?) prohibition on using registration systems or qualification procedures to delay or bar consideration of specific suppliers (Art 16.8(3)(b) FTA, cfr Art IX(3) GPA);

  • a new set of rules concerning supplier registration systems (Art 16.8(4));

  • mandatory electronic publication of multi-use lists requiring continuous availability (which makes part of GPA requirements for paper-based or time-limited lists redundant; cfr Art IX(8) and (9));

  • suppression of the requirement for notices of multi-use lists to include ‘an indication that the list may be used for procurement covered by this Agreement’ (cfr Art IX(8)(e); see also above Art 16.6).

There are some implicit changes regarding Information on Procuring Entity Decisions indicating the possibility to delegate the management of procurement procedures (see Art 16.8(14) and (15), referring to ‘a procuring entity or other entity of a Party’).

Art 16.9 Technical Specifications and Tender Documentation

There is a clause that goes beyond the text of the GPA on Technical Specifications, for data governance concerning ‘sensitive government information’ (Art 16.9(7), which can in part mitigate for the omission of the exception in Art III(1) GPA, as above Art 16.3 FTA);

There are some differences on Tender Documentation requirements:

  • small technical change concerning the description of the conditions for participation (Art 16.9(8)(b));

  • omission of the possibility of running procurements where price is the sole award criterion (Art 16.9(8)(c), although this is foreseen in Art 16.14(5)(b), so it looks like an unwanted omission).

There is a new clause on Preliminary Market Research and Engagement (Art 16.9(13).

Article 16.10 Time-Periods

The requirement for time periods and any extensions thereof to apply equally to all interested or participating suppliers is relocated (see Art 16.10(7) cfr Art XI(1) in fine GPA).

Given the obligation to publish notices of intended procurement by electronic means (Art 16.4(4)(a) and 16.6(1)), the possibility to shorten time periods for the submission of tenders on that basis makes little sense (Art 16.10(5)(a)), other than as a hangover rule meant to maintain alignment with the GPA (Art XI(5)(a)).

Art 16.12 Limited Tendering

The FTA modifies the grounds allowing for limited tendering to acquire ‘a prototype or a first good or service that is developed at its request’ (Art XIII(1)(f) GPA) to cover ‘a prototype or a first good or service that is intended for limited trial or that is developed at its request’ (Art 16.12(1)(e) emphasis added), with the remit of such limited trial remaining undefined. The same provision adds clarification that subsequent procurement of such goods or services are fully covered.

16.15 Transparency of Procurement Information

The FTA makes the Publication of Award Information mandatorily electronic (Art 16.15(2)).

The FTA omits the GPA rules on the Collection and Reporting of Statistics (Art XVI(4) and (5) GPA).

Article 16.17 Environmental, Social and Labour Considerations - entirely new.

Article 16.18 Ensuring Integrity in the Procurement Process - entirely new.

Article 16.19 Domestic Review Procedures

The FTA reorders part of the content of Art XVIII GPA, and introduces two relevant changes (analysed above):

  • limitation of the right to be heard: instead of following the GPA clause stating that ‘the participants to the proceedings … shall have the right to be heard prior to a decision of the review body being made on the challenge’ (Art XVIII(6)(b)), the FTA provides instead that ‘a supplier that initiates a complaint shall be provided an opportunity to reply to the procuring entity’s response before the review authority takes a decision on the complaint’ (Art 16.19(6)(b)); and

  • change in the regulation of remedies, including: (1) an omission of the possibility to obtain a suspension of proceedings as an interim measure (Art 16.19(7)(a) FTA cfr Art XVIII(7)(a) GPA); and (2) a relocation of the public interest clause allowing for the overriding adverse consequences of a procurement challenge to be taken into account, so that it not only applies to the possibility of seeking interim relief, but also to corrective action (Art 16.19(7) cfr Art XVIII(7)(a) GPA).

Article 16.20 Modifications and Rectifications to Annex - introduces changes to reflect bilateral nature of FTA.

Article 16.21 Facilitation of Participation by SMEs - entirely new (although practical effect may be doubtful, given that SME preferences are allowed).

Article 16.22 Cooperation - entirely new. interestingly, it includes cooperation on ‘exchanging government procurement statistics and data’ despite the suppression of the requirements concerning collection and reporting of statistics as per the GPA (Art XVI(4) and (5), above).

What's in a consultation? -- comments on the UK Government's Transforming Public Procurement response

On 6 December 2021, almost a year after launching the public consultation on Transforming Public Procurement in the UK post-Brexit, the Cabinet Office published its long-awaited Government response (the response). This now moves the process of reform of the UK procurement rulebook to the pre-legislative stage, with a Procurement Bill expected to be introduced in Parliament in the relatively near future and changes entering into force not earlier than 2023 — and, in any case, with a planned six months’ notice of “go-live”, once the legislation has been concluded.

The response has been published a few months later than initially expected (due to the high level of interest it attracted, see below) and legislation is likely to be introduced to Parliament with a significant delay as well. The legislative reform process is unlikely to generate practical results much earlier than 2024. This can only be an indication (if any was needed) of the complexity and the difficulty of significantly changing the procurement rulebook, which the consultation and now the response largely gloss over. For comparison, it is worth recalling that the process of reform of the EU procurement rules spanned a period of roughly three years (2011-2014), which the UK’s reform (despite not requiring complex inter-governmental and inter-institutional discussions and negotiations, or does it?) is unlikely to beat by much.

The response is meant to reflect on the 629 (unpublished) submissions to the public consultation and, in itself, the way the analysis of the responses has been carried out deserves some comment. The content of the response, perhaps less so, as it largely leaves the proposals unchanged and is thus liable to the same criticisms the original proposals attracted (in addition to my own comments here, here and here, see eg those of Pedro Telles, or the Local Government Association).

Consultation process: all submissions are equal, or are they?

Shortly after the response was published, it became apparent that the Cabinet Office had dealt with the feedback it received in the same ‘consultation by numbers’ approach that has characterised recent consultations on the reform of other aspects of UK procurement regulation, such as the rules applicable to the commissioning of healthcare services for the English National Health Service (NHS, see comment here) that seek to implement the NHS Long-Term Plan. This is not unique to the UK and, in fact, EU-level consultations on procurement reform broadly followed the same method.

Under this approach, the response provides limited or no engagement with specific submissions or arguments, and simply discloses statistical information on the level of support for each of the different parts of the consultation (as per the government’s own coding of the responses, that is). As the response makes explicit, ‘Throughout this document ‘[clear] majority’ means more than [70%] 50% of respondents, ‘about half’ means 50% ± a few percentage points, ‘some’ means 30-50%, ‘a few’ means 10-30% and ‘a small number’ means less than 10%’ (page 10, fn 1).

This is far from unproblematic, given the diversity of backgrounds and positions of those making submissions to the public consultation. While this was half-jokingly but well encapsulated by Peter Smith on twitter (see image), it is a serious flaw in the approach to public consultations for two reasons. The first and rather obvious is that not all submissions should carry the same weight because the institution or person making the submission and their expertise (own agenda, etc) matter, especially in fields of technical regulation where there is limited scope for canvassing general support for policy direction and the consultation is rather focused on complex legislative changes. While such a ‘referendum-like’ approach to public consultation may suit yes/no policy questions (eg should the UK de-legalise a specific substance?), it can hardly work for more complex proposals. If nothing else, the limited suitability of the approach is implicitly recognised in the response and its frequent indication that a significant number of submissions stressed the need for much more detail on the proposals before passing judgement on them.

The second problem is that such a bunching of responses and presentation of proposals as being supported by the majority can make the relevance of the changes introduced in view of the ‘minority’ opinion of respondents difficult to understand, as well as hide the origin of those changes. This is important from the perspective of accountability in the policy formulation process, but also more prosaically in terms of crediting good ideas and suggestions where credit is due.

Taking Q1 on principles of procurement as an example, the response indicates that ‘a clear majority of respondents (92% of the 477 responses to this question) were in favour of the principles [of public procurement: the public good, value for money, transparency, integrity, fair treatment of suppliers and non-discrimination]’ (at [28]). The rest of the summary of submissions indicates some concerns with the removal of proportionality (20%), and some issues around labelling of the principle of ‘fair treatment’, or how they can be implemented in practice. There is no reference to calls for maintaining the principle of competition, which were quite forcefully made by the Competition and Markets Authority (CMA), or myself if I can say so.

Given that the criticism of an absence of a competition principle is not reflected in the summary of submissions, it is probably difficult to understand (for anyone not having made that point themselves, or having read the very few submissions that are publicly available) why, in the response — seemingly out of the blue — the government indicates that ‘We will introduce an additional objective of promoting the importance of open and fair competition that will draw together a number of different threads in the Green Paper that encourage competitive procurement’ (at [39]). It is also unclear whether this will be narrowly understood as an anti-collusion goal/principle seeking to focus contracting authorities’ attention in the reduction of the risk of illegal bid-rigging cartels, as proposed by the CMA (at [3.3]), or a broader goal/principle in line with my own proposals (at pp 11-12) (or someone else’s).

Of course, it would be difficult and tedious (and probably not very useful) to provide a comprehensive discussion of all submissions received, but the response should be expected to provide much better reasons for changes on the initial proposals, as well as some traceability of the origin of those counter-proposals. In their absence, it is difficult to assess whether the changes are properly justified, or rather reflect some sort of ‘mob rule’ (where a ‘majority’ supported the change) or, conversely, an instance of regulatory capture by a special interest (where a change is untraceable, but likely to have originated from a (super)minority, or perhaps a single or limited number of submissions).

In any case, the response makes it clear that there are limited changes resulting from the public consultation process and that the Procurement Bill will be largely based on the initial consultation proposals. The rest of this post highlights some of the (few) notable changes.

What will change after the consultation?

It would take long to stress what has not changed in the Cabinet Office’s approach to procurement reform after the public consultation, but a couple of unchanged elements of the overall strategy merit some highlight.

The first one is the continuation of the claim that the process will simplify the procurement regulatory framework, while it is clear that this is not a true simplification exercise, but rather one of legislative offloading that will complicate enforcement. This is, in my view, obvious in the response’s proposed next steps, which include the ‘plan to produce a detailed and comprehensive package of published resources (statutory and non-statutory guidance on the key elements of the regulatory framework, templates, model procedures and case studies)’ (at [24]). Post-reform, procurement practitioners will have to fully understand not only the new legislation (primary and secondary), but also the entirety of that ‘comprehensive package’ and the interaction between the different documents. This is not a scenario I would be looking forward to if I hoped for a simpler rulebook post-reform.

The second one is the continued lack of commitment of funding for the training programme (and additional recruitment?) required to deliver the gains expected of the reform. The response continues to indicate that ‘subject to future funding decisions, we intend to roll out a programme of learning and development to meet the varying needs of stakeholders’ (at [24]). This perpetuates the uncertainty on whether the rollout of the new regulatory package will be properly supported and it is difficult to understand why the commitment to fully fund this transformation programme has not yet been made (not even at a political level, unless I missed something). Given the state of UK finances in the foreseeable future, this is a major implementation risk that should have required a different approach.

Moving on to the changes in the original proposals, the following is a non-exhaustive list of the primary changes and some short comments relating to a few of them.

  • The response announces the introduction of a distinction between objectives and principles of procurement, ‘so that the obligations on contracting authorities are clearer’ (at [34]). Further, some ‘other concepts set out in the Green Paper will be established as statutory “objectives”, ensuring that they will influence decision-making in the procurement process. With some limited exceptions these objectives will apply throughout the procurement lifecycle (at [38]).
    Quite how this will provide clarity is anybody’s guess, or at least it escapes me (and it has since 2009, as I already struggled with distinguishing between a goal and a principle of competition in my PhD thesis…).
    It is also not clear which will be the statutory objectives, but it seems that ‘public good’ (framed as maximising ‘public benefit’), ‘value for money’ and ‘integrity’ will be statutory objectives (at [40]). This would leave the principles of transparency, fair treatment of suppliers and non-discrimination as the only procurement principles (stricto sensu) and would, in the end, solely imply a repeal of the principle of proportionality (or, rather, its relabelling as ‘fair treatment’), largely neutralised (confusingly) by an atomisation of proportionality requirements throughout the new regulations (at [42], eg in relation to award criteria at [128]). It is hard to see much of a (substantive) change compared to the current regulation of procurement principles in reg.18 PCR2015. Plus ça change …

  • Introduction of ‘an additional objective of promoting the importance of open and fair competition’ (at [39]). This is a welcome development, but the devil will be in the detail (see above).

  • Revision of the proposal for the creation of a new Procurement Review Unit (PRU) (at [46]), supported by a non-statutory panel of subject-matter experts (at [49], and see also [61-3]), tasked with delivering the same service as the Public Procurement Review Service (at [47]) but with a main focus on ‘on addressing systemic or institutional breaches of the procurement regulations’ (at [48]). Legislation will provide the PRU with new powers (at [52]). PRU will be able to issue mandatory recommendations to address legal compliance (at [53-4]), but not in relation to specific procurement decisions (at [53], ie it will not act as a review body). PRU will also be able to issue statutory guidance if it identifies common patterns of non-compliance (at [56]).

  • The response maintains the goal of creating a single rulebook combining the existing four sets of regulations, but there will be exceptions for utilities (see also [78-85]), defence & security procurement (see also [87-91]), and a completely separate regime for healthcare services commissioning (at [69-72]). There will also be some specific rules concerning concessions (at [86]).
    The extent to which there will be a single rulebook other than in name will depend on the scope and number of such special rules, but I have my doubts that there will be much of a practical change other than (harmless) duplication of (mostly identical) provisions across the existing sets of regulations.

  • The response proposes to abandon the regulation of a new regime of ‘crisis procurement’ and to instead ‘include a limited tendering ground, in the form of a new power for a Minister of the Crown (via statutory instrument) to “declare when action is necessary to protect life” and allow contracting authorities to procure within specific parameters without having to meet all the tests of the current extreme urgency ground’. This would be based on Article III of the WTO Agreement on Government Procurement (GPA) and only be used extremely rarely and subject to parliamentary scrutiny (at [102]).

  • Re-introduction, with some (unspecified) modifications of the light-touch regime for social and special services, including the possibility to exempt from competition those services where service user choice is important (at [118-121]).
    Here, the response seems to fail to recognise that user-choice systems are not covered by the PCR2015 (as interpreted in line with CJEU case law such as Falk Pharma and Tirkkonen).

  • Creation of a new exclusions framework going beyond the more limited original proposals (at [151-8]), including abandoning the proposal to include Deferred Prosecution Agreements (DPAs) as discretionary exclusion grounds (at [161-165]).
    Much detail is still to be published in the draft Procurement Bill and secondary legislation, guidance, etc, but the retention of the distinction between mandatory and discretionary exclusion grounds, as well as the classification of some of them (eg ‘risk to national security’ being a discretionary ground) raise quite a few questions. If a complete overhaul of the system is planned, would it not be better to have a single category of exclusion grounds and a clear set of requirements for their disapplication (eg due to self-cleaning, or in the public interest)? Here, it seems that UK policymakers have been unable to break away of the EU legislative design, even in an area where there are clear practical problems in the EU Directives.

  • The response proposes to retain the creation of a DPS+ mechanism, but relabelling it as Dynamic Market, which will be available not only for common purchases, but for all types of procurement (at 198-203]).

  • The response proposes some limited changes to the transparency requirements included in the original consultation (at [220-8]), including: not requiring disclosure of tenders submitted in a procurement (at [221], a good development); introducing a value threshold of £2 million for the requirement to publish redacted contract documents (at [222], which however means that large parts of eg services procurement could remain below the threshold. Should transparency thresholds relative to coverage thresholds be considered instead?); introducing a restricted disclosure of evaluation documents implying ‘sharing with all participants certain redacted evaluation documents (on the winning bid only) and sending the unsuccessful bidders their own documents privately’ (at [223], also a welcome development, but one that makes the changes regarding debriefing letters rather unclear, see [263-6]); and changes to some of the proposed transparency notices, in particular concerning beneficial ownership (at [224]).

  • The response abandons the process of independent contracting authority review proposed in addition to the review system (at [241-2]).

  • The proposal abandons the possibility of using an existing tribunal to deal with low value claims and issues relating to ongoing competitions (at 246-7]).
    This is perhaps one of the most regrettable changes in the response, as the creation of a review tribunal (not in the terms of the original proposal, but still) is very much needed, especially in a context of more regulatory complexity and increased discretion.

  • Significant changes in remedies, including abandoning specific proposals on pre-contractual remedies (at [249}), and abandoning the cap on the level of damages available to aggrieved bidders (at [254-5]), as well as the proposal to cap profits on contract extensions where the incumbent supplier challenges a new contract award (at [294-5]). However, the proposed new test concerning lifting of automatic suspensions remains on the table (at [251-2]).

  • Increased scope for the (de)regulation of contract modifications, including specific rules for the modification of complex contracts (at [281]), flexibility for uncapped modifications in utilities contracts (at [282]), and minimisation of constraints in the modification of defence & security contracts (at 283]).

Final thoughts

In my view, the outcome of the consultation is mostly unsatisfactory in its limited effect on the initial proposals (other than some very high level issues regarding the principles of the system), its introduction of further sources of complexity through an increased number of exceptions (eg for utilities and defence), but also for social and special services, and its abandonment of the few procedural and remedy-related innovations (ie the creation of a new tribunal) that could have made a practical difference.

Linked to the criticism of the way in which the consultation was carried out (above), it seems like a significant number of these changes could be the result of regulatory capture by specific groups (utilities, MOD, third sector providers of care services) and the reasons for abandoning proposed changes are not always very clear.

All in all, however, the post-consultation Transforming Public Procurement agenda remains largely intact and, as above, liable of the same criticism already raised in relation to the original proposals. Not much more can be said until a Procurement Bill is made public and, then, it will be interesting to see to which extent it can survive the legislative process without suffering a Frankenstein-like deformation in the hands of special interest groups and other agents with specific agendas. The seeming ease with which some interest-specific changes have cropped up after the consultation does not, in my view, bode well for the new UK procurement rulebook.

UK tenderers' access to procurement by EU agencies: when the EU is also protectionist

38747618_303.jpg

One of the often overlooked implications of Brexit is that, despite the UK’s accession to the WTO GPA and the procurement chapter of the EU-UK TCA, UK companies are practically left out of the procurement procedures carried out by the decentralised and executive EU agencies—despite the obligation of National treatment of locally established suppliers (Art 288), which would only apply to UK suppliers ‘established in [the EU’s] territory through the constitution, acquisition or maintenance of a legal person’. This is a result of the UK tenderers being treated as third country operators for these purposes.

The current advice of the European Commission (DG BUDGET) to those agencies is that participation by UK tenderers in public procurement procedures governed by Regulation 2018/1046 to which the EU-UK Withdrawal Agreement does not apply is to be treated as exceptional, as follows:

UK access.png

So it is fair to stress that the EU is as protectionist of its public funds as the next trading partner …

An early winter present? The UK's 'Transforming public procurement' green paper

Untitled.png

The UK Government has published today its green paper on ‘Transforming public procurement’. This is a much awaited publication that will be subjected to public consultation until 10 March 2021. Contributions are encouraged, as this is perhaps a one in a generation opportunity to influence procurement rules. In this blog post, I just aim to provide a hot take on the green paper.

The green paper presents a vision for post-Brexit reform of the UK procurement ‘rule-book’ (for there should be a new, consolidated one), that partially aligns with the proposals of Prof Arrowsmith (see here and here)—and, in fact, Prof Arrowsmith has already published a comparison between her proposals and the green paper (here).

I have just had a read through the green paper and there will be plenty to comment in a submission to the public consultation (stay tuned towards the end of the consultation period). For now, I just have a few observations or rather, general thoughts, that I will need to mull over.

In very many respects, the green paper is is an indictment of the copy-out approach to the transposition of the EU rules in the UK (on which see here). For example, many of the reform proposals are compatible with the current EU rules and relate to areas where the UK decided not to transpose discretionary mechanisms (eg around subcontractor pay). Similarly, most of the proposals on remedies and enforcement mechanisms would be compatible with the current remedies rules. Other proposals seek to create some flexibility beyond the existing EU constraints although, to be fair, most of those are subjected to exceptional circumstances to be regulated by ‘clear regulatory frameworks’ yet to be defined, and which workability raises a few questions.

Other reform proposals concern the (past) unwillingness to impose more demanding standards (eg on publication of transparency) than those mandated by the Directives on grounds of avoiding gold-plating, which now seems to be gone—or the unwillingness or inability to impose obligations to which the UK Government had committed (eg in terms of OCDS or, again, concerning the publication of information). In that regard, the vision behind the green paper seems to be willing to create a much more developed (or far-reaching) regulatory architecture for procurement, which would be welcome.

However, this is directly in tension with another of the driving forces underpinning the green paper’s vision: deregulation and the will to create spaces for the exercise of ‘commercial judgement’ at contracting authority level. This creates a dual tension. On the one hand, the more sophisticated architecture would rely on bare bones procedural rules and would ultimately impose high transaction costs on both contracting authorities and tenderers (which the green paper acknowledges, but dismisses as ‘bedding in problems’). This could be a high-powered incentive to rely on centralised procurement organised by central purchasing bodies, although there is no clarity on the strategic approach to this in the green paper. On the other hand, relatedly, it should be noted that (if read between the lines?) the green paper is also an indictment on the current status of the commercial capacity of (most of the) UK’s public sector, as there are constant calls for more training, upskilling and quality control in the functioning of the procurement function.

This creates a chicken and egg problem on the suitability of the deregulatory approach to reforming the rules to create more commercial space. Most of the proposals are advanced on the (implicit empirical) basis that the flexibility of the existing framework is insufficient (or, rather, insufficiently exploited). This should raise a few questions on whether seriously committing to increase commercial capability and training investment would not suffice. Additionally, if we are starting at a low level of commercial capability, it would seem that creating a more deregulated framework will require even higher (ie beyond catch-up) investment in commercial upskilling. Whether the two moves should take place at the same time should be thought-trough (not least because it will be difficult to train anyone on a new system, on which there will be limited, if any, amount of reliable trainers).

In quite a few other respects, the green paper seems premised on the existence of large regulatory divergences between the GPA and the EU regime (on which see here). While this is the case in some areas, such as remedies, in most other areas the space between both regulatory baselines is narrower than the green paper would suggest, and the scope for reform is limited. This is most evident in the relabelling of procedures or award criteria, which effectively seem to seek to mask the narrowness of the regulatory space (if you cannot really change something, at least call it something different).

I am also surprised at the apparent EU-obsession underlying the green paper, which is also largely a criticism of the current EU rules (as directly copied into UK law, see above), and the complete lack of reference to useful tools for the design of a procurement system, such as the UNCITRAL Model Law and its guide to enactment. It may not have been a bad idea to seek to rely on that sort of guidelines to a larger extent, at least if the new regime is to draw on tested solutions. However, much of the green paper seems to want to achieve an ‘EU+’ level of procurement regulation (notoriously, in the regulation of a new so-called DPS+ commercial vehicle) or, perhaps, to create the next ‘world leading’ system of procurement (which would not be totally disaligned with other approaches of the current UK Government). Whether this will be a successful strategy remains to be seen.

Finally, there are a few strange elements in the green paper, which may be the result of current times (such as the extensive focus on the creation of new rules for crisis procurement), or a reflection of the particular interests of some of the actors involved in driving the reform forward (such as the explicit recognition of the possibility to charge suppliers fees for their participation in commercial vehicles, such as the proposed new DPS+, which seems to be of strategic importance to central purchasing bodies).

All in all, there is plenty to reflect upon. So this may be a good note on which to close the ‘procurement year’. I hope all readers will have a good winter break and to see you back here after the (long) hiatus, as I disappear into the horizon on my period of shared parental leave. All the best!

The EU’s Joint Procurement Agreement: how does it work, and why did the UK not participate? [Procurement pill, with recording]

Screenshot 2020-04-04 at 10.40.57.png

I thoroughly enjoyed discussing the EU’s Joint Procurement Agreement for the procurement of medical countermeasures (JPA) and its functioning, as well as the UK’s decision not to participate in the JPA for ventilators in the context of the COVID-19 emergency, with students and alumni of the International Master on Public Procurement Management (IMPPM) of Tor Vergata University of Rome. Thanks Gustavo Piga and Annalisa Castelli for the invitation and all participants for the energetic discussion.

The slides and recording of the session are now available (both on slideshare, and as dropbox powerpoint with fully functioning links). You can also watch the zoom recording, either downloading it from dropbox (otherwise you only get a 15’ preview), or in the youtube channel embedded below. NB: As a small correction to the content of the session, please note that during the Q&A I incorrectly stated that the JPA is open to EU, EEA and countries with neighbourhood agreements. That is incorrect, as the JPA is open to EU, EEA and candidate countries. Apologies for my confusion when responding to the question off the cuff.



'Experimental' WEF/UK Guidelines for AI Procurement: some comments

ⓒ Scott Richard, Liquid painting (2015).

ⓒ Scott Richard, Liquid painting (2015).

On 20 September 2019, and as part of its ‘Unlocking Public Sector Artificial Intelligence’ project, the World Economic Forum (WEF) published the White Paper Guidelines for AI Procurement (see also press release), with which it seeks to help governments accelerate efficiencies through responsible use of artificial intelligence and prepare for future risks. WEF indicated that over the next six months, governments around the world will test and pilot these guidelines (for now, there are indications of adoption in the UK, the United Arab Emirates and Colombia), and that further iterations will be published based on feedback learned on the ground.

Building on previous work on the Data Ethics Framework and the Guide to using AI in the Public Sector, the UK’s Office for Artificial Intelligence has decided to adopt its own draft version of the Guidelines for AI Procurement with substantially the same content, but with modified language and a narrower scope of some principles, in order to link them to the UK’s legislative and regulatory framework (and, in particular, the Data Ethics Framework). The UK will be the first country to trial the guidelines in pilot projects across several departments. The UK Government hopes that the new Guidelines for AI Procurement will help inform and empower buyers in the public sector, helping them to evaluate suppliers, then confidently and responsibly procure AI technologies for the benefit of citizens.

In this post, I offer some first thoughts about the Guidelines for AI Procurement, based on the WEF’s version, which is helpfully summarised in the table below.

Source: WEF, White Paper: ‘Guidelines for AI Procurement’ at 6.

Source: WEF, White Paper: ‘Guidelines for AI Procurement’ at 6.

Some Comments

Generally, it is worth being mindful that the ‘guidelines provide fundamental considerations that a government should address before acquiring and deploying AI solutions and services. They apply once it has been determined that the solution needed for a problem could be AI-driven’ (emphasis in original). As the UK’s version usefully stresses, many of the important decisions take place at the preparation and planning stages, before publishing a contract notice. Therefore, more than guidance for AI procurement, this is guidance on the design of a framework for the governance of innovative digital technologies procurement, including AI (but easily extendable to eg blockchain-based solutions), which will still require a second tier of (future/additional) guidance on the implementation of procurement procedures for the acquisition of AI-based solutions.

It is also worth stressing from the outset that the guidelines assume both the availability and a deep understanding by the contracting authority of the data that can be used to train and deploy the AI solutions, which is perhaps not fully reflective of the existing difficulties concerning the availability and quality of procurement data, and public sector data more generally [for discussion, see A Sanchez-Graells, 'Data-Driven and Digital Procurement Governance: Revisiting Two Well-Known Elephant Tales' (2019) Communications Law, forthcoming]. Where such knowledge is not readily available, it seems likely that the contracting authority may require the prior engagement of data consultants that could carry out an assessment of the data that is or could be available and its potential uses. This creates the need to roll-back some of the considerations included in the guidelines to that earlier stage, much along the lines of the issues concerning preliminary market consultations and the neutralisation of any advantages or conflicts of interest of undertakings involved in pre-tender discussions, which are also common issues with non-AI procurement of innovation. This can be rather tricky, in particular if there is a significant imbalance in expertise around data science and/or a shortfall in those skills in the contracting authority. Therefore, perhaps as a prior recommendation (or an expansion of guideline 7), it may be worth bearing in mind that the public sector needs to invest significant resources in hiring and retaining the necessary in-house capacities before engaging in the acquisition of complex (digital) technologies.

1. Use procurement processes that focus not on prescribing a specific solution, but rather on outlining problems and opportunities and allow room for iteration.

The fit of this recommendation with the existing regulation of procurement procedures seems to point towards either innovation partnerships (for new solutions) or dynamic purchasing systems (for existing or relatively off-the-shelf solutions). The reference to dynamic purchasing systems is slightly odd here, as solutions are unlikely to be susceptible of automatic deployment in any given context.

Moreover, this may not necessarily be the only possible approach under EU law and there seems to be significant scope to channel technology contests under the rules for design contests (Arts 78 and ff of Directive 2014/24/EU). The limited appetite of innovative start-ups for procurement systems that do not provide them with ‘market exposure’ (such as large framework agreements, but likely also dynamic purchasing systems) may be relevant, depending on market conditions (see eg PUBLIC, Buying into the Future. How to Deliver Innovation through Public Procurement (2019) 23). This could create opportunities for broader calls for technological innovation, perhaps as a phase prior to conducting a more structured (and expensive) procurement procedure for an innovation partnership.

All in all, it would seem like—at least at UK level, or in any other jurisdictions seeking to pilot the guidance—it could be advisable to design a standard procurement procedure for AI-related market engagement, in order to avoid having each willing contracting authority having to reinvent the wheel.

2. Define the public benefit of using AI while assessing risks.

Like with many other aspects of the guidelines, one of the difficulties here is to try to establish actionable measures to deal with ‘unknown unknowns’ that may emerge only in the implementation phase, or well into the deployment of the solution. It would be naive to assume that the contracting authority—or the potential tenderers—can anticipate all possible risks and design adequate mitigating strategies. It would thus perhaps be wise to recommend the use of AI solutions for public sector / public service use cases that have a limited impact on individual rights, as a way to gain much necessary expertise and know-how before proceeding to deployment in more sensitive areas.

Moreover, this is perhaps the recommendation that is more difficult to instrument in procurement terms (under the EU rules), as the consideration of ‘public benefit’ seems to be a matter for the contracting authority’s sole assessment, which could eventually lead to a cancellation—with or without retendering—of the procurement. It is difficult to see how to design evaluation tools (in terms of both technical specifications and award criteria) capable of capturing the insight that ‘public benefit extends beyond value for money and also includes considerations about transparency of the decision-making process and other factors that are included in these guidelines’. This should thus likely be built into the procurement process through opportunities for the contracting authority to discontinue the project (with no or limited compensation), which also points towards the structure of the innovation partnership as the regulated procedure most likely to fit.

3. Aim to include your procurement within a strategy for AI adoption across government and learn from others.

This is mainly aimed at ensuring cross-sharing of experiences and at concentrating the need for specific AI-based solutions, which makes sense. The difficulty will be in the practical implementation of this in a quickly-changing setting, which could be facilitated by the creation of a mandatory (not necessarily public) centralised register of AI-based projects, as well as the consideration of the creation and mandatory involvement of a specialised administrative unit. This would be linked to the general comment on the need to invest in skills, but could alleviate the financial impact by making the resources available across Government rather than having each contracting authority create its own expert team.

4. Ensure that legislation and codes of practice are incorporated in the RFP.

Both aspects of this guideline are problematic to a lawyer’s eyes. It is not a matter of legal imperialism to simply consider that there have to be more general mechanisms to ensure that procurement procedures (not only for digital technologies) are fully legally compliant.

The recommendation to carry out a comprehensive review of the legal system to identify all applicable rules and then ‘Incorporate those rules and norms into the RFP by referring to the originating laws and regulations’ does not make a lot of sense, since the inclusion or not in the RFP does not affect the enforceability of those rules, and given the practical impossibility for a contracting authority to assess the entirety of rules applicable to different tenderers, in particular if they are based in other jurisdictions. It would also create all sorts of problems in terms of potential claims of legitimate expectations by tenderers. Moreover, under EU law, there is case law (such as Pizzo and Connexxion Taxi Services) that creates conflicting incentives for the inclusion of specific references to rules and their interpretation in tender documents.

The recommendation on balancing trade secret protection and public interest, including data privacy compliance, is just insufficient and falls well short of the challenge of addressing these complex issues. The tension between general duties of administrative law and the opacity of algorithms (in particular where they are protected by IP or trade secrets protections) is one of the most heated ongoing debates in legal and governance scholarship. It also obviates the need to distinguish between the different rules applicable to the data and to the algorithms, as well as the paramount relevance of the General Data Protection Regulation in this context (at least where EU data is concerned).

5. Articulate the technical feasibility and governance considerations of obtaining relevant data.

This is, in my view, the strongest part of the guidelines. The stress on the need to ensure access to data as a pre-requisite for any AI project and the emphasis and detail put in the design of the relevant data governance structure ahead of the procurement could not be clearer. The difficulty, however, will be in getting most contracting authorities to this level of data-readiness. As mentioned above, the guidelines assume a level of competence that seems too advanced for most contracting authorities potentially interested in carrying out AI-based projects, or that could benefit from them.

6. Highlight the technical and ethical limitations of using the data to avoid issues such as bias.

This guideline is also premised on advanced knowledge and understanding of the data by the contracting authority, and thus creates the same challenges (as further discussed below).

7. Work with a diverse, multidisciplinary team.

Once again, this will be expensive and create some organisational challenges (as also discussed below).

8. Focus throughout the procurement process on mechanisms of accountability and transparency norms.

This is another rather naive and limited aspect of the guidelines, in particular the final point that ‘If an algorithm will be making decisions that affect people’s rights and public benefits, describe how the administrative process would preserve due process by enabling the contestability of automated decision-making in those circumstances.' This is another of the hotly-debated issues surrounding the deployment of AI in the public sector and it seems unlikely that a contracting authority will be able to provide the necessary answers to issues that are yet to be determined—eg the difficult interpretive issues surrounding solely automated processing of personal data under the General Data Protection Regulation, as discussed in eg M Finck, ‘Automated Decision-Making and Administrative Law’ (2019) Max Planck Institute for Innovation and Competition Research Paper No. 19-10.

9. Implement a process for the continued engagement of the AI provider with the acquiring entity for knowledge transfer and long-term risk assessment.

This is another area of general strength in the guidelines, which under EU procurement law should be channeled through stringent contract performance conditions (Art 70 Directive 2014/24/EU) or, perhaps even better, by creating secondary regulation on mandatory on-going support and knowledge transfer for all AI-based implementations in the public sector.

The only aspect of this guideline that is problematic concerns the mention that, in relation to ethical considerations, ‘Bidders should be able not only to describe their approach to the above, but also to provide examples of projects, complete with client references, where these considerations have been followed.’ This would clearly be a problem for new entrants, as well as generate rather significant first-mover advantages for undertakings with prior experience (likely in the private sector). In my view, this should be removed from the guidelines.

10. Create the conditions for a level and fair playing field among AI solution providers.

This section includes significant challenges concerning issues related to the ownership of IP on AI-based solutions. Most of the recommendations seem rather complicated to implement in practice, such as the reference to the need to ‘Consider strategies to avoid vendor lock-in, particularly in relation to black-box algorithms. These practices could involve the use of open standards, royalty-free licensing and public domain publication terms’, or to ‘'consider whether [the] department should own that IP and how it would control it [in particular in the context of evolution or new design of the algorithms]. The arrangements should be mutually beneficial and fair, and require royalty-free licensing when adopting a system that includes IP controlled by a vendor’. These are also extremely complex and debated issues and, once again, it seems unlikely that a contracting authority will be able to provide all relevant answers.

Overall assessment

The main strength of the guidelines lies in its recommendations concerning the evaluation of data availability and quality, as well as the need to create robust data governance frameworks and the need to have a deep insight into data limitations and biases (guidelines 5 and 6). There are also some useful, although rather self-explanatory reminders of basic planning issues concerning the need to ensure the relevant skillset and the unavoidable multidisciplinarity of teams working in AI (guidelines 3 and 7). Similarly, the guidelines provide some very high-level indications on how to structure the procurement process (guidelines 1, 2 and 9), which will however require much more detailed (future/additional) guidance before they can be implemented by a contracting authority.

However, in all other aspects, the guidelines work as an issue-spotting instrument rather than as a guidance tool. This is clearly the case concerning the tensions between data privacy, good administration and proprietary protection of the IP and trade secrets underlying AI-based solutions (guidelines 4, 8 and 10). In my view, rather than taking the naive—and potentially misleading—approach of indicating the issues that contracting authorities need to address (in the RFP, or elsewhere) as if they were currently (easily, or at all) addressable at that level of administrative practice, the guidelines should provide sufficiently precise and goal-oriented recommendations on how to do so if they are to be useful. This is not an easy task and much more work seems necessary before the document can provide useful support to contracting authorities seeking to implement procedures for the procurement of AI-based solutions. I thus wonder how much learning can the guidelines generate in the pilots to be conducted in the UK and elsewhere. For now, I would recommend other governments to wait and see before ‘adopting’ the guidelines or treating them as a useful policy tool, in particular if that discouraged them from carrying out their own efforts in developing actionable guidance on how to procure AI-based solutions.

Finally, it does not take much reading between the lines to realise that the challenges of developing an enabling data architecture and upskilling the public sector (not solely the procurement workforce, and perhaps through specialised units, as a first step) so that it is able to identify the potential for AI-based solutions and to adequately govern their design and implementation remain as very likely stumbling blocks in the road towards deployment of public sector AI. In that regard, general initiatives concerning the availability of quality procurement data and the necessary reform of public procurement teams to fill the data science and programming gaps that currently exist should remain the priority—at least in the EU, as discussed in A Sanchez-Graells, EU Public Procurement Policy and the Fourth Industrial Revolution: Pushing and Pulling as One? (2019) SSRN working paper, and in idem, 'Some public procurement challenges in supporting and delivering smart urban mobility: procurement data, discretion and expertise', in M Finck, M Lamping, V Moscon & H Richter (eds), Smart Urban Mobility – Law, Regulation, and Policy, MPI Studies on Intellectual Property and Competition Law (Berlin, Springer, 2020) forthcoming.

Brexit & Procurement: Transitioning into the Void?

ClvnULTWkAACHXT.jpg

Dr Pedro Telles and I are putting the last touches to a new paper on Brexit and procurement (see here for an earlier analysis). In this working paper, we concentrate on the implications of the draft transition agreement of March 2018, as well as some of the aspects of a potential future EU-UK FTA. The abstract of the paper, which is available on SSRN and on which we sincerely invite any feedback, is as follows:

On 29 March 2017, the UK notified its intention of leaving the EU. This activated the two-year disconnection period foreseen in Article 50 TEU, thus resulting in a default Brexit at the end of March 2019. The firming up of a draft agreement on a transition period to run until 31 December 2020 can now provide a longer timescale for the Brexit disconnection, as well as some clarity on the process of disentanglement of the UK’s and EU’s legal systems. The draft transition agreement of 19 March 2018 provides explicit rules on public procurement bound to regulate ‘internal’ procurement trade between the UK and the EU for a period of over 15 months. However, the uncertainty concerning the future EU-UK relationship remains, and the draft agreement does not provide any indication on the likely legal architecture for future EU-UK trade, including through public procurement. The draft agreement has thus not suppressed the risk of a ‘cliff-edge’ disconnection post-Brexit, but rather solely deferred it. The transition is currently not into an alternative system of procurement regulation, but rather into the void. There have also been very limited developments concerning the UK’s and EU’s repositioning within the World Trade Organisation Government Procurement Agreement (WTO GPA), which creates additional legal uncertainty from the perspective of ‘external’ trade in procurement markets due to the absence of a ‘WTO rules’ default applicable to public procurement.

Against the backdrop of this legal uncertainty, this paper critically assesses the implications for public procurement of the March 2018 draft transition agreement. In particular, the paper identifies three shortcomings that would have required explicit regulation: first, the (maybe inadvertent) exclusion from the scope of coverage of the of the draft transition agreement of procurement carried out by the EU Institutions themselves; second, the continued enforcement of the rules on contract modification and termination; and third, the interaction between procurement and other rules. The paper also and flags up some of the areas for future EU-UK collaboration that require further attention. The paper then goes on to revisit the continued uncertainty concerning the EU’s and UK’s position within the WTO GPA. It concludes that it is in both the UK’s and the EU’s interest to reach a future EU-UK FTA that ensures continued collaboration and crystallises current compliance with EU rules, and to build on it to reach a jointly negotiated solution vis-a-vis the rest of WTO GPA parties.

The full details of the paper are as follows: P Telles & A Sanchez-Graells, 'Brexit and Public Procurement: Transitioning into the Void?' (April 20, 2018) SSRN working paper https://ssrn.com/abstract=3166056.

Legal Archaeology: Timing of Brexit, CJEU case law & substantive public procurement rules

1_archeologygallery_nationalgeographic_611691.jpg

At the extremely thought-provoking conference "Trade Relations after Brexit: Impetus for the Negotiation Process", I had the chance to present some thoughts on the regulatory challenges that Brexit poses for EU public procurement regulation, and to explore potential solutions that could/should be designed in the context of an agreement regulating future EU-UK relationships. I already posted my general views here. However, the discussions at the conference made me think in more detail about the specific challenge of fostering substantive coordination post-Brexit--which is an unavoidable challenge if the UK is to have any sort of meaningful access to the EU internal market, and all the more in the context of an ambitious FTA.

Of course, this challenge is not all that peculiar to the area of public procurement, and the general problems that section 6(2) of the European Union (Withdrawal) Bill (EUWB) creates concerning the non-bindingness of the future case law of the Court of Justice have been extensively discussed by others. Indeed, by establishing that 'A court or tribunal need not have regard to anything done on or after exit day by the European Court, another EU entity or the EU but may do so if it considers it appropriate to do so', if unchanged, the EU (Withdrawal) Act would create a level of legal uncertainty that nobody desires--first and foremost, prominent UK Judges such as Lord Neuberger.

However, it seems to me that, should Brexit day come some time in 2019 or 2020, the effects of the EUWB could be rather undesirable--unless, of course, UK courts decided to systematically (and voluntarily) keep a close eye on the CJEU future case interpreting the 2014 Public Procurement Package. Why is that?

The UK transposed the 2014 Public Procurement Package by copying it out, primarily into the Public Contracts Regulations 2015 [A Sanchez-Graells, 'The Implementation of Directive 2014/24/EU in the UK', in S Treumer & M Comba (eds), Implementation of Directive 2014/24, vol. 8 European Procurement Law Series (Edward Elgar, forthcoming). ]. Thus, barring any intervening 'fine-tuning' of the transposition, on Brexit Day (and until such time as the PCR2015 are reformed, or EU procurement law subject to further revision), the domestic UK rules will be perfectly aligned with EU public procurement law. However, and rather counterintuitively, this cannot by itself ensure substantive coordination in the foreseeable future. How come?

As things stand, and unless I have missed something, the CJEU is yet to issue any judgment interpreting the three Directives included in the 2014 Public Procurement Package (Dirs 23, 24 and 25/2014/EU). On occasion, the Court has indirectly taken into consideration some of the reforms the 2014 Package brought about, but most of the rules where there is a sharp distinction between the pre-2014 and the post-2014 rules (which sometimes involve a 'flexible recast' or implicit reform of case law that got incorporated to the new Directives) remain untouched. Enter the EUWB.

According to section 6(3) EUWB, "Any question as to the validity, meaning or effect of any retained EU law is to be decided, so far as that law is unmodified on or after exit day and so far as they are relevant to it—(a) in accordance with any retained case law and any retained general principles of EU law, ...". So, when confronted with the need to interpret the PCR2015 (identical to the 2014 Package), the UK Courts will only be able to rely on 'old' CJEU case law, which may or may not be a good proxy of the interpretation the CJEU would (will) make of the revised rules, in particular where there is a clash between such 'old' case law and the new rules [for extended discussion, see GS Ølykke & A Sanchez-Graells (eds), Reformation or Deformation of the EU Public Procurement Rules (Edward Elgar, 2016)].

Moreover, given the different techniques of statutory interpretation applicable in the UK and those the CJEU tends to follow, even the most willing UK court may find itself carrying out complex exercises in 'legal archeology' to ascertain the extent to which the 'old' case law buried under the new rules is of any use in the construction of the latter. Oddly enough, should the UK courts--willingly, due to convenience, or inadvertently--give more weight to the 'old' case law than the CJEU itself (which could decide to go by the literal tenor of the new rules, even if they deactivate previous jurisprudential positions, to show deference to the EU legislators) the UK could end up with 'purer' EU public procurement rules than the EU itself. Surely not what the drafters of section 6(2) and (3) EUWB had in mind.

Of course, this hypothetical scenario is bound to lose relevance as time goes by and the CJEU has the chance to engage in the direct interpretation of the 2014 Package--and a long transition period may do away with the peculiarity derived from the current 'estimated' timing of Brexit and the recent reform of EU public procurement law. More generally, all in all, this is probably highly theoretical or even absurd, but I think it militates in favour of a flexible mechanism for UK courts to (voluntarily, sure) send references on interpretation to the CJEU post-Brexit, if there is to be substantive coordination--not solely on procurement, but in all areas of 'regulatory allignment' of a flavour or other, in the context of the agreement for future EU-UK relationships. Will the next wave of negotiations raise to this challenge?

Examining Brexit Through the GPA’s Lens: What Next for UK Public Procurement Reform?

28246711066_52e38bc591_z.jpg

Dr Pedro Telles and I have just published 'Examining Brexit Through the GPA’s Lens: What Next for UK Public Procurement Reform?' (2017) 47(1) Public Contract Law Journal 1-33 and, thanks to the permission of the American Bar Association, made it available through SSRN https://ssrn.com/abstract=3076543. This is the abstract:

The United Kingdom has formally started the process of leaving the European Union (so called Brexit). This has immersed the UK Government and EU Institutions in a two-year period of negotiations to disentangle the UK from EU law by the end of March 2019, and to devise a new legal framework for UK-EU trade afterwards. The UK will thereafter be adjusting its trading arrangements with the rest of the world. In this context, public procurement regulation is broadly seen as an area where a UK ‘unshackled by EU law’ would be able to turn to a lighter-touch and more commercially-oriented regulatory regime. There are indications that the UK would simultaneously attempt to create a particularly close relationship with the US, although recent changes in US international trade policy may pose some questions on that trade strategy. Overall, then, Brexit has created a scenario where UK public procurement law and policy may be significantly altered.

The extent to which this is a real possibility crucially depends on the framework for the future trading relationship between the UK and the EU. Whereas ”EU-derived law” will not restrict the UK’s freedom to regulate public procurement, the conclusion of a closely-knit EU-UK trade agreement covering procurement could thus well result in the country’s continued full compliance with EU rules. Nonetheless, this is not necessarily a guaranteed scenario and, barring specific requirements in future free trade agreements between the UK and the EU or third countries, including the US, the World Trade Organisation Government Procurement Agreement (GPA) seems to be the only regulatory constraint with which future UK public procurement reform needs to conform. However, the position of the UK under the GPA is far from clear. We posit that the UK will face a GPA accession process and GPA members may see Brexit as an opportunity to obtain new concessions from the UK and the EU, which could be both in terms of scope of coverage or regulatory conformity. Further, given the current trend of creating GPA plus procurement chapters in free trade agreements, such as the US-Korea FTA, the GPA regulatory baseline will gain even more importance as a benchmark for any future reform of public procurement regulation in the UK, even beyond the strict scope of coverage of the GPA. Given the diversity of GPA-compliant procurement systems (such as the EU’s and the US’), though, the extent to which the GPA imposes significant restrictions on UK public procurement reform is unclear. However, we argue that bearing in mind the current detailed regulation in the UK might itself limit deregulation due to the need to comply with the international law principle of good faith as included in the 1969 Vienna Convention on the Law of Treaties and, to a certain extent, the United Nations Convention Anti-Corruption. 

The aim of this paper is to try to disentangle the multi-layered complexities of Brexit and to explore the issues that Brexit has created in the area of international public procurement regulation, both from the perspective of ‘internal’ EU law-related issues and with regard to broader ‘external’ issues of international trade regulation, as well as to assess the GPA baseline regulatory requirements, and to reflect on the impact these may have on post-Brexit public procurement reform in the UK.

International Seminar on the Transposition of the 2014 Public Procurement Directives

I was honoured to take part in the International Seminar on the Transposition of the 2014 Public Procurement Directives organised by the Institute of Local Law of the Autonomous University of Madrid and the Madrid City Council. These are the slides (in Spanish) I used to present my views on the UK's transposition of the 2014 Public Procurement Package.

Concerted withdrawal of bids for legal aid work: a cartel in public procurement. Could it be justified?

I just found out yesterday (thanks @Detig) about the London Criminal Courts Solicitors' Association (LCCSA) campaign to boycott on-going legal aid reforms (ie cuts to legal aid). In a nutshell, the LCCSA is asking its members to exchange information about their willingness to withdraw the bids they submitted to the Legal aid crime tender 2015

The LCCSA intends to use the information to inform their ongoing engagement with the Ministry of Justice (ie, put pressure and stop the cuts). Generally, this could be seen as a worthwhile act of protest against a policy that will deepen inequality in access to justice. However, the way they are implementing it is deeply concerning from a competition and public procurement perspective.

Similarly to past action from the Bar (see @AngusMacCulloch's good piece here), this is a textbook cartel (see also @PublicProcure additional remarks here). Independent firms are exchanging confidential commercial information in a way that is not required by their activity in the market. This is prohibited by the relevant UK and EU rules, as interpreted by the Court of Justice of the EU (CJEU) in several cases. Most recently, in MasterCard (C-382/12, EU:C:2014:2201, para 62), the CJEU stressed that
Without prejudice to the right of economic operators to adapt themselves intelligently, but independently, to the existing or anticipated conduct of their competitors (see judgments in Suiker Unie and Others v Commission, 40/73 to 48/73, 50/73, 54/73 to 56/73, 111/73, 113/73 and 114/73, EU:C:1975:174, paragraph 174; Ahlström Osakeyhtiö and Others v Commission, C‑89/85, C‑104/85, C‑114/85, C‑116/85, C‑117/85 and C‑125/85 to C‑129/85, EU:C:1993:120, paragraph 71; and Asnef-Equifax and Administración del Estado, C‑238/05, EU:C:2006:734, paragraph 53 and the case-law cited), Article [101 TFEU] catches all forms of cooperation and of collusion between undertakings, including by means of a collective structure or a common body, such as an association, which are calculated to produce the results which that provision aims to suppress (see, to that effect, judgments in Nederlandse Vereniging voor de fruit en groentenimporthandel and Frubo v Commission, 71/74, EU:C:1975:61, paragraph 30; van Landewyck and Others v Commission, 209/78 to 215/78 and 218/78, EU:C:1980:248, paragraph 88; and Eurofer v Commission, C‑179/99 P, EU:C:2003:525, paragraph 23).
Regarding the prohibition to exchange information in itself, in Asnef-Equifax (C-238/05, EU:C:2006:734, paras 51-52), the Court very clearly stressed that
According to the case-law on agreements on the exchange of information, such agreements are incompatible with the rules on competition if they reduce or remove the degree of uncertainty as to the operation of the market in question with the result that competition between undertakings is restricted (John Deere v Commission, paragraph 90, and Case C-194/99 P Thyssen Stahl v Commission [2003] ECR I-10821, paragraph 81).
In effect, it is inherent in the Treaty provisions on competition that every economic operator must determine autonomously the policy which it intends to pursue on the common market. Thus, according to that case-law, such a requirement of autonomy precludes any direct or indirect contact between economic operators of such a kind as either to influence the conduct on the market of an actual or potential competitor or to reveal to such a competitor the conduct which an operator has decided to follow itself or contemplates adopting on the market, where the object or effect of those contacts is to give rise to conditions of competition which do not correspond to the normal conditions of the market in question, taking into account the nature of the products or the services provided, the size and number of the undertakings and also the volume of the market (see Commission v Anic Partecipazioni, paragraphs 116 and 117, as well as the case-law cited).
Thus, there is no doubt that LCCSA's activity is in contravention of the applicable competition law provisions. It is true that the LCCSA is trying to create some safeguards on the circulation of that information.  According to their 'invitation to indicate a willingness to de-tender':
This information will be held on a confidential basis, with responses sent to and collated by one named solicitor member of the LCCSA committee who will not disclose the names of the firms submitting information to anyone including officers and any other committee members of the LCCSA unless and until that firm’s consent has been obtained for their name to be released to the LCCSA officers and committee.
The solicitor holding the information (who is from a firm not submitting any tender) would be able to provide to the President and the Vice President of the LCCSA committee the number of responses received, the numbers bidding, the numbers not bidding, the numbers indicating a willingness to refuse an offer if made or withdrawing a bid and the areas involved. 
However, these safeguards are insufficient to ensure that (with the consent of the participating firms), the information will not end up in the hands of their competitors. Moreover, the aim of the exchange of information is to boycott the Legal aid crime tender 2015, which in my view is a clear anti-competitive agreement prohibited because its object is to restrict or distort competition, so the actual effects of the exchange of information need not be proved. 

Moreover, it is taking place in a public procurement scenario, which can have further implications in terms of future debarment of these firms if found guilty [for discussion, see here and A Sanchez Graells, "Exclusion, Qualitative Selection and Short-listing in the New Public Sector Procurement Directive 2014/24" in F Lichere, R Caranta and S Treumer (ed) Novelties in the 2014 Directive on Public Procurement, vol. 6 European Procurement Law Series, (Copenhagen, Djøf Publishing, 2014)].

Photograph: Sean Smith for the Guardian
Sean Smith/Guardian
Could it be justified?
Despite the clear prohibition of the conduct in which LCCSA has engaged, given that it pursues a declared worthwhile objective and, in any case, could be seen as a manifestation of (informal) collective labour action and/or a right to demonstrate against the government, it is relevant to assess whether the invitation to indicate a willingness to de-tender campaign could be justified.

In my view, the possibility to justify it under Art 101(3) TFEU is very slim, if there is any. As stressed in Asnef-Equifax (para 65),
The applicability of the exemption provided for in Article [101(3) TFEU is subject to the four cumulative conditions laid down in that provision. First, the arrangement concerned must contribute to improving the production or distribution of the goods or services in question, or to promoting technical or economic progress; secondly, consumers must be allowed a fair share of the resulting benefit; thirdly, it must not impose any non-essential restrictions on the participating undertakings; and, fourthly, it must not afford them the possibility of eliminating competition in respect of a substantial part of the products or services in question (see, to that effect, Joined Cases 43/82 and 63/82 VBVB and VBBB v Commission [1984] ECR 19, paragraph 61, as well as Remia and Others v Commission, paragraph 38).  
And the application of the second condition requires that 'objective economic advantages might be such as to offset the disadvantages of such a possible restriction' (para 67), which is a very difficult test to apply in this case, particularly in view of the undertain outcome of LCCSA's campaign and the ensuing regulatory response by the Ministry of Justice, if any.

A longer shot would be to try to apply the doctrine of the CJEU regarding infringements of EU law based on the exercise of fundamental rights--as discussed in Schmidberger (C-112/00, EU:C:2003:333, paras 80 and ff). In that situation, which concerned a restriction of free movement of goods and not a competition infringement (and this, in itself, creates significant uncertainty as to the possibility of extrapolating the argument without more), 
neither the freedom of expression nor the freedom of assembly ... appears to be absolute but must be viewed in relation to its social purpose. Consequently, the exercise of those rights may be restricted, provided that the restrictions in fact correspond to objectives of general interest and do not, taking account of the aim of the restrictions, constitute disproportionate and unacceptable interference, impairing the very substance of the rights guaranteed (see, to that effect, Case C-62/90 Commission v Germany [1992] ECR I-2575, paragraph 23, and Case C-404/92 P X v Commission [1994] ECR I-4737, paragraph 18).
In those circumstances, the interests involved must be weighed having regard to all the circumstances of the case in order to determine whether a fair balance was struck between those interests.
The competent authorities enjoy a wide margin of discretion in that regard. Nevertheless, it is necessary to determine whether the restrictions placed upon intra-Community trade are proportionate in the light of the legitimate objective pursued, namely, in the present case, the protection of fundamental rights.
In a case involving similar acts of demonstration (albeti with use of force) for the purpose of forcing engagement with negotiations (Laval un Partneri, C-341/05, EU:C:2007:809), the assessment of proportionality of the boycott was strict and the CJEU determined that EU law prevented 'a trade union ... from attempting, by means of collective action in the form of a blockade (‘blockad’) of sites ... to force a provider of services ... to enter into negotiations with it'. Thus, this potential justification also seems unlikely to cover LCCSA's campaign.

What then?
Given that LCCSA's 'invitation to indicate a willingness to de-tender' and, generally, its attempts to boycott the MoJ's Legal aid crime tender 2015 run against competition law and they cannot be justified or exempted from the prohibition, the association may want to desist from this course of action and think about more creative (legal) ways of opposing the policy of cuts in this area. Otherwise, their efforts will be in vain and their main goal of positively influencing a system that ensures access to justice will be further diminished in case the LCCSA is found in breach of competition law and forced to pay penalties.