The pursuit of software safety standards has stalled. In response, commentators and policymakers have looked increasingly to federal agencies to deliver new hope. Some place their faith in existing agencies while others propose a new super agency to oversee software-specific issues. This turn reflects both optimism in the agency model as well as pessimism in other institutions such as the judiciary or private markets.
This Essay argues that the agency model is not a silver bullet. Applying a comparative institutional choice lens, this Essay explains that the characteristic strengths of the agency model—expertise, uniformity, and efficiency—offer less advantage than one might expect in the software domain. Because software complexity exceeds the capacity of software expertise, software experts have been unable to devise standards that meaningfully assure safety. That root limitation is unlikely to change by amassing more software experts in a central agency.
This Essay argues further that the institutional choice literature should embrace an information-centered approach, rather than a participation-centered approach, when confronting an area of scientific impotence. While participation is a useful proxy when each stakeholder has relevant information to contribute, it loses its efficacy when the complexity of the problem escapes the ability of the participants. Instead, the focus should shift to constructing an empirical body of knowledge regarding the norms and customary practices in the field.
Bryan H. Choi,
Institutional Choice for Software Safety Standards,
73 Hastings L.J. 1461
Available at: https://repository.uchastings.edu/hastings_law_journal/vol73/iss5/9