AI as a Justice-System Risk Multiplier: (1) implementation mistakes, (2) questionable “fit” to the real-world population, and (3) legal/ethical fragility around data and proxies.

· Source: Pascal’s Substack · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, AI Ethics & Governance · Depth: Advanced, medium

Summary

In February 2026, the Dutch Justice and Security Inspectorate found that the probation services' OXREC algorithmic risk tool, used approximately 44,000 times annually, was operating irresponsibly. The Inspectorate identified software implementation errors dating back to 2018, specifically swapped formulas for detainees and non-detainees, and incorrect numbers, leading to systematically distorted (often too low) risk estimates, particularly for individuals with drug use issues and severe mental health conditions. Beyond these "formula mistakes," the tool relied on outdated data, was applied to a different population than intended, and failed to comply with privacy laws. Furthermore, OXREC utilized potentially discriminatory proxy variables like "neighborhood score" and "income level," which the Inspectorate had previously advised against without strict justification and safeguards. This combination of errors, questionable fit, and ethical fragility created systemic distortions in the justice system.

Key takeaway

For CTOs and VPs of Engineering overseeing critical algorithmic deployments, this case highlights that even minor technical errors can become systemic risks when scaled. You must implement robust governance, continuous monitoring, and strict validation protocols for any algorithm impacting liberty or public safety. Ensure your procurement contracts mandate auditability and liability, and that your teams are equipped for incident response, treating these systems with the same rigor as critical infrastructure to prevent widespread harm and institutional mistrust.

Key insights

Small algorithmic errors in justice systems scale into systemic distortions with severe societal and individual consequences.

Principles

Method

Regulators should mandate formal software assurance, incident response protocols, continuous monitoring, and periodic re-certification for justice risk tools, alongside strict rules for data and proxy variables.

In practice

Topics

Best for: CTO, VP of Engineering/Data, Executive, AI Ethicist, Policy Maker, Legal Professional

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Pascal’s Substack.