Research | Journal Articles

The turn to data-driven approaches within public administration to inform (and even to automate) public sector decision-making can be understood as an emerging movement that I call the ‘New Public Analytics’ (‘NPA’). Central to the New Public Analytics is the use of data analytics a form of computational analysis that has its theoretical foundations in data science and statistics, involving the application of software algorithms (including but not limited to machine learning algorithms) to large data sets in order to identify patterns and correlations in the data capable of generating ‘actionable’ insight. The lecture will explore, amongst other things, the problematic and potentially dangerous pathologies of NPA, underpinning the need for lawyers to critically scrutinise these developments in order to identify ways in which law can be harnessed to ensure that adequate public accountability for NPA techniques is ensured.

This paper offers a critical synthesis of the articles in this Special Issue with a view to assessing the concept of “algorithmic regulation” as a mode of social coordination and control articulated by Yeung in 2017. We highlight significant changes in public debate about the role of algorithms in society occurring in the last five years. We also highlight prominent themes that emerge from the contributions, illuminating what is distinctive about the concept of algorithmic regulation, reflecting upon some of its strengths, limitations, and its relationship with the broader research field. In closing, we argue that the core concept is valuable and maturing. It has evolved into an analytical bridge that fosters cross-disciplinary development and analysis in ways that enrich its early “skeletal” form, thereby enabling careful and context-sensitive analysis of algorithmic regulation in concrete settings while facilitating critical reflection concerning the legitimacy of existing and proposed regulatory regimes.

This article critically examines fundamental aspects of the recently reformed European regime for protection of personal data, focusing on the General Data Protection Regulation (GDPR) adopted by the European Union (EU) in 2016. Although the GDPR is now a central concern for many organizations across multiple sectors, many complain that it is arcane, confusing, and complex. By combining knowledge from two disciplinary perspectives – from regulatory governance scholarship, on the one hand, with legal scholarship from the fields of data protection law, constitutional law, and fundamental rights, on the other hand – this article seeks to “demystify” the key elements of the regime’s architecture and approach in light of the significant uncertainties concerning the nature of its requirements. In particular, this article examines the tension between the regime’s pronounced “risk-based” approach to compliance and its basic objective of safeguarding fundamental rights, and the challenges facing data protection authorities in providing timely clarifications of the regime’s norms. We argue that, despite its complex and arcane character and continuing uncertainty about the precise scope of its requirements, the regime is an innovative hybrid with a significant degree of in-built “future-proofing” that should help render it more resistant to being rapidly overtaken or outpaced by organizational–technological developments. The secondary aim of this article is to demonstrate how academic insights from two distinct but related disciplinary perspectives – legal scholarship and regulatory governance studies – offer a potentially fruitful approach to enrich understandings of the European data protection regime in particular, and of the mechanics, efficacy, and legitimacy of regulatory governance regimes more generally.

The emergent power of big data analytics makes it possible to replace impersonal general legal rules with personalised, particular norms. We consider arguments that such a move would be generally beneficial, replacing crude, general laws with more efficiently targeted ways of meeting public policy goals and satisfying personal preferences. Those proposals pose a radical, new challenge to the rule of law. Data-driven legal personalisation offers some benefits that are worth pursuing, but we argue that the benefits can only legitimately be pursued where doing so is consistent with the agency that the state ought to accord to individuals, and with the agency that the state ought to accord to itself. These two principles –the principle of private agency and the principle of public agency– are prerequisites for the rule of law. Each is incompatible with unrestrained computational personalisation of law.

Background:
Academic literature highlights blockchain’s potential to transform health care, particularly by seamlessly and securely integrating existing data silos while enabling patients to exercise automated, fine-grained control over access to their electronic health records. However, no serious scholarly attempt has been made to assess how these technologies have in fact been applied to real-world health care contexts.

Objective:
The primary aim of this paper is to assess whether blockchain’s theoretical potential to deliver transformative benefits to health care is likely to become a reality by undertaking a critical investigation of the health care sector’s actual experience of blockchain technologies to date.

Methods:
This mixed methods study entailed a series of iterative, in-depth, theoretically oriented, desk-based investigations and 2 focus group investigations. It builds on the findings of a companion research study documenting real-world engagement with blockchain technologies in health care. Data were sourced from academic and gray literature from multiple disciplinary perspectives concerned with the configuration, design, and functionality of blockchain technologies. The analysis proceeded in 3 stages. First, it undertook a qualitative investigation of observed patterns of blockchain for health care engagement to identify the application domains, data-sharing problems, and the challenges encountered to date. Second, it critically compared these experiences with claims about blockchain’s potential benefits in health care. Third, it developed a theoretical account of challenges that arise in implementing blockchain in health care contexts, thus providing a firmer foundation for appraising its future prospects in health care.

Results:
Health care organizations have actively experimented with blockchain technologies since 2016 and have demonstrated proof of concept for several applications (use cases) primarily concerned with administrative data and to facilitate medical research by enabling algorithmic models to be trained on multiple disparately located sets of patient data in a secure, privacy-preserving manner. However, blockchain technology is yet to be implemented at scale in health care, remaining largely in its infancy. These early experiences have demonstrated blockchain’s potential to generate meaningful value to health care by facilitating data sharing between organizations in circumstances where computational trust can overcome a lack of social trust that might otherwise prevent valuable cooperation. Although there are genuine prospects of using blockchain to bring about positive transformations in health care, the successful development of blockchain for health care applications faces a number of very significant, multidimensional, and highly complex challenges. Early experience suggests that blockchain is unlikely to rapidly and radically revolutionize health care.

Conclusions:
The successful development of blockchain for health care applications faces numerous significant, multidimensional, and complex challenges that will not be easily overcome, suggesting that blockchain technologies are unlikely to revolutionize health care in the near future.