Labour announces host of new tech rules – but does not reveal much-hyped ‘AI bill’

Labour has announced sweeping new rules on technology – though not widely-expected new laws on artificial intelligence.

Many within the technology and AI industries had expected that the King’s Speech would bring the introduction of new regulation and governance over artificial intelligence. But it included only passing references to the technology – focused on ensuring that it did not conflict with workers’ rights – and no new legislation specifically focused on it.

As such, it remains largely unclear how much and in what ways the government intends to regulate AI.

But it did announce a host of other new tech-focused changes, including pledges to strengthen the UK’s cybersecurity and resilience, as well as take greater advantage of data to boost economic growth, through new Bills announced in the King’s Speech.

A reported fully-fledged AI Bill was not announced during the State Opening of Parliament, but the King’s Speech set out how the Government would “seek to establish the appropriate legislation to place requirements on those working to develop the most powerful artificial intelligence models”.

In response to the ever-increasing risk of cyber attacks, the new Labour Government said it would introduce the Cyber Security and Resilience Bill, which would give greater power to regulators to push more firms to implement better cybersecurity defences.

It said the Bill would expand the remit of existing regulation and put regulators on a stronger footing, as well as increasing the reporting requirements placed on businesses to help build a better picture of cyber threats to the UK.

It would be joined by a new Digital Information and Smart Data Bill, which would enable new, “innovative” uses of data to help boost the economy.

Under the new legislation, digital verification services would be established, the Government said, which would include digital identity products to help the public quickly and securely share key information about themselves as they use online services in their everyday life.

The Bill would also legislate for the creation of a National Underground Asset Register to enable planners and excavators instant, standardised access to pipe and cable data around the country.

It would also enable the creation of so-called “smart data” schemes, which would allow for the secure sharing of customer data, upon their request, with authorised third-party service providers.

The Government said the Bill would modernise and strengthen the data protection regulator – the Information Commissioner’s Office (ICO) – and that the legislation would also help scientists and researchers make better use of data for their work.

Carla Baker, senior director of government affairs for the UK and Ireland at cybersecurity firm Palo Alto Networks, said she welcomed the “renewed focus” on cybersecurity and the “vital role it plays in driving economic growth and building resilience among critical sectors of society”.

“Recent high-profile attacks targeting the NHS, defence and other critical sectors of our economy have demonstrated the impact that malicious actors can have on our national security, as well as the operation of key functions of society and our economy,” she said.

“Maintaining the security of the critical national infrastructure in the face of the continually changing threat landscape must be a priority, and we welcome the announcements today.

“It will be vital that the Government work with industry to ensure that security requirements in the legislation are fit for purpose and strike the right balance between building resilience and fostering innovation.

“If we are to achieve sustained economic growth in the UK, organisations cannot be burdened with overly prescriptive requirements. The Government must take a co-ordinated approach to developing policy interventions that protect critical sectors of society and drive economic growth, and refrain from producing guidance with overlapping or conflicting requirements.

“We must build our cyber defences. The Government has to take a principles-based approach to security and ensure that security requirements are developed in a co-ordinated and sustainable manner.”

Additional reporting by agencies