How do-able and useful is such such smart coding. How ways is it to include elements like intent? What other considerations must it be compliant to? Consideration of interacting smart contracts?
Converting Laws to Programs, By Esther Shein in CACM
Communications of the ACM, January 2022, Vol. 65 No. 1, Pages 15-16 10.1145/3495564
Sometimes the intricacies of tax laws are mind-boggling, even to lawyers. Sarah Lawsky, a law professor at Northwestern University School of Law and Jonathan Protzenko, a principal researcher at Microsoft Research, were working to translate Section 121 of the U.S. Tax Code, which stipulates how much a taxpayer can deduct from their income taxes from the profit of the sale of a home, into rogrammable code.
They found themselves stumped, because while the law stipulates a profit on the first $250,000 of a home sale is not to be taxed, "there's like nine layers of exceptions," including whether a person served in the military or is married, or if a spouse is deceased, Protzenko says.
U.S. law is "insanely complicated, so when you have that amount of insanity there's no way a human can confidently claim, `Give me your situation and I'll give you the right answer'," he says. "You need code to capture and precisely express what's supposed to happen, because English is too fuzzy and irregular."
Protzenko and Lawsky spent hours debating a fine point, "and she said, `Gosh, I thought I knew this text well'," he recalls. "She teaches it to her students every year, but transcribing law into code requires you to think about the most minute details, and there was a fair amount of head scratching to make sure we were 100% correct about what the law means."
Thankfully they were, and the code was embedded into Catala, a programming language developed by Protzenko's graduate student Denis Merigoux, who is working at the National Institute for Research in Digital Science and Technology (INRIA) in Paris, France.
It is not often lawyers and programmers find themselves working together, but Catala was designed to capture and execute legal algorithms and to be understood by lawyers and programmers alike in a language "that lets you follow the very specific legal train of thought," Protzenko says.
In highly regulated industries, critical laws are translated precisely into code that reflects their intent. This is especially true when it comes to tax software and software that verifies Health Insurance Portability and Accountability Act (HIPPA) compliance. Yet, tax software "does not formalize statutes in a meaningful way,'' according to Lawsky.
Tax forms created by the government essentially take tax laws and put them into algorithms—and they are not a direct translation of the law, she says.
For example, in a prepublication article for the Ohio State Technology Law Journal, Lawsky wrote that software programs such as TurboTax encode tax forms, which are not law. They are prepared by the government, which collects information and turn portions of the law into an algorithm for taxpayers to apply.
"The difficult part of the coding, and the judgment calls, are almost entirely performed by the government, not by those who code tax preparation software," Lawsky wrote.
"And because forms turn law into algorithms, the forms themselves—not the instructions … may contain judgments about the law [and] sometimes law that is unclear," she says. "The forms themselves abstract away from the law."
You would think something as numerical as income tax law would be similar to mathematical logic, but it is not, Protzenko says, because it is not written with the precision and clarity that would "make it amenable to a very mathematical reading of it."
For example, that law does not mention a number may need to be rounded into whole cents. "The law won't tell you what you're supposed to do with rounding numbers and that can lead to ambiguity and a lack of specification of what's supposed to happen," he says.
Healthcare law is also very complex. Faisal Khan, senior legal counsel at healthcare law firm Nixon Gwilt Law in Vienna, VA, says, "Software for HIPAA compliance must incorporate algorithms that target and hit on all the top-level statutory requirements and implementing regulations.'
To make that happen, Khan says, "There must be a team of compliance-related input as many of the regulations essentially function as guidelines for companies to adhere to."
That means a process or security check that may be compliant for a small company may not automatically be compliant for a large company or health system, Khan says. Moreover, software data should be verified by compliance specialists because enforcement professionals at the U.S. Department of Health and Human Services are not only going to review documents, but also will scrutinize how key individuals and stakeholders are following HIPAA compliance processes and tweaking those processes as necessary as things change, according to Khan.
Thus, while software is a key solution to reducing costs and standardizing practices, "There needs to be a human element to support implementing an algorithm-based solution on the ground," Khan says. "What works from a logic perspective may not be the best solution based upon company operations and existing processes." .... '