この記事は現在英語でのみご利用いただけます。
AI Governance in the Public Sector: Sovereignty, Accountability, Procurement, and the Australian, UK, US, and EU Frameworks
Public sector AI deployment carries the highest accountability burden. Citizens are not customers — they cannot exit the relationship. Decisions affect rights, benefits, and obligations. The complete guide for government departments, agencies, statutory bodies, and the contractors building public sector AI — covering the AU GovAI initiative, US Federal AI Use Cases, UK Government AI Playbook, EU AI Act public sector obligations, and the operating model that satisfies all of them.
Key Takeaways
Public sector AI governance accountability burden exceeds private sector — citizens cannot exit the relationship and decisions affect rights, benefits, obligations.
Australia's GovAI initiative: every federal department has a Chief AI Officer; DTA AI Model Clauses for procurement; whole-of-government policy framework.
US Federal AI Use Cases inventory required under OMB M-24-10 (now superseded by 2026 OMB guidance) — agency-level AI inventory and impact assessment.
UK Government AI Playbook (Cabinet Office) provides the implementation framework; Algorithmic Transparency Recording Standard requires public registration.
EU AI Act high-risk classification applies to most consequential public sector AI — law enforcement, justice, migration, social benefits, essential services.
Robodebt (Australia, 2016-2020) remains the defining negative case study — automated decision systems without adequate governance produced unlawful outcomes at scale.
"情報提供のみを目的としています。この記事は法律、規制、財務または専門的なアドバイスを構成するものではありません。具体的なアドバイスについては、資格を持つ専門家にご相談ください。"
Public sector AI deployment in 2026 carries an accountability burden that exceeds the private sector. Citizens are not customers — they cannot exit the relationship when AI-mediated services fail them. Public sector AI decisions affect rights, benefits, obligations, and freedoms in ways that engage administrative law, human rights frameworks, and constitutional protections. The Robodebt scheme (Australia, 2016-2020), where automated debt assessment produced systematically unlawful outcomes affecting hundreds of thousands of welfare recipients, remains the defining negative case study for how badly this can go. Public sector AI governance in 2026 is responding to that history — and to new EU AI Act obligations, US federal directives, UK Cabinet Office guidance, and Australian whole-of-government policy.
The Australian framework
Australia's public sector AI framework crystallised between 2023 and 2026. Key elements: the National AI Centre (NAIC) at industry.gov.au coordinates whole-of-government policy; the AI Safety Institute (AISI) provides technical evaluation; the Digital Transformation Agency (DTA) runs the GovAI initiative including Chief AI Officer roles in every federal department; the DTA AI Assurance Framework and AI Model Clauses set procurement expectations; the Office of the Australian Information Commissioner (OAIC) addresses privacy implications. The Privacy Act ADM transparency obligation (10 December 2026) applies to government as it does to private sector. The Robodebt Royal Commission Final Report (July 2023) findings continue to shape public sector AI governance expectations — including the importance of legal authority for automated decisions, human oversight, and the obligation to test systems against actual cases before deployment.
The US federal framework
US federal AI policy evolved significantly between 2023 and 2026. The Biden Executive Order 14110 (October 2023) established the initial framework; the Trump December 2025 EO (revoking 14110 and establishing a preemption-oriented framework) and subsequent OMB guidance set the current direction. Federal AI Use Case inventories are maintained by agencies; impact assessments are required for rights-affecting and safety-affecting AI. The US Center for AI Standards and Innovation (CAISI, formerly the US AI Safety Institute) provides technical evaluation. The Office of Management and Budget Memorandum M-24-10 (March 2024) and subsequent 2026 guidance establish governance requirements. NIST AI RMF implementation is the technical reference.
The UK framework
The UK Government AI Playbook (Cabinet Office, 2024 and updated 2025-2026) provides the implementation framework. Key elements: the Algorithmic Transparency Recording Standard (ATRS) requires public registration of significant algorithmic tools; the AI Standards Hub coordinates standards development; the AI Safety Institute (UK AISI) provides technical evaluation. The Government Digital Service runs the implementation function. Public sector AI procurement uses the AI Procurement Framework. The Information Commissioner's Office (ICO) addresses data protection in public sector AI.
The EU framework
The EU AI Act classifies most consequential public sector AI as high-risk. Annex III high-risk categories include law enforcement (with specific exceptions for biometric identification), migration and border control, administration of justice and democratic processes, access to and enjoyment of essential public services, and emergency services dispatch. Annex III high-risk obligations apply from 2 December 2027 under the Digital Omnibus delay (previously 2 August 2026). Member State implementation varies — France, Germany, Italy, Spain, and Netherlands have all developed implementation guidance. Public sector AI also engages GDPR, including Article 22 on automated decision-making.
The operating model
A defensible public sector AI operating model includes: AI use case inventory with appropriate classification and public transparency where required; legal authority verification for each automated or AI-supported decision; impact assessment covering rights, equity, accuracy, and harm potential; human oversight calibrated to risk — for high-stakes decisions, meaningful human decision-making rather than rubber-stamping; transparency appropriate to context — algorithmic transparency where AI affects decisions; procurement governance using framework clauses (DTA AI Model Clauses, EU AI procurement clauses); workforce capability — Chief AI Officer or equivalent role with appropriate authority; monitoring and assurance including bias and equity testing; complaints and redress mechanisms for AI-affected individuals; incident response for AI-related failures with public disclosure where appropriate.
Sector-specific considerations
Social services and welfare: the Robodebt lessons apply directly — legal authority, human oversight for adverse decisions, testing against actual cases, complaints processes. Tax administration: ATO, IRS, HMRC AI use in compliance and customer service. Border, migration, security: highest-stakes category, with specific human rights considerations. Healthcare delivery: public hospital and health system AI subject to both healthcare AI obligations and public sector obligations. Education: public school and university AI subject to education sector obligations and public sector obligations. Justice: court AI, prosecution AI, corrections AI subject to highest scrutiny. Defence and intelligence: separate frameworks (LOAC, intelligence oversight) overlay general public sector frameworks.
Useful third-party resources
- Australian Department of Industry, Science and Resources — NAIC, AISI, whole-of-government AI policy
- Digital Transformation Agency (Australia) — GovAI, AI Assurance Framework, AI Model Clauses
- OAIC — Privacy implications of public sector AI
- UK Government AI Playbook
- UK Algorithmic Transparency Recording Standard
- US Office of Management and Budget — Federal AI guidance
- US CAISI — Center for AI Standards and Innovation
- EU AI Act — Annex III high-risk public sector classifications
- OECD AI Policy Observatory — Cross-country comparison