Rules as Code: Digital Rulemaking in the 21st Century

Written by Lauren Anne Parnaby and Lyria Bennett Moses

The complexity of modern legislation, mirroring the complexity of society more broadly, creates challenges for both compliance and regulation. Compounded by rapid advancements in computing and automation, finite resources and widening inequalities, transitioning to the digital paradigm of the 21st century requires a reimagining of doing government. Our rulemaking process, designed for an archaic paper world, is fraught with ‘translation gaps’ between the laws as enacted and the policies as implemented. [1] Policy needs to be rapid, iterative and responsive in a measured way so that effective change is enacted as soon as change is required. From policy development to operational implementation, the policy cycle should be better with the capacity to model and test the outcomes of legislative responses with greater accuracy prior to enactment. The Future of Law: Rules as Code panel, jointly hosted by Australian Society for Computers & Law and UNSW’s Allens Hub for Technology, Law and Innovation, explored ‘rules as code’ (‘RaC’)— the process of simultaneously drafting legal rules in code and human languages, as a part of a broader digital transformation of Government and as a technical solution that services policy gaps fatal to Government’s proper functioning. The panel is available HERE; this short article reflects some of the possible benefits of RaC considered and is in no way intended to be comprehensive.[2] The issues and associated problems of RaC have also been explored elsewhere. [3]

RaC introduced.

There is nothing new in rules being codified, rather, as a progression of half a century of research into legal informatics, RaC offers the potentiality of what is possible when taking a digital first approach to doing government. RaC envisions an infrastructural transformation of the institutions from which our rules emanate, so that the design of government supports digital processes and is made fit for purpose in the 21st century digital paradigm.

Rather than a product, RaC is a collaborative process wherein rules, including legislation and regulations, are co-drafted in a way capable of conceptual abstraction into a language understandable by humans and assessable by machines (ie computer code). As the two versions are isomorphic, meaning that they are of legal equivalence when the relevant interpretive rules are applied to each text, [4] the coded rule can be used to test the human language version for correctness, at the same time identifying inconsistencies and other operational flaws. Further testing of input variables can be run, allowing rule-makers to map policy outcomes with greater accuracy before a rule is enacted and becomes law. Once rules are enacted by Parliament, the code is immediately available for use as an implementation reference tool distributed through an API, allowing for consistent application across a shared network and at scale. To support transparent and integrous decision-making, publicly available ledgers record the stepped execution of the code, which serves as an accountability mechanism to monitor decision-making and simultaneously promotes access to justice by making the operative law publicly available and the decision-making process itself knowable and thus appealable. Any further amendments can be tested in the same manner outlined above, avoiding the layered patchwork that is typical of amending or changing legislation. The structural agility of RaC means that any changes to the law are instantaneously reflected in the code and made operative at the implementation level.

Not all rules are inherently suited to being represented by code— rather, it is prescriptive rules, with inputs capable of exacting ‘if not this, then that’ outcomes, that are compatible. Most RaC projects, however, can be written to accommodate judgment-based decisions represented as ‘black spots’ that signify where a rule should be performed by a human decisionmaker, such as determinations that are discretionary or principled based. Using RaC methods in policy development potentiates a shift in government from reactive to proactive. This is because policy development, while intended to be performed in a cycle, in practice follows a linear and sequential process, with distinct and separate stages.[5] Although policy development and drafting does occur in tandem, it is often with unworkable time constraints; and, in the complex landscape of legal rules, errors are often undetectable. With the benefit of a technical reference tool that immediately evaluates the operational mechanics of a rule, a start-to-end RaC project can enhance the quality of written law using rigorous diagnostic testing to iteratively improve the rule. In this way, RaC offers a proactive solution that both refines the law as written and delineates policy development to accord with implementation.

Translating existing legislation into machine-consumable code has been the primary focus of RaC projects to date.[6] At the time of writing, no project has produced a scalable RaC beginning to end—from co-drafting policy to implementation. Indeed, this is partly due to the need to develop a structured language that is transparent and isomorphic with human language.[7] Regardless, historical projects yield significant benefits. For example, through the use of a technical implementation reference tool, test cases in New Zealand revealed manifest inconsistencies between certain laws as enacted and the policy as implemented. [8] In the context of regulatory compliance regimes, the distribution and integration of rules into existing systems has further benefited economic and operational efficiency by eliminating unnecessary and costly duplications that problematise consistent enforcement.

Using RaC to Transform Service Delivery

The continuum gap that arises when policy development is siloed from its operational implementation is costly, inefficient and ineffective.[9] Delivery of government services in the Australian context consists of a diffuse and complex hierarchy of relationships between public and private organisations and their clients. Layered with various statutory and policies frameworks that need to be interpreted and applied concurrently, the pathway to implementation is a labyrinth of inexact guesswork.

Interpretation happens ex-fact, translated into Policy Guidelines or hardcoded into agency systems. If a ruleset is coded as a tool for system integration, it is often non-legal experts (such as platform developers) that are tasked with translation. On other occasions, government departments draft discursive policy guidelines that are used and applied as manuals by public servants administering that policy on the ground. Translation errors are more likely when the act of translation is duplicated at each stage of policy implementation. Yet, despite the law’s formal status, it is the operative policy that is authoritative in the first instance. Without a delineation between the law and implemented policy, the origins of any identified errors or non-conformities are masked by a black-boxed analogue system and unclear. In the context of welfare entitlements, if an overpayment is identified in the system it is the welfare recipient who must prove their entitlement through extensive documentation and who must bear the burden of repaying any debt. Further transparency and traceability issues arise when a policy decision is implemented incorrectly and the source of the error remains unknown. This was the case with Melbourne’s COVID-19 Hotel Quarantine Program. An issue arose when contracted security guards employed at quarantine hotels were deemed responsible for a community outbreak, sparking a government inquiry that found significant gaps in tiered decision-making when the decision to employ third party contractors could not be traced to any authorised decision-maker.[10]

It seems paradoxical that at the same time as the Government perfects the mode of regulating others, there is little means of satisfactorily regulating the Government. To make Government accountable for its processes, a policy stream must be traceable back to its development. Information provenance is a RaC feature employed by software developers as a mechanism to trace and verify a rule’s origins. By including the rules history into the source code, at the same time as making the policy process public the who, when and why behind the stream of decision-making is ascertainable. Drafting an interoperable machine version that is legally identical to the authoritative law and distributed across the policy network maintains a direct line of sight between policy development and implementation; while testing of the code for policy outcomes prior to enactment, reflected on a publicly accessible recorded ledger, compels responsible rulemaking and more effectively monitors and traces a policy.

What is Required for Scaled RaC Adoption?

Concurrent drafting of rules is the starting point for any viable adoption of RaC at scale. Research conducted by CSRIO’s Data61 found that prescriptive rules within some legislative regimes are excessively complex, making post-fact translation slow and cumbersome, if not impossible.[11] For scaled use, a RaC platform requires common standards and needs to be accessible to and useable by experts and non-experts alike. A French platform, OpenFisca, has been long deemed the preferred system for RaC projects yet requires high level computer programming knowledge that cannot and should not be a prerequisite to understanding legal rights and obligations in an open democracy.[12] Nevertheless, a useable platform could take the form of a low code tool that can then be integrated into a RaC system like OpenFisca. Significantly, RaC describes the technical processes of a much larger project for ensuring governance and government are suitable in the 21st century digital economy and society. To ensure a rulemaking system that is as functional and fair as it claims to be, trust infrastructure needs to be built into the technical processes themselves. Given public distrust of AI conflated technologies, for RaC to achieve political and social acceptance the building of trust infrastructure must also support and preserve (if not improve) equivalent public law checks and balances. Critically, to avoid existing problems being amplified, development of the four dimensions of trust infrastructure identified (rules, data, ledgers and records and human-centric measurements of success)[13] must occur in tandem. The first three are technically possible through RaC features of interoperability, effective ledgers, and semantic and syntactic traceability back to source codes. To affect the fourth dimension and cause an ideological shift to human-centric measurements of success, however, requires dedicated and systematic coordination of government, its departments and agencies.

Looking Ahead

To forge a transformation of government to align with the 21st Century digital paradigm, leadership and management must support, enable and empower the human capital presently existing. To connect government actors, multidisciplinary practitioners and other interested persons, Code for Australia in partnership with La Trobe University and Australian Society for Computers and Law have established a Community of Practice to collectively explore further applications of RaC for public benefit and develop the next phase of RaC maturation with the aim of promoting government capabilities in the emergent digital age.[14] Rather than developing RaC in isolation, RaC offers a unique opportunity to transform rulemaking processes so that, foremost, rules and the government delivering those rules are better and are capable of functioning in the digital future.

[1] James Mohun and Alex Roberts, ‘Cracking the code: Rulemaking for humans and machines’ (Working Paper No 42, OECD, 12 October 2020) 31.

[2] For an instructive technical summary of rules as code projects to date, see ‘RaC Handbook’ (Wiki) <https://github.com/Rules-as-Code-League/RaC-Handbook/wiki>.

[3] See Lyria Bennett Moses, Janina Boughey and Lisa Burton Crawford, 'Laws for Machines and Machine-made Laws' in Janina Boughey and Katie Miller (eds) The Automated State: Implications, Challenges and Opportunities for Public Law (Federation Press, 2021 forthcoming); Matthew Waddington, ‘Machine-Consumable Legislation: A Legislative Drafter’s Perspective – Human v Artificial Intelligence’ [2019] (2) The Loophole 21. See also Frank Pasquale, ‘A Rule of Persons, Not Machines: The Limits of Legal Automation’ (2019) 87(1) The George Washington Law Review 1; Mohun and Roberts (n 3).

[4] See Adrian Kelly, ‘A Computer Language Model for Digitising New Zealand Statute Law’ [2020] (1) The Loophole 2, 11.

[5] Mohan and Roberts (n 3) 29-30.

[6] “Machine-consumable” here means legal rules that are drafted in a code or code-like form that computers can understand, interact with and action without need of further human intervention. This definition follows that of other researchers and acknowledges that a precise definition is not universally agreed upon.

[7] See Kelly (n 6).

[8] See NZ Government, ‘Better Rules for Government Discovery Report’ (March 2018) <https://www.digital.govt.nz/dmsdocument/95-better-rules-for-government-discovery-report/html>.

[9] Mohan and Roberts (n 3) 30.

[10] Royal Commission into the Covid-19 Hotel Quarantine Inquiry (Final Report, December 2020).

[11] See generally ‘Regulation as a Platform’, CSIRO Data61 (Web Page) <https://data61.csiro.au/en/Our-Research/Our-Work/Future-Cities/Optimising-service-delivery/RaaP#:~:text=Regulation%20as%20a%20Platform%20is,their%20rules%20into%20digital%20logic>.

[12] OpenFisca (Web Page) <https://openfisca.org/en/>.

[13] For an example of human-centred measurements, see New Zealand Treasury ‘Living Standards Framework’ New Zealand Government (Web Page) <https://lsfdashboard.treasury.govt.nz/wellbeing/>.

[14] See Code for Australia (Forum) <https://community.codeforaustralia.org/>.

[15] For an example of human-centred measurements, see New Zealand Treasury ‘Living Standards Framework’ New Zealand Government (Web Page) <https://lsfdashboard.treasury.govt.nz/wellbeing/>.

[16] See Code for Australia (Forum) <https://community.codeforaustralia.org/>.