The regulation of and through information technology: Towards a conceptual ontology for IS research

This special issue addresses a largely neglected area of Information Systems (IS) research - the regulation of and through Information Technology (IT). As with other human technologies, IT artefacts present risks and can harm individuals, groups, organisations, economies, and society: However, this remains a largely unexplored topic in IS research. Nevertheless, regulators, social commentators, the media, and the public have voiced their concerns about such risks, particularly those related to artificial intelligence (AI), cybersecurity, privacy, digital assets (e.g. cryptocurrencies), and the market dominance of digital platforms. Accordingly, regulations have been instituted or proposed to regulate IT artefacts in and across several business sectors. Additionally, in response to the informational challenges posed by a complex web of laws and regulations, regulators and business organisations have implemented IT artefacts to transform regulatory and supervisory processes or to enhance organisational risk management and compliance reporting capabilities. This special issue addresses the research challenges related to emergent issues surrounding the regulation of and through IT. In this editorial, we take stock of where the field currently stands. We advance a conceptual ontology of IT regulation to guide future research by specifying several taken-for-granted core concepts. By rendering the concepts, categories, and their relationships explicit, the model and its related research questions provide a firm foundation to generate a cumulative body of research on the regulation of and through IT.