How to Build Effective Digital Public Infrastructures

David Porteous • November 2, 2022

Stay up-to-date on trends shaping the future of governance.


Reducing the Risk of Ineffective Digital Public Infrastructures

There are many risks associated with the rollout of Digital Public Infrastructures (DPIs). They can open the backdoor for governments to surveil and control their citizens. They can even fall into the hands of malicious actors and be used against the people they were designed to serve. Understandably, in the growing movement propagating DPIs, many people wish to reduce risks like these. However, in my view, a risk with less severity but perhaps higher probability is that many DPIs are simply not effective–meaning that they fail to fulfill the purpose set out by their creators or funders. As a result, they may become expensive ‘white elephant’ projects, like their counterparts in the world of physical infrastructure: “bridges to nowhere” or roads and dams built without real consideration of their use, but which are expensive to maintain. A world full of ‘white elephant’ DPIs may not seem as dark as other digital dystopias, but if the DPIs are indeed that important, the absence of well functioning DPIs carries costs. Of course, effective DPIs do not guarantee utopia either; but having more effective DPIs which achieve their purpose seems like a reasonable and attainable goal.


Governance challenges for DPIs


To achieve this goal, the question then becomes: how best to design, build and operate effective DPIs? I am convinced that a large part of the answer is by building sound governance structures which take into account both the specific and generic challenges faced by new DPIs. 


First, the specific challenges of DPIs. The envisaged large scale of deployment of most DPIs leads to heightened degrees of caution and oversight from the start in ways which typically do not constrain private startups. At the same time, DPIs often need the nimbleness to compete for take up against indirect competitors at least–for example, instant retail payment systems are a fast-growing category of DPI which rely on customers choosing to use them, rather than other available means of payment. In addition, many DPIs are built and managed as public-private partnerships. The ‘partnerships’ may take different forms: from build-own-operate contracts to service agreements; or indeed, using software provided by private open-source foundations.  This aspect adds an additional layer of complexity on top of standard corporate governance. 


Unified Payments Institute


Underlying these distinctive challenges are more generic challenges. New DPIs are in many respects more like private tech startups facing similar challenges of achieving ‘product-solution-fit’ and then managing scaleup. These types of challenges need also to be recognized in designing DPI governance arrangements because DPIs are not ‘born adult’: they often have to walk a long path before they can achieve and also handle significant scale of usage. The design of DPI governance must recognize not only this need for evolution but also support it. This recognition carries several implications. One is that governing early-stage companies requires different skills and experience sets from governing mature entities: in fact, our research among funders and founders of tech companies suggests that it can be counterproductive to appoint non-executive directors with experience in large, established public companies to the boards of startups. Instead, people who may have less board experience but who understand startup challenges may be more valuable to support a startup to the next stage. So too, then, with DPIs: a board weighted towards too much formality from the start may bog down the agility required in the early stages.




Informal Startup Meeting


Balancing agility with accountability

Of course, too little formality may carry costs too. In a previous Integral article, I have described the situation which developed at the Open Banking Implementation Entity (OBIE), the operator of the open banking infrastructure in the UK. The OBIE was established as a company under a regulatory order which required major British banks to fund its establishment and to participate in it. In line with startup logic, the OBIE operated under a lean governance structure with a dominant single independent Trustee on its small board. Five years after its establishment, an independent investigation in response to whistleblower complaints found that the OBIE had been effective in its core task of promoting open banking, yet had failed in some basic elements of corporate governance relating to its treatment of staff and contractors; and failure to remedy what was described as a ‘toxic working culture’. So, a delicate balancing act is required to achieve success without ‘breaking things’; and maintaining this balance is the core task of governance. 


Two forms of DPI governance


In the case of many DPIs, as indeed with the OBIE, there will usually be two forms of governance:


  • External governance from a regulatory authority which oversees and may license a DPI: this may include powers to appoint directors and to intervene in defined circumstances; these powers may derive from a general regulation or from a specific order issued under general authority, as in the case of OBIE.


  • Internal governance which takes the form of a decision making body established directly to oversee the work of the DPI; this body may take the form of a board of directors if the entity is a company, in which case the nature of governance is shaped not only by domestic corporate law but also by codes and guidance which pertain to corporate directors. These codes are typically designed to apply to public companies, usually meaning those listed on a stock exchange. While most DPIs are unlikely ever to list equity, they nonetheless function as public companies in terms of the levels of scrutiny and accountability expected of them. While small and unlisted, OBIE faced expectations that conventional norms and standards would apply to its activities. 

Examples of blending both with payment systems


These two complementary forms of governance need to be carefully blended to provide the right mix for DPI success. To see how to do this, we can draw some insights from the world of payment systems. Payment systems are one of the earliest categories of DPI, dating back thirty or forty years in many places. Following the Covid pandemic, usage has soared in many places and new systems have been established. Payment systems vary in their ownership–many are privately owned or controlled by their participating members even though they may operate as not-for-profit companies, while some are owned and operated by central banks. 


A recent World Bank research paper has looked in detail at the Governance of Retail Payment Systems. Several aspects stand out. First, most countries now have an external regulatory framework which gives oversight powers to a payment system supervisor, usually the central bank. The external oversight usually includes some consideration not only of risks, as is common in financial sector regulation, but also of the efficiency and effectiveness of the national payment system as a whole. However, many payment systems also have internal governance through board of directors; and the ways those boards are appointed and function has an important influence on their effectiveness. More successful payment systems have been able to build the agility to evolve over time, while ossified governance arrangements tends to lead to stagnation or even decline. 


Payment system governance recognizes the key principle of proportionality: that is, that the intensity and scope of governance should be in proportion to the risks which it seeks to ameliorate. Proportionality is recognized even in international standards for payment systems: the Principles for Financial Market Infrastructures (PFMI) set by the international payments standard setting body housed at the BIS, defines standards for systemically important payment systems. Non-systemically important payment systems may fall into other categories, such as prominent retail payment systems which are widely used for low value transactions and ‘other’ systems. In the latter case, the need for external oversight may be quite limited as long as the internal governance is strong. 



Application to DPIs


For the wider world of DPIs, the experiences of payment systems provide a few pointers to success: first, a blend of external and internal governance is required; second, proportionality must apply to both forms of governance; and third, some DPIs may be so significant that the equivalent of international standards like PFMI should apply to their governance and operations. Of course there is not yet a standard setting body for DPI in general equivalent to CPMI for payments. Finally, fourth, the mixed successes of new payment systems highlighted in a recent study of instant payment systems in twelve countries raise a range of internal governance questions and considerations. Establishing sound and evolving internal governance requires intentional effort. While there are many places offering training focused on corporate directors in public companies, where are the forms of training optimized for the specific challenges of DPIs highlighted earlier, such as their public-private nature?


Finally, even in its quite evolved form in payments systems, external governance has its limits. For one thing, it is often more focused on risks than on opportunities since the nature of financial regulators is to consider risk. Even internal governance can easily become preoccupied with risks, leading to the loss of the agility required to identify and take advantage of opportunities. To balance the consideration of risks and opportunities, DPIs need to keep up a focus on achieving their purpose, which involves both.

 

A role for Public Protectors of DPI


Especially if there is no sectoral regulator in place or if that regulator lacks capacity, then defining the role of a public protector of DPI may help. William Frater and I have previously proposed that a public protector role be identified for important DPIs. This role would be played by an individual with the necessary skills and experience, and may be implemented through the contractual arrangements of setting up a DPI without having to wait for new regulation. The protector, funded by a specific budget provided by the DPI, would be independent of internal governance. It would have the powers to investigate, and if a DPI is failing to achieve its stated public purpose, it could make recommendations to external governance or intervene directly in internal governance. To be clear, this role would not usurp the role of specific sectoral regulators, such as Data Commissioners or indeed payment system regulators. But for designated classes of DPI, it could help to improve the likelihood of DPI effectiveness by creating an empowered point of accountability focused on the question of purpose and effectiveness. 


Think of DPI Protectors as game wardens, if you like, whose job is to ensure more working elephants than white elephants in the world of DPI. And of course, Protectors would also have powers to deal with ‘rogue elephants’ when they arise in dystopian scenarios of rampant abuse of privacy or other citizen rights.



At Integral, we provide ESG Consulting advice, evaluation, facilitation, mentoring and coaching services to develop governance systems that fit your organization’s purpose and stage of growth. To explore further how we can help you, read about our services, or set up a free consultation.

S H A R E

Four Characteristics of Purpose-Driven Companies

By David Porteous June 29, 2023
Framing the purpose of a company as beyond making profits for shareholders alone is age-old, but the move to state corporate purpose explicitly is newer. Stating purpose is part of a deeper transformation of a growing number of companies–from being product-driven to becoming purpose-driven.

Data Governance and DPI: what’s the link?

By David Porteous May 25, 2023
Data governance is now a well-established domain of knowledge systemizing the rules on how data flows over a data life cycle within organizations. In essence, the DPI approach is all about managing digital data in a safe, effective and principled way for public good. Therefore the governance of DPI is essentially the same as data governance, right? Wrong. The relationship between data governance and governance of DPI can be likened to that between hygiene practices and a hospital. The hospital needs to have hygiene practices in place at a very exacting level to function effectively and safely; but a hospital is much more than its hygiene practices alone. A hospital has to serve patients, manage billing, procure supplies, operate secure buildings–all sorts of functions which are part of operating essential social infrastructure. Governing DPI is similarly complex. It is true that governing DPI will include governing data , and as I have sought to understand the older domain of data governance, I have been struck by some parallels for DPI. Here’s one: just as hygiene practices and protocols have evolved over the decades, so too has data governance. We can only hope that governance of DPI will also evolve from today’s rudimentary understanding. If you read recent books like “Disrupting Data Governance” by Laura Madsen (2019), several more echos emerge: “Data governance is one of the keys to effective data management, yet there’s a lack of shared definition”—I have been on record arguing that it is unnecessary, and maybe even futile, at this early stage to have too precise a definition of DPI, yet some boundaries are needed if DPI is to avoid this same judgment as data governance in twenty years’ time. “Data governance is about trust”—so too, ultimately, is DPI even when citizens are required to use one. “Balancing the forces of protection and promotion (of the use of data) will take some effort, each needs to be well defined and managed to avoid losing focus on their respective needs”—indeed, balancing these forces in the operation of a DPI is a critical function, maybe the critical function, of DPI governance. All those similarities should not conceal one big difference between these two fields: data governance is about the usage of data as a valuable asset within an organization , while DPI is all about supporting flows of valuable data across organizations . This is obvious for payment systems, but even digital ID systems exist to provide forms of secure authentication or verification to relying parties. Optimizing the interoperability of data for public purposes is at the heart of the DPI approach. DPI governance can therefore be framed as a form of ‘meta-data governance’, where the DPIs are themselves stewards of sorts of types of data within digital data ecosystems. That makes the task of DPI governance more challenging, but also potentially more interesting and rewarding. How long will it be before we have textbooks for DPIs with sub-titles like the standard Data Governance text by doyen John Ladley: “How to design, deploy and sustain an effective [data] governance program.” ? I hope we can accelerate the learning cycle with DPI.

Connecting Frameworks: Privacy by Design and Governance by Design for DPI

By David Porteous May 19, 2023
There is general agreement that good governance matters for Digital Public Infrastructure (DPI). There is much less agreement at this stage about what governance means in a DPI context. One way to explore building consensus is to explore whether existing widely accepted frameworks could be adapted to the DPI context. Since DPI at its heart is all about exchanging digital data for different purposes–from payment to identification– it seems appropriate to consider the original ‘by design’ framework which was developed for data privacy. This framework was built around the concept of Privacy by design. Since its first use in 1995, privacy commissioners and data protection authorities around the world have recognized privacy by design as an international standard which they intended to promote and incorporate in policy and law. It was originally articulated as seven principles which together signaled an intention to embed privacy considerations proactively throughout the data use cycle. While the privacy by design framework is agnostic about the organization handling the data, the operators of DPIs are types of institutions with a particular purpose which demands specific governance features. The comparison of data to DPI is somewhat akin to that between blood and the heart in the human body–blood, like data, is widely distributed but the heart is the ‘essential infrastructure’ responsible for pumping it. Privacy by design is about protecting the ‘blood chemistry’; governance by design for DPIs is about ensuring that the ‘heart’ functions well, including but not only protecting the unique blood chemistry. So, governance is really the means which connects to ends like this. With that contrast in mind, how well might the principles of privacy by design inform governance by design? The table below maps privacy by design principles in the first column to my suggestions of counterpart principles for governance of DPI in the second column. You will see that the majority of principles (those numbered 1,3,5 and 6) map across pretty easily to governance of DPI. This isn’t surprising, considering a concern for ways of using data is at the heart of both.

Navigating complexity through scenario thinking: imagining a future for DPI

By David Porteous May 4, 2023
“How can we stop going faster while our ability to see further ahead is decreasing?” In today’s world of fast-evolving digital technology, it can be challenging to make informed decisions in complex fields like Digital Public Infrastructure (DPI). With the increasing speed of change, this question posed by Peter Senge and his co-authors in their 2008 book, Presence , remains relevant. The question is applicable in any complex field in which information is limited and the interaction of feedback loops unknown. But DPI has complexity associated with fast-evolving digital technology compounded by public and private sector decisions about its deployment. No wonder the discussion surrounding DPI is filled with both optimistic expectations and valid concerns, from the potential to reduce inequality to the potential to enable dystopian surveillance and state control. The air of recent G20 meetings and World Bank spring meetings was saturated with claims about the promise of DPI and its perils. How then are we to make sensible decisions in the midst of this complexity? The most useful approach I’ve found for navigating complexity is scenario thinking. Scenario thinking is a disciplined approach to building plausible stories of potential futures (note the use of the plural, because there are always multiple paths to the future). A large part of distilling complexity down to more manageable levels is isolating the swing factors, or ‘key uncertainties’ in scenario language. The different possible outcomes of these will interweave to create rich stories, which, like good fiction, will likely have some unexpected twists and turns. These stories, or scenarios, are the backdrop against which to test how different choices may turn out. A robust strategy is one which yields the best outcomes across the widest range of scenarios but also identifies early warning indicators of major scenario shifts so that, where needed, the strategy can shift too. An important aspect of the scenario process is the way in which it helps participants build shared language and understanding, leading to new collaborations and actions to prevent unwanted outcomes. The scenario-building process has now been applied in thousands of cases at the level of country and company strategies around the world. In many, it has led to remarkable shifts in perspective. For example, the complexity of climate change has launched a whole new range of scenario tools which unpack the possible range of implications for public and private strategists to build into their risk disclosures. So how might scenario building apply to the nascent field of DPI? Here’s one way. As I have discussed in other posts, DPI lacks a single accepted definition right now. I point out in the white paper, “Is DPI a useful category or a shiny new distraction?”, that the absence of a single monolithic definition may even be a good thing in the early stages of a field, as witnessed with the older acronym ‘ESG’. However, definitional choices carry consequences. Scenarios could help to answer a driving question like: “Which definitional parameters of DPI will most affect its developmental outcomes?” Layering the different choices about what type of DPI, and therefore whether to promote or protect or regulate it, on top of the fundamental forces driving digital and societal change would be a complex exercise to do well, to be sure. But, I believe, one worth doing. Because as Peter Senge reminds us, reaching actionable clarity is a worthwhile goal–but to get there, you need first to walk through the pit of complexity. Scenarios offer a path through the pit.

Why Digital Infrastructure Needs Public-Private Partnerships: Lessons from Physical Infrastructure

By David Porteous April 20, 2023
In a recent Devex post, Achim Steiner, head of UNDP, and Amitabh Kant, India’s G20 Presidency sherpa, join the growing calls for more investment in DPI as a means of driving growth, reducing poverty and increasing resilience in the face of crises. However, with government budgets already stretched, where will the additional funding come from? While donor funding may help, it cannot fill the gap alone. The field of physical infrastructure offers another way for cash-strapped governments to fund infrastructure projects: public-private partnerships (PPPs). Governments have long used various methods to raise funding or move the risk of providing essential services to the private sector. However, the modern push for infrastructure PPPs gathered momentum in the 1990s as countries like the UK and Australia explored new ways of financing essential infrastructure. Multilateral financiers became major promoters of PPPs, offering technical assistance to governments through specialist agencies like PPIAF , and co-funding designed to entice private funding to defined PPP projects. They even documented their approach in a comprehensive PPP guide directed at governments, together with associated training and certification . Could a PPP-like approach work for digital infrastructure as well? In principle, the answer has to be yes. Like physical infrastructure, digital infrastructure involves an upfront design and build process and requires subsequent operation and maintenance. Private sector providers can play a combination of different roles in PPPs at different stages, but the key difference from a pure service contract is whether in fact the main private partner assumes significant financial risk. One of the big arguments in favor of PPPs was that having private partners assume risk was the best way of managing it, rather than simply passing it over to governments who were often ill equipped to do so. However, ensuring delivery as specified and without unfair exploitation of either party over a long period required a complex web of contracts. Both parties needed the capacity and willingness to work within clear and fair contractual frameworks. But when they did, the state had clear oversight and control of infrastructure without having to build and manage it. The state often assumed full ownership of the underlying asset after the PPP contract period ended. Even if states have the financial capacity, most are highly unlikely to be able to build their own digital infrastructure in-house. They will rely on technology partners for this, even if their role is to deploy and modify open source applications in a specific context. Even when a government agency chooses to maintain a DPI once built, it will likely rely at least in part on external service providers to support it. In other words, the digital services environment is already rife with complex contracting and inter-dependencies between contractors and clients. Taking an explicit PPP approach may not reduce complexity, but it may enable it to be addressed in a more explicit and effective manner. A final question for now: was “the juice (of setting up PPPs for physical infrastructure) worth the squeeze”, particularly with regards to the end outcomes for the state? After all, PPPs in some places have generated controversies over the manner of their procurement, failed standards of service delivery, or the high price of their services. But the alternative—direct government procurement and delivery—has hardly been immune from criticism either. In 2015, the Independent Evaluation Group at the World Bank published its judgment based on evidence from the sizable number of PPPs supported by the World Bank Group. It concluded: “PPPs are largely successful in achieving their development outcomes.” There is ground to believe that PPPs can be successful in delivering public services. While the visibility of PPPs has faded slightly in recent years, in part because of association with privatization as a politically unpopular approach in many places, the call for blended finance options has risen. PPPs of course offer just that: a structured way to blend different types of finance, including donor and concessional funding. With eyes wide open from the past 30 years of experience of PPPs, I believe there is therefore a case to consider explicitly the circumstances in which digital infrastructure PPPs may work best for delivery and operation. It won’t be all cases, maybe not even a majority. But it may well be enough to make a substantial difference in the delivery of essential digital services. Read the Devex Post: Why digital public infrastructure matters more than you think

Is DPI a useful category or a shiny new distraction? (Working Paper)

By David Porteous March 29, 2023
This paper explores the usefulness of the term Digital Public Infrastructure (DPI) as a new category descriptor. In order to reach any conclusion, I first reflect on whether there is yet sufficient clarity about its meaning. This question leads to an exploration of the space in which to locate the existing definitions of DPI; and then to the wider question of what is the appropriate combination of definitional openness and certainty at this early stage of the field’s development? The answer is linked to the purpose for which a definition is needed: such as championing a field or investing in it or regulating it. The relatively rapid take-off of the term DPI reflects in part deeply felt but diverse hopes and fears about the emerging digital future, such that reconciling all these will not be easy; DPI alone is no magical fix. However, it is possible to pursue an emergent definitional path which starts broad and over time, rules out certain options as evidence gathers. Definitional questions aside, there is already evidence of convergence in substance across different sectors that can make DPI a useful lens beyond the existing sectoral lenses alone. In addition, the DPI lens allows new questions to be asked, for example about whether the fragmented approach to regulatory architecture for data is adequate. The term DPI seems potentially useful therefore, but it will require some careful shepherding to avoid either the confinement of premature narrowness or the vacuousness of prolonged vagueness,

Could the FTX Failure Have Been Avoided?

By David Porteous March 7, 2023
Could the dramatic failure of FTX have been avoided? What went wrong, and how can startups avoid making the same mistakes? Here a few of my thoughts: FTX's spectacular implosion has provided yet another demonstration of the tech law of amplification: namely, technology takes what works well and scales it; but it takes what works badly, and scales that too. Many circles of venture capital operate with the idea that a concern for governance should come later on in the life of a company. According to this view, governance at the early stage is restrictive and bureaucratic, and therefore antithetical to the capacity to move fast. FTX scaled superfast on this premise. At least Mark Zuckerberg recognized in Facebook's early motto that this could lead to breaking things. In the case of FTX, those things total $8 billion in claims to potentially up to a million creditors, apart from collateral reputational damage to the crypto sector as a whole.

The Difference Between Power and Authority in Governance

By David Porteous February 24, 2023
 What can “Tank Man” teach us about governance? A few weeks back, I wrote about the distinction between authority and power, and how this plays out in the context of startup governance. But for many people, the distinction between authority and power is not very clear. So, here’s a very visual way of representing the difference. In this iconic picture taken 1989, we see an unidentified man standing in front of a line of tanks in front of Tiananmen Square, standing against the government's violent crackdown on the Tiananmen protests. It’s obvious at a glance that all the power sits with the column of large tanks, and some authority too–after all, the tanks were called in by the government to crush the student protests. By contrast, the lonely protestor has no power; he is physically small compared to the tanks, seemingly outmatched by the state's might. Despite this clear imbalance, the man holds a certain authority. He has the authority to bring a column of tanks to halt. Where does his authority come from? Remember the definition from Victor Lee Austen: “Authority is held by a person/s who lead humans to a fuller exercise of their freedom to accomplish human tasks.” Tank Man’s courage gave him a moral authority which both tank captains and their commanders recognized–for a while at least. This concept of authority is not limited to the realm of politics. Even though they have no tanks to command, leaders of companies may also accrue wider authority inside and even outside their organizations. Inside, authority will grow to the extent that leaders build the capacity of their employees to flourish. Outside, a company’s products and services, together with the way in which they are provided, can enable even customers and citizens to grow also in their relative freedom to accomplish tasks. This type of authority creates the capability to influence without coercion. It’s the power of demonstration and that’s why we have celebrated examples of companies which have had influence, like Ricardo Semler’s Semco Partners or those others mentioned in Good to Great . Read more on my Linkedin .

Governance in a Post-Authority Era

By David Porteous February 10, 2023
Governance in a Post-Authority Era In my many years of observing private and public organizations of all sizes, I’ve made one very critical observation: governance often lies behind their failure to achieve their purpose. But governance failure itself is only a symptom of what I feel is a bigger issue that organizations are facing globally. In today's "post-authority" era—alongside all the other “posts” which characterize it, like post-modern, and post-truth—there is a growing mistrust of institutions and leaders that hold authority. The notion that there can be rightful authority is not accepted. Authority is seen as a potential or actual violation of the freedom of the “sovereign individual.” There is a pervasive sense that our institutions which should have authority—in government, religion, civil society—are all failing us. The result of the decay of authority is that other forms of power, like the coercive power of authoritarian regimes and the persuasive power of digital media, are on the rise. And they don’t usually provide a path to human flourishing. But what if the problem is less with specific authorities and more with our understanding of authority? I like how Victor Lee Austen defines authority: “Authority is held by a person/s who lead humans to a fuller exercise of their freedom to accomplish human tasks.” The word ‘authority’, a close cousin in English to the generative word ‘author’, comes from the Latin word meaning to increase. Rightful authority leads to flourishing for both those wielding it and those under it. Most of us are in both situations: under some form of authority but also wielding it in some way—as a parent, for example. Rightful authority brings with it the power to change circumstances, but power does not necessarily lead to authority. Consider the example of a #startup founder. She has the authority of the one who originated the idea for the company and who guards it jealously; but she lacks the power to bring that vision to fruition alone. As a result, she likely turns to those who have one form of power (money), but who don’t necessarily carry authority over her company: venture capital funders. When these funders provide the necessary financial resources, they also gain a level of influence and decision-making power in the form of shareholder votes. The founder/CEO’s authority is no longer absolute, even if it remains paramount. As the startup raises more funding, and grows to become profitable, alongside authority, the founder/CEO acquires more power: that is, she has more control over more resources and people and more effect on the marketplace. However, if the #CEO acquires too much power without being accountable to some form of authority outside of herself, the risk of abuse and failure grows. A rebalancing of authority and power needs to take place over time so that power and authority are appropriately distributed across the organization. Not only will the nature of this rebalancing change over time, but it will look different in different organizations. I see this as the basic task of #governance : optimizing the distribution of authority and power in organizations. When this is done well, it should result in conditions for everyone involved—employees, shareholders, customers and the communities in which they live—to flourish. In a post-authority age, it may be harder to do well, but that does not make it any less important. Do you have any thoughts on how organizations can effectively balance and distribute authority and power in this 'post-authority' era?

Governance by Design for Digital Public Infrastructures

By David Porteous August 30, 2022
During the last six months, I have focused much of my time on governance in early-stage companies. Together with my colleagues in the new Agile Governance Platform , we have made the case why governance at the early stage needs to be different from that of large, listed companies. For example, in a recent Integral article , I argue that governance for firms at this stage of development should be redeveloped from the ground up, rather than imposed top-down by stripping down the bulging Governance Codes applicable to later stage entities. In the course of considering these issues, I have been reminded that digital public infrastructures (DPIs) begin their lives as startups too . DPIs may look a bit different from private tech startups: they may be less funding-constrained, and they may not have the pressures of commercial venture capital funding behind them. However, they too must pass through an early stage of experimentation before they can reach national scale and organizational maturity. In that early stage, they too have to wrestle with questions like how to make effective decisions in the face of complexity; and when to prioritize which policies and procedures to adopt. To assume that DPIs are ‘born adult’ is to miss out on addressing the complex, contested issues of early-stage governance which characterize the growth path of DPIs as they seek to achieve society-wide scale and influence. So what might governance by design look like for new DPIs? And how does the answer differ, if at all, from early stage companies in general? To get to some answers, let’s first look through the lens of two recent publications which address the governance of DPIs more broadly.
More Posts
Share by: