There had been rumours that the UK's new Labour government would introduce legislation specifically on artificial intelligence, announcing a full programme of legislation amid the pomp of the opening of Parliament. But the King's Speech contained a much more tentative promise: “We will seek to bring in appropriate legislation that imposes requirements on those working to develop the most powerful artificial intelligence models”.
A spokesperson for 10 Downing Street and the Department for Innovation, Science and Technology (DSIT) confirmed that there are no plans for an AI bill yet, and did not provide details when asked by TechCrunch about plans to work on developing “appropriate” rules for the most powerful AI models.
Labour's election manifesto also promised to “ensure the safe development and use of AI models by introducing binding regulation on the small number of companies developing the most powerful AI models, and banning the creation of sexually explicit deepfakes”.
The UK lags behind the European Union in this area, which late last year adopted a risk-based framework for regulating the application of AI. The agreed document was subsequently approved and published in the EU's Official Journal last week, setting off a countdown of various legal deadlines for developers over the coming months and years, including compliance requirements aimed at managing systemic risks in the most powerful general-purpose AI models.
As the UK is still waiting to draft its legislation, it may be keeping a close eye on how the EU AI law will be implemented and come into force, and what impact it will have.
Labour's election manifesto also stated: “Our Industrial Strategy will support the development of the artificial intelligence sector, removing planning barriers for new data centres, and creating a National Data Library to consolidate existing research programmes and deliver data-driven public services, while maintaining strong safeguards and ensuring all public benefits.”
And the legislative plans released today reiterate the government's desire to harness the power of data for economic growth, echoing the previous Conservative government's insistence on using AI as a driver of wealth creation.
The King's Speech also touches on AI in a passage entitled “Harnessing AI.”[ing] “We will harness the power of artificial intelligence as we look to strengthen the safety framework,” likely a reference to plans to introduce a Product Safety and Metrology Bill, which says the government wants long-standing UK product regulations to keep up with new risks and technological advances, such as AI.
The government says the purpose of the Product Safety Bill is “to support growth, provide regulatory stability and strengthen consumer protection”, including by “addressing emerging product risks and opportunities to help the UK adapt to technological advances such as AI”.
Here too, the EU is several steps ahead, with EU lawmakers working from autumn 2022 on revising product liability rules to take into account the risk of harm from software and AI.
Labour's manifesto also acknowledged that “regulators are currently ill-equipped to deal with the dramatic developments in new technology”, and promised to create a “new Office of Regulatory Innovation” to bring together existing functions across government to help regulators keep up with rapid technological developments.
Data Reform and Cybersecurity
There are several other bills on the UK legislative agenda that are more focused on technology policy.
Firstly, the government is working on what it is calling the Digital Information and Smart Data Bill.
This appears to be a rehash of some provisions of post-Brexit data reform legislation that the previous government ultimately scrapped when former Chancellor Rishi Sunak called a general election for 4 July and tried to interrupt Parliament to pass the legislation.
These include plans to allow scientists and “bona fide researchers” to seek “broad consent” to using people's data to inform research, and reforms to the Information Commissioner's Office, the UK's data protection watchdog, which the government claims will modernise and strengthen the agency.
There has also been a revived and possibly expanded drive to establish a “Digital Authentication Service”, with the government saying it “want to support the creation and deployment of secure and trusted digital ID products and services by accredited providers to help with things like moving house, pre-employment checks and the purchase of age-restricted goods and services”. However, digital ID is intended to be voluntary, which again appears to be a similar approach to plans for the EU's digital ID scheme, avoiding the controversy that has accompanied the push to bring back compulsory ID.
The Bill also focuses on encouraging what the government calls a “Smart Data Scheme”, which aims to encourage more secure sharing of customer data through Authorised Third Party Providers (ATPs), similar to what can be achieved through the existing open banking regime. According to the government, by putting in place a legal framework, the aim is to expand and grow the role of ATPs in providing innovative services.
In addition, the program includes a Cybersecurity and Resilience Bill that focuses on strengthening the protection of public services in the wake of an increase in cyber attacks on critical services and infrastructure, such as hospitals, universities and local governments.
“This bill will strengthen our defences and ensure that our vital digital services are protected more than ever before, including by expanding existing regulatory powers, strengthening the position of regulators, and strengthening reporting requirements to improve government visibility into cyber threats,” the government wrote.
It also said the upcoming cybersecurity law would require “enhanced incident reporting” to ensure better data on cyber attacks.