Understanding algorithms
The Netherlands Court of Audit has investigated the Dutch government’s use of algorithms. The government, like private companies, is making increasing use of algorithms to automate its work, solve problems and make forecasts. The responsible development of more complex automated uses requires better scrutiny than ministers currently exercise and better quality control, the audit found. The Court of Audit has developed an audit framework for this. The framework also considers ethical aspects of algorithms. The Court of Audit recommends that more account should be taken of questions from concerned citizens about the use of algorithms.
An algorithm is a set of rules and instructions that a computer follows to combine and analyse large volumes of data. The audit, Understanding algorithms, sheds light on the opportunities, threats and myths of algorithms.
Mostly simple algorithms at present
The use of algorithms has consequences for citizens and businesses. Most of the algorithms currently in use are relatively simple and are used to perform operational management processes or provide services, such as the automated sending of letters and the initial selection of benefit applications. Some of the algorithms used by central government, however, are more innovative and use artificial intelligence. On request, ministries and implementing organisations such as the Employee Insurance Agency and the Social Insurance Bank provided many dozens of algorithms for our audit. The Court did not find any fully self-learning algorithms (ones that implement policy without human intervention).
Audit framework for algorithms
As part of the audit we developed an audit framework with input from experts inside and outside central government to assess the quality and responsible use of algorithms in practice. The Court of Audit invites the government to use this audit framework as a platform for the development of new algorithms.
The framework assesses an algorithm on the following aspects: governance and accountability, model and data, privacy, quality of IT General Controls (ITGC, such as access and back-up controls), and ethics. The ethical aspect is concerned with the human dimension of algorithms. The purpose of the assessment is to detect potential weaknesses in the use of algorithms. The audit framework is presented in the report and is available digitally at https://www.rekenkamer.nl/algoritmes-toetsingskader (in Dutch).
Audit conclusions
The Court of Audit found that government interests are central to algorithms, not private citizens’ interests. The government recognises the importance of privacy but takes little account of ethical aspects. Citizens must be able to understand the use and operation of algorithms. They must also know where they can ask questions and lodge objections. Serious attention must be paid to public concerns and doubts about algorithms. The clarity and uniformity of the terminology used for algorithms is still inadequate. Algorithms are not without risk. Incorrect or biased use of a database can have a discriminatory impact.
The government’s use of algorithms can become dependent on external suppliers (proprietary rights, personal data processing). The government must ensure that data security is adequate to prevent sabotage, espionage and criminality and that the algorithms are managed and maintained correctly.
The algorithms we audited could be analysed: the algorithms were not black boxes.
What are our recommendations?
The Court of Audit makes several recommendations. It recommends that the government publish clear consistent definitions for algorithms and concrete quality requirements for algorithms. This is now inadequately regulated. Agreements on the use of algorithms should be documented. And continuous monitoring is necessary. Citizens must understand how algorithms are used and know where they can ask questions. This deserves serious attention. We call on the government to translate the audit framework into practical quality requirements.
What methods did we use in our audit?
We asked all ministries to provide kinds of algorithms, which we then analysed. We held interviews with officials concerned and studied documents. With the aid of the audit framework we developed, we analysed 3 algorithms in detail.
Why did we audit algorithms?
Owing to the government’s increasing use of algorithms, they are becoming a more important part of operational management in government services. This development is expected to continue in the years ahead.
Current status
The State Secretary for the Interior and Kingdom Relations responded to our recommendations and points for improvement in his capacity as the person responsible for coordinating IT management. In its afterword, the Court stated that officials in virtually all ministries had a considerable need for greater uniformity in the terminology, quality guidelines and quality standards used.
The audit and the state secretary’s response was forwarded to parliament and published on our website on 26 January 2021. We are hosting a digital congress on this theme for government and business officials on 28 January 2021.