'Government Cloud Procurement' as precursor of procurement gatekeeping? -- re McGillivray (2022)

I have started reading K McGillivray, Government Cloud Procurement. Contracts, Data Protection, and the Quest for Compliance (Cambridge University Press 2022), which promises to be a big addition to the literature on the procurement of digital technologies. One of the key issues the book explores at length is the central role that public contracts play in filling (some of the) regulatory gaps left by the absence of legislation addressing the challenges of cloud computing.

This got me thinking that this gap-filling function of public contracts in the cloud sphere is reflective of the broader role that procurement procedures and the ensuing public contracts are starting to develop in relation to other types of digital technology—notably, artificial intelligence (AI).

Procurement regulation will increasingly (be expected to) play a crucial gatekeeping role in the adoption of digital technologies for public governance and public service delivery. As rightly stressed: ‘The rules governing the acquisition of algorithmic systems by governments and public agencies are an important point of intervention in ensuring their accountable use’ [Ada Lovelace Institute, AI Now Institute and Open Government Partnership, Algorithmic Accountability for the Public Sector (August 2021) 33]. Ultimately, contracts and other arrangements for the development and acquisition of digital solutions are the entry point into the public sector for these innovations, and the procurement rules can be either a catalyst or a hindrance to co-production and experimentation with digital governance solutions.

The gatekeeping role of procurement underpinned eg one of the recommendations of the UK’s Committee on Standards in Public Life, in its report on Artificial Intelligence and Public Standards: ‘Government should use its purchasing power in the market to set procurement requirements that ensure that private companies developing AI solutions for the public sector appropriately address public standards. This should be achieved by ensuring provisions for ethical standards are considered early in the procurement process and explicitly written into tenders and contractual arrangements’ (2020: 51). A variation of the gatekeeping approach can concentrate on procurement practice and the embedding of specific controls as a matter of public buyer deontology [see P Oluka Nagitta et al., ‘Human-centered artificial intelligence for the public sector: The gate keeping role of the public procurement professional’ (2022) 200 Procedia Computer Science 1084-1092].

There is thus a growing recognition of the pragmatic utility of leveraging procurement mechanisms to ensure transparency and accountability in algorithmic systems, particularly considering that these systems play a crucial role in policymaking and decision-making by public agencies [DK Mulligan and KA Bamberger, ‘Procurement as policy: Administrative process for machine learning’ (2019) 34(3) Berkeley Technology L. J. 773-851]. Consequently, there is increasing interest in a reassessment of the existing procurement rules as they apply to contracts for digital technologies; as well as in the redesign of procurement to foster reliability, sustainability, and public trust in AI [see e.g. UK Government, BEIS, DCMS and Office for AI, Guidelines for AI procurement (8 June 2020); also W Naudé and N Dimitri, ‘Public Procurement and Innovation for Human-Centered Artificial Intelligence’ (2021)].

However, the challenges in effectively mobilising procurement for this gatekeeping function are yet to be properly conceptualised and understood [See e.g. P Nowicki, ‘Deus Ex Machina?: Some Remarks on Public Procurement in the Second Machine Age’ (2020) 1 EPPPL 53-60; see also K Mcbride et al, ‘Towards a Systematic Understanding on the Challenges of Procuring Artificial Intelligence in the Public Sector’ (2021)].

As I keep thinking about this (see here for earlier thoughts), I am realising that the emerging discussion or conceptualisation of public procurement (or procurement professionals) as gatekeepers of the adoption of AI by the public sector (and more broadly) can fall into the same trap of partiality as the equivalent discussion of financial gatekeepers in the corporate governance sphere years ago.

As Prof Coffee brightly pointed out [Gatekeepers: The Professions and Corporate Governance (OUP, 2006) 2-3] in the context of financial markets, there are two important dimensions of gatekeeping at play: one concerns ‘strict’ gatekeeping in terms of veto capacity (eg an audit firm can decline providing an opinion on corporate accounts, or a lawyer can decline to provide an opinion required for the closing of a specific corporate transaction). The other dimension, however, concerns a reputational aspect of gatekeeping that can generate reliance by third parties (eg an investment bank acquiring shares of a target company can lead others to also invest in that company).

In the procurement context, it seems to me that there is also a strict gatekeeping function (procurement requirements determine which technology/provider cannot get a public contract, eg to protect a specific public interest or avoid a specific public harm; or which one can provided it abides by specific contractualised requirements), as well as a reputational gatekeeping function (eg procurement of specific technologies/from specific providers can have a signalling effect that triggers further procurement by other public buyers and/or adoption by the private sector).

While in financial markets the reputational aspect is dependent on market-based issues (such as repeat transactions), in procurement settings reputation is almost a given due to a presumption of strict scrutiny of public providers (and thus the importance of ‘past performance’, or other signals such as being able to disclose that a technology or provider is used by Department X, or in some other settings ‘by appointment to HM the Queen’). This compounds the importance of procurement gatekeeping, as it not only concerns the specific decision adopted by a given public buyer, but also the broader access of technologies and providers into the public sector (and beyond).

However, a significant difference between gatekeeping in financial markets and in procurement however stems from the likely main source of potential failure of the gatekeeper. While in financial markets gatekeepers can be expected to be high-skilled but subject to structural conflicts of interest, in particular due to the way they are remunerated (which impinges on their independence), in procurement markets there is a real risk that public buyers are not only subject to potential conflicts of interest (an enduring issue in procurement regulation, and the source of incomplete attempts at the regulation of conflicts of interest and integrity in procurement), but also underprepared for the gatekeeping task.

In other words, the asymmetry of information seems to operate in reverse in both settings. While in financial markets the superior information and related skills belong to the gatekeeper (as compared to the retail, or even (passive) institutional investors), in procurement markets the information and skills disadvantage plays against the gatekeeper (public buyer) and in favour of those seeking to sell their technology.

And this is where the analysis by McGillivray is again interesting, as it highlights compliance challenges and gaps resulting from the parallel procurement-based gatekeeping of data protection law in the government cloud procurement sphere. Plenty food for thought (at least for me).

Social housing, State aid and procurement show up again in EU Courts' case law (T-397/12)

In its Judgment in Diputación Foral de Bizkaia v Commission, T-397/12, EU:T:2015:291 (only available in ES and FR), the General Court (GC) of the Court of Justice of the European Union (CJEU) has decided a case involving State aid and public procurement for social housing. The issues raised in this case are technically different from those discussed in previous cases and, particularly, in Libert and Others (joined cases C-197/11 & C-203/11, EU:C:2013:288). However, there are some elements worth discussing. 

As a preliminary point, it is worth stressing that the case only concerned violations of State aid rules under Arts 107 and 108 TFEU. However, there was a very significant violation of EU public procurement rules as well--as a result of the direct award of over €150mn worth of works or supplies (depending on how pre-fabricated modular homes are categorised). Nonetheless, given that this was not discussed in the case, the comments are limited to the State aid dimension of the Spanish infringement of EU law.

The claimant, Diputación Foral de Bizkaia (DFB) is a regional authority in Spain and it owns 100% of public corporation Bizkailur SA (Bizkailur), which is dedicated to urban development, particularly for industrial purposes, with the ultimate aim of attracting business to the region. Through Bizkailur, DFB entered into two contracts with Habidite Technologies País Vasco SA (Habidite) for the set-up of a construction module factory in Alonsotegi and the delivery of 1,500 modular homes. 

According to the first contract, DFB and Bizkailur would purchase a land plot and adapt it for industrial use to prepare the setting up of a Habidite factory in Alonsotegi. Under the second contract, the public authorities committed to purchase from Habidite a total of 1,500 homes constructed with modules produced in Alonsotegi in order to sell them as social housing [see the Commission's press release].

The Commission found that the contracts contained illegal state aid because no private player would have accepted to contract on such terms. In the Commission's view, the maximum support that could be granted to the project was of €10.5 mn, but the actual advantage given to Habidite was much larger [see Commission's Decision for details]. Moreover, given that the measures had not been notified before they were granted to Habidite, the aid was unlawful.  DFB challenged the Commission's decision, but the GC has dismissed the appeal. A further appeal before the CJEU seems unlikely, given that the Habidite project was eventually abandoned by DFB due to lack of financial resources.

Some of the arguments submitted by DFB to the GC are so shocking that they deserve some discussion before laughing them off. In particular, I find it ridiculous for DFB to have submitted that no aid existed on the basis of a circular argument ultimately based on its own failure to comply with EU law, which would suffice to trigger a constructive estoppel under Spanish law (as, indeed, later declared by the competent domestic courts; see press release). 

The argument goes as follows: DFB signed a contract with Hadibite through Bizkailur for interests in land and property, which subjected it to Spanish civil rules (ie private law). A fundamental element in the Spanish contract formation rules is the requirement of Art 1258 Civil Code, according to which "Contracts are perfected by mere consent, and since then bind the parties, not just to the performance of the matters expressly agreed therein, but also to all consequences which, according to their nature, are in accordance with good faith, custom and the law" (emphasis as per GC's extracts). The aid given to Hadibite through the contracts was illegal under Arts 107 and 108 TFEU. Hence, the contract was null and void and, ultimately, there was no aid because DFB (through Bizkailur) was not boud to comply with an illegal contract. 

This is a circular and preposterous argument, as it would mean that there would never be illegal and unlawful State aid measures because they would be legally non-existent as a result of the supremacy and direct effect of Arts 107 and 108 TFEU, regardless of the specific (private or public) contract rules of the specific Member State. And, in any case, domestic theories of estoppel could well de-articulate the argument on strictly contractual terms--which would immediately trigger issues of good faith in negotiations and pre-contractual liability for the authorities granting aid, which is also prevented by the effet utile of Arts 107 and 108 TFEU.

Along these lines, and more elegantly, the GC considered that "as to the applicant's argument that there can be no breach of EU law because national law requires a prior notification of the planned aid to the Commission [without which there is no legally binding and unconditional commitment to actually grant the aid], it suffices to state that it cannot be declared that no infringement of EU law existed for the mere fact that [the contracts] also violated national law" (T-397/12, para 36, own translation).

Finally, it is worth mentioning that the Judgment is also interesting for the discussion of the procedural rights of sub-central public authorities in State aid infringement procedures opened against the Member State of which they are part. The GC reiterated the standard position that (given that they are interested parties, but not parties of the procedure) such authorities cannot rely on the rights of defense or try to maintain an open debate with the Commission (paras 53-63).

Protection of IPR and limits of contractual relationships: AG Opinion in Case C-103/11 P

Last 15 Movember 2012, Advocate General Cruz Villalon delivered his Opinion in case in Case C-103/11 P Commission v Systran SA and Systran Luxembourg SA, where he endorsed the position of the European Commission whereby intellectual property related disputes that arise in the broader context of a contractual relationship between rights-holder and infringer are a matter of contractual liability--and, consequently, remain outside the jurisdiction of the EU Courts.

The dispute derived from the disclosure of proprietary Systran know how and other IPR protected data by the European Commission to a third party in the context of the maintenance and linguistic enhancement of a machine translation system initially developed by Systran. Systran brought the case to the General Court and, in 2010 (T-19/07), it held that the dispute could not be considered to be contractual in nature and that it did not therefore lack jurisdiction to adjudicate upon it. It imposed a lump sum payment of €12mn to compensate Systran for the loss of value of its IPR. The Commission appealed.

According to AG Cruz Villalon,  the dispute in question must primarily be examined by the competent national courts, in accordance with the agreements in question and the laws applicable to them.  According to the AG, the General Court made an error in law in its examination of the relationships which were established, in a very marked contractual context, between the Commission and the various companies in the Systran group which have developed or contributed  to the development of the various versions of the Systran software. Therefore, the General Court wrongly declared itself as having jurisdiction to hear and determine the action for compensation for the damage allegedly caused to Systran by the Commission’s conduct. 

The final decision by the CJEU in this case will be of major relevance, since it will deal with the complicated issue (which does not seem to receive homogeneous treatment across the EU) of the vis attractiva of contracts when the parties engage in subsequent tortious behavior. Therefore, the final Judgment in case C-103/11 may have large consequences for the Contract Law of Member States, which leaves me with the question whether the adjudication of this case may not in itself run against the allocation of competences in private law matters that seem to have a weak connection with the internal market (mainly, concerning art 114 TFEU). Definitely, a case to follow with interest and area where some well-meditated research seems required.