This guest editorial was written for the ANZSOG/National Regulators Community of practice monthly newsletter, highlighting new additions to the Regulation Policy and Practice collection on APO. The RP&P collection brings together a range of practical resources from national, local and state/territory governments, regulatory agencies and external institutions conducting monitoring, inquiries and reviews. You can receive this newsletter by joining the ANZSOG/National Regulators Community of Practice (membership is free) or subscribe to the newsletter directly.
Cassandra Meagher is the executive director service reform at Service Victoria, the Victorian Government’s dedicated customer service agency, which is leading the transformation of the way Victorians engage and interact with government She heads up a multi-disciplinary team with responsibility for service reform, policy, regulation, stakeholder engagement and product. In this article she explores the potential benefits and pitfalls of technology for improving regulation.
Technology is a vital ally for regulators. It can improve the user experience for citizens, reduce costs by automating processes, improve compliance by streamlining routine tasks, and allow access to services around the clock. But it can also be expensive if not executed well.
In the post-COVID world, digital transformation will play a key part in supporting their citizens’ needs and leading economic recoveries. Technologies will assist in creating new processes or modifying existing ones to meet business needs. The recovery period will offer a unique opportunity for regulators to review the digital transformation activities they implemented to support operations during the pandemic, and consider what should continue, what was misaligned and what opportunities are available.
These four steps that draw on research and experience are a useful start for any regulator attempting digital transformation.
1. Understand your objective
It is important to have clarity of purpose and understand:
What are trying to achieve?
What harm are you trying to prevent?
Who are you regulating and why?
A useful guide is Professor Malcolm Sparrow’s harm identification approach.
2. Adopt design thinking as part of regulatory design
Design thinking has evolved as a discipline. Often suited to customer-facing services, it can also be applied to the regulatory experience to help customers and businesses comply. A human-centred design approach puts the experience of the customer first.
Who are you trying to regulate?
What are their needs and requirements?
Many government agencies have begun adopting human-centred design in their approach. The New Zealand Government is a good reference point with case studies, blogs and tools on adopting these techniques within government.
3. Consider benefits for the regulator and the customer
There is a spectrum of digitisation. At the simpler end is a form that can be printed from a website. At the more complex end are end-to-end fully digital transactions incorporating compliance and enforcement capabilities. Choosing the right point on the spectrum is important.
The digitisation of the Victorian kangaroo harvesting program illustrates the benefits for the regulator, the regulated (harvester) and the customer (land holder).
Case study: Kangaroo harvesting in Victoria
In 2019, the Victorian Government introduced a harvesting program to sustainably manage kangaroo numbers in Victoria.
The environmental regulator (Department of Environment, Land, Water and Planning) sets quotas across six regions, which are then allocated and managed by the Game Management Authority (GMA).
Service Victoria worked with the GMA and Department of Jobs, Precincts and Regions to design, build and implement the system over two months.
Kangaroo harvesters digitally apply for registration and quotas. The GMA reviews harvester applications and based on the information provided has the discretion to decide whether they are registered.
Landholders digitally request kangaroos to be harvested on their land. Tags allocated to harvesters are then attached to the harvested kangaroos and geolocation is used to track in real time that the right number of kangaroos have been harvested in the right locations. The meat processors only accept kangaroos for processing with the correct tags.
Kangaroo harvesters were involved in the design of the system.
4. Adopt privacy and security by design approach: Minimising data holdings and keeping information safe
Privacy by design is a process of embedding good privacy practices into the design and architecture of new systems and processes, technologies, business practices and physical infrastructures.
By implementing privacy by design, the risk of being vulnerable to cyber-attacks is minimised. The Victorian Privacy Commissioner recently warned of this issue in relation to new Commonwealth laws on data retention. The COVIDSafe app is another example of a service design and promise to keep people’s data safe by only using information collected for a specific purpose.
Consider the following:
Going digital introduces new privacy and security risks. For example, in the UK, the Financial Control Authority accidentally released information about the people complaining about them.
Security by design can mitigate these risks by designing safeguards before you create or change a system or approach. Consider:
What information do you have and where will you keep it?
How accessible and secure is the data?
Every jurisdiction has regulatory standards for protecting information. A good place to start is getting guidance from your Commonwealth, state or territory regulator.