Blog · Review Essay · Last reviewed June 25, 2026

Code Dependent and the Human Cost of Automated Judgment

Madhumita Murgia's Code Dependent is strongest when it refuses to begin with founders, labs, or model benchmarks. It follows people whose lives are reorganized by AI systems they did not choose: workers who label data, drivers managed by apps, families scored by welfare and policing systems, patients reached through diagnostic tools, and communities watched by surveillance infrastructure. The book is not a prophecy about machine minds. It is a report on delegated institutional judgment.

For this review, code dependency means an asymmetric relation in which wages, care, benefits, mobility, speech visibility, safety, or suspicion depend on a computational system that affected people cannot meaningfully inspect, refuse, correct, or appeal. The danger is not that the system has an inner life. The danger is that institutions give the system authority while withholding usable recourse.

The audit question is concrete: when an automated system shapes a person's options, can the person know it was involved, see the relevant evidence, correct the record, reach a human with power, and force the institution to repair recurring failure?

The Book

Code Dependent: Living in the Shadow of AI was published by Picador in the United Kingdom on March 21, 2024 and by Henry Holt in the United States on June 18, 2024. Pan Macmillan lists the UK hardback at 320 pages with ISBN 9781529097306; Macmillan's U.S. catalog lists Henry Holt editions, including ISBN 9781250867391 for the U.S. hardback and ISBN 9781250867384 for another U.S. format. Murgia is the Financial Times' artificial intelligence editor, and the book was shortlisted for the 2024 Women's Prize for Non-Fiction.

The publisher presents the book as an investigation of how automated systems reshape ordinary lives across work, health, public services, human rights, and personal agency. That is the right frame. This is not a technical explainer of transformers or a Silicon Valley history. It is a field report on what happens after statistical systems leave the lab and enter institutions.

The book's moral center is not that AI is always harmful. Murgia is attentive to cases where automated tools can extend scarce medical capacity or make services reachable. The deeper question is who gets to define the problem, who bears the risk of error, who can inspect the system, and who is asked to adapt when the machine becomes the administrative fact.

Definition

The useful meaning of code dependent is not simple dependence on software. It is an asymmetric dependence created when access to wages, care, benefits, mobility, speech visibility, safety, or suspicion is mediated by a computational system that affected people cannot meaningfully inspect, refuse, or repair.

In that relation, the institution gains speed, scale, memory, and distance. The person on the other side receives a category, score, route, denial, queue position, or alert. The code matters, but so do the records that feed it, the policy it enforces, the vendor contract around it, the worker asked to trust it, and the appeal path available after it fails.

That definition keeps the category disciplined. Code dependency can be produced by a machine-learning classifier, a rules engine, an optimization system, a recommender, a generative summary, a biometric match, or a platform-management stack. The mechanism matters technically, but the public question is whether the system changes a person's life while moving evidence and authority out of reach.

Ordinary People, System Power

Code Dependent works by accumulation. A platform worker does not experience AI as a grand civilizational argument. He experiences it as pay, routing, ratings, opacity, and a support channel that cannot hear him. A family facing a risk score does not experience AI as innovation. They experience it as suspicion that travels faster than explanation. A patient may experience an AI tool as access, but also as dependence on a system whose failure modes may be hard to contest.

This is the book's best contribution to AI politics: it makes "deployment" concrete. Deployment means a model becomes part of a workplace, clinic, school, border, welfare office, police program, content queue, or gig platform. Once embedded there, the system does not merely predict reality. It changes the incentives and evidence around which people must live.

The practical test is the affected person's available action. Do they know an automated system was involved? Can they see the evidence? Can they correct the record? Can they reach a person with authority, or are they trapped in a service script that treats the output as settled fact? Murgia's reporting is useful because it keeps returning to those questions rather than treating "impact" as an abstract social mood.

The Guardian's review emphasizes this human-level account of everyday algorithms, especially where opaque decisions affect health, education, human rights, labor, and marginalized communities. Kirkus similarly reads the book as a wide-ranging survey of people who train, use, and are harmed by AI systems across Nairobi, Amsterdam, India, Argentina, China, and other settings.

Labor Behind the Interface

The labor chapters belong beside Behind the Screen, Atlas of AI, and Programmed Inequality. The recurring pattern is simple: technical systems become impressive partly by hiding the people who make them usable.

Data labelers, content moderators, delivery workers, and app-managed contractors appear as peripheral to the official story of AI progress. In practice, they are part of the machine's body. They classify images, absorb violent material, generate behavioral traces, satisfy metrics, and live inside systems that convert human activity into machine-legible input.

The political problem is not only low pay or bad management, though both matter. It is the conversion of labor into infrastructure without corresponding power. Workers become the means by which the system learns, but not the people who govern what it learns or how its benefits are distributed. That is why data-supply-chain governance should include procurement standards, vendor transparency, worker safety, wage and grievance protections, and documentation of who performed the human judgment being sold as machine capacity.

Partnership on AI's responsible-sourcing work gives this a useful governance vocabulary: data labelers, cleaners, content moderators, and other data-enrichment workers contribute human judgment to AI systems, and responsible AI starts with the conditions under which that judgment is purchased. For a buyer, the relevant questions are not only price, speed, and accuracy. They include wages, exposure to harmful content, support after traumatic work, instructions, subcontracting chains, worker voice, and whether the people improving the model can challenge unsafe or deceptive tasks.

Current Context

As of June 25, 2026, Code Dependent reads less like a warning from the edge and more like a checklist for deployed AI governance. Regulation (EU) 2024/1689, the EU AI Act, does not treat all AI as one category. Annex III identifies high-risk uses in areas such as biometrics, critical infrastructure, education, employment, essential public and private services, law enforcement, migration and border control, and justice or democratic processes. Article 27 adds fundamental-rights impact assessment duties for certain deployers of high-risk AI systems, including public bodies and some private entities providing public services. Article 86 creates a right to clear and meaningful explanation for certain decisions based on high-risk AI outputs when they produce legal or similarly significant effects.

U.S. federal guidance points in a more procurement-driven direction. OMB Memorandum M-25-21 requires federal agencies to manage high-impact AI through documented impact assessment, testing, monitoring, human oversight, remedies or appeals, and lifecycle controls. OMB M-25-22 pushes the same problem into contracting by requiring agencies to obtain enough documentation, testing cooperation, data-rights clarity, security information, and performance evidence to govern acquired AI systems. These memoranda bind federal agencies, not every platform or local government, but they are useful standards for any institution that routes consequential decisions through vendors.

NIST's AI Risk Management Framework supplies the broader operational vocabulary: govern, map, measure, and manage. Risk management is not a press statement after launch; it is the work of defining context, measuring impacts, assigning authority, monitoring changes, and preserving evidence through design, development, deployment, use, and retirement. That matters because the failures in Murgia's cases often sit between parties: the model builder, the vendor, the public agency, the platform, the manager, the frontline worker, and the person who cannot get a decision reversed.

The current policy lesson is narrower and harder than "be ethical." High-stakes systems need use-case inventories, deployment-specific evidence, worker and data-supply-line review, human authority to stop or override the system, records that can be audited later, and routes for affected people to obtain correction and remedy.

When Judgment Becomes Infrastructure

Murgia is especially useful when she shows automated judgment entering public and quasi-public functions: welfare, policing, health, education, migration, and platform work. These domains already involve asymmetrical power. AI can make the asymmetry harder to see by presenting decisions as outputs of a technical process rather than choices made by an institution.

The Dutch childcare-benefits scandal is the case that hangs over any serious account of automated welfare. The parliamentary inquiry into childcare allowance found that basic rule-of-law principles were breached. An official restoration page summarizing the Dutch Data Protection Authority's findings says the benefits service kept double-nationality data after it should have been removed and used nationality in a risk system that automatically marked some applications as risky. The scandal helped bring down Mark Rutte's cabinet in January 2021.

The governance lesson is not that one rogue model ruined everything by itself. The failure was a system: law, data retention, fraud policy, automated selection, punitive recovery, weak information management, and poor appeal joining into one administrative machine. That is exactly the structure Code Dependent keeps returning to. The output becomes evidence; the evidence becomes action; the action becomes debt, discipline, denial, or suspicion; and the affected person is left arguing with a process that has already moved on.

The later Dutch parliamentary inquiry into fraud policy and public service provision made the lesson broader than childcare allowance. Its February 26, 2024 public summary says government, parliament, implementing bodies, and the judiciary failed to protect people, that fundamental rights and the rule of law were breached, and that the underlying patterns could recur without safeguards. That is the institutional form of code dependency: not one bad score, but a governing climate in which data-driven suspicion outruns rights-bearing administration.

That is why this book pairs naturally with Automating Inequality and The Black Box Society. The core issue is appeal. If a human caseworker, manager, teacher, or officer makes a bad decision, the path to accountability may already be difficult. When the decision is routed through a vendor system, risk model, scoring tool, or platform policy stack, the affected person may not even know what must be challenged.

This is where "AI ethics" becomes too small a phrase. The question is administrative power. Who can see the model? Who can audit the data? Who can override the score? Who receives notice? Who can demand an explanation? Who has the money, language, time, and status needed to resist a decision that arrives as neutral computation?

Governance and Safety

The safety implications in Code Dependent are mostly administrative rather than cinematic. A system can harm people without escaping control, deceiving anyone, or becoming generally intelligent. It can deny a benefit, intensify surveillance, misroute medical attention, suppress a worker's income, or mark a family as suspicious while everyone involved says they are merely following procedure.

A serious review of such systems should require at least the following controls before deployment and during operation:

The practical artifact is an automated-decision file. It should connect the system inventory, procurement record, impact assessment, data and labor supply chain, model or rule version, user interface, human reviewer role, notice language, appeal path, override log, incident record, and retirement trigger. Without that file, "human oversight" can become a phrase that hides an unreviewable workflow.

For public agencies, employers, hospitals, schools, and platforms, this is not a brake on all automation. It is the condition under which automation can be distinguished from unreviewable rule by infrastructure.

Where the Book Needs Friction

The book's reporting strength also produces its main weakness. Because Murgia gathers many cases under the banner of AI, the category can stretch too far. Algorithmic management, predictive scoring, generative models, content moderation pipelines, data labeling, surveillance systems, and diagnostic tools do not all fail in the same way.

The LSE Review of Books makes the sharpest version of this criticism, arguing that the book's case studies are compelling but that some technical claims, definitions, and methodological choices are not rigorous enough. That critique should not be dismissed. If everything becomes "AI," readers may miss the specific difference between a statistical risk model, an optimization system, a recommender, a classifier, and a large language model.

Still, the book remains valuable because its strongest claim is social rather than taxonomic. Whether a system is branded as AI, automation, algorithmic decision-making, or platform software, it can still shift discretion away from accountable people and toward infrastructure that affected people cannot inspect. The fix is not to flatten the category further. It is to classify systems by mechanism, use context, affected population, decision consequence, and available recourse.

Source Discipline

A book like this needs careful sourcing because the harms it describes are concrete and the systems are heterogeneous. Good source discipline separates four layers:

That distinction matters especially for numbers, causation, and technical labels. If a scandal involved databases, rules, risk scoring, caseworkers, and political pressure, the review should not casually attribute every harm to "the algorithm." Precision is part of accountability.

This page makes no claim that any AI system is conscious, divine, or AGI. It treats AI systems as institutional machinery that can classify, route, summarize, prioritize, persuade, and trigger action when organizations give them authority.

What This Changes

Code Dependent is a book about the moment computation becomes somebody else's living condition.

The most dangerous systems are not always the most futuristic. They are the systems that become mundane: the app that sets the wage, the score that shapes suspicion, the diagnostic assistant that mediates care, the queue that routes human attention, the classifier that decides what kind of person a record says you are.

That is recursive reality in administrative form. A model reads the world through categories. An institution acts on the model. People adapt to the institution. The adaptation becomes new data. Eventually the system's categories appear to describe reality because reality has been forced to answer in their format.

The practical lesson is to start AI review from the affected person's position. Do not ask only whether the model is accurate. Ask who is made legible, who is made invisible, who is managed without recourse, who performs the hidden work, and whether there is a real human path for refusal, correction, appeal, and exit.

Sources

All web sources reviewed June 25, 2026.

Book links are paid affiliate links. As an Amazon Associate I earn from qualifying purchases.


Return to Blog · Return to Books