It is easy to attribute catastrophic outcomes and insidious, unintended side effects to failures of governance. Or, more often, to a lack of governance. In practice, however, all organizations are governed, either formally or informally. Formal governance involves discretely defined accountability and expectations encoded in principles, policies, and processes. Informally—and more influentially—organizations are governed by the behaviors and norms modeled and rewarded by their leadership and peers.
Why is this important? Simply put, ethical organizations have governance, and so do unethical organizations. It is not the presence of governance that makes an organization ethical or responsible. Rather, a company’s ethos shapes its governance.
You may or may not agree that early AI missteps were inevitable or, to an extent, unavoidable. You may attribute such errors to genuine naivety, willful ignorance, a lack of due diligence, maladjusted business priorities, or a general failure of imagination. Regardless, the evidence is in. Harm has been incurred. The very real implications and potential limitations of these technologies are now well-understood.
So, what differentiates an organization that will use these technologies ethically and responsibly (however you define those terms) from those that will not? It is the extent to which the objectives under governance reflect the virtues being trumpeted: societal, environmental, or other.
The Role of Governance
Governance enforces established culture and norms. Governance can also promote a desired culture and norms. But governance, in and of itself, won’t enforce a specific stance without desired outcomes being explicitly identified. To that end, an organization’s ethics informs the form and function of its governing structure.
Stated another way, governance may not engender an ethical or responsible bent, but an ethical bent can engender good governance. Ultimately, it comes down to intention. When expanding beyond historical boundaries, are your objectives clear? Do you explicitly promote the attributes the organization trumpets as philosophical priorities? Do emergent considerations have equal weight with established business metrics? When rights-based concerns or potential harms are identified, do you move to mitigate or avoid? Which outcomes, benefits, or risks are given weight? Are stated principles and enabling practices reflective of how executives and others are rewarded? To what are the organization and its members held accountable?
The Power of Governance
The pace at which an organization moves to adopt new perspectives and codify new expectations into its culture and norms can be bolstered or stifled by its approach to governance. But the mandate for change comes from outside the governance framework—as does the foundational expectation that members will actively pursue new knowledge and avenues to bolster existing governance frameworks. Such norms can be empowered by governance and decision-making practices that support discourse and continuous improvement. But, here again, it’s culture that leads to responsive, adaptive governance, which in turn amplifies the culture. It’s a virtuous cycle when done well. Just don’t expect governance by its very existence to set the initial tone.
This is particularly important as policy and law lag the implementation of rapidly evolving technologies such as AI. Too often, formal strictures come about only after wrongdoing or harm has occurred, and frequently at a scale or impact that cannot be ignored. And, in many cases, what passes as doing the right thing (i.e., being ethical) is in fact couched as “not doing wrong” (i.e., legal and regulatory compliance).
On a practical note, an algorithm’s world view is defined entirely by the data to which it is exposed. In the same way, an entity’s governance purview is intrinsically shaped by the ethics and norms the organization espouses. It is often easier to extend, rather than reinvent, existing structures. Leveraging existing governance mechanisms from risk management processes to bioethics standards is to be encouraged. When expanding to new domains, incumbent processes may be sufficient. Incumbent objectives, metrics, and corresponding standards very likely are not.