What is the future of AI regulation in the UK?

While the European Union forges ahead with proposals to strictly regulate the use of Artificial Intelligence, the UK has opted for a more ‘wait-and-see’ approach. But that looks set to change after the next election – which must be held before January 2025.

The Labour Party – likely to form the next government – is considering new regulations on AI developers, similar to the EU’s AI Act. Developers of general-purpose AI tools like Chat GPT would be obligated to take reasonable steps to ensure they are not involved in the production of fake content, or other harmful deepfakes. The proposals would also ban the use of deepfake creation tools that allow people to make false and obscene AI images by uploading images of real people.

Peter Kyle, the shadow science, innovation and technology secretary, said: “The capacity for deepfakes to harm individuals, undermine elections, and increase fraud has been clear for some time. The recent surge in nudification tools is deeply concerning.”

Labour also plans to set up a Regulatory Innovation Office which will expedite regulatory decisions and develop ten-year research and development budgets to encourage longer-term investment into technology.

However there is still more to come, as Labour have not yet said if they would create an independent regulator for Artificial Intelligence, or give new powers to an existing one, such as the Information Commissioner’s Office (ICO). The former shadow digital secretary Lucy Powell suggested making AI a “licensed” industry, like medicines and nuclear power. 

Other plans include adding a kitemark or other type of indicator to online chats to show whether someone is speaking to a person or an AI. Citations may also be required of generative AI, and there could be requirements to train AI on more diverse data sets.

The party would enact a statutory testing regime between tech companies and the government, under which AI businesses would be compelled to share test data with officials. This comes after Prime Minister Rishi Sunak struck a ‘voluntary agreement’ with leading AI firms at the global AI safety summit in November 2023.

Ultimately, Labour have said they want to make AI “work for everyone.” Unions also want more protections from AI in the workplace. Given deputy leader Angela Raynor’s promise for new worker rights bill within the first 100 days of a new government, this may mean AI regulation comes at the forefront of the next parliament. 

Given the EU is forging ahead with world-leading AI regulation in the form of the AI Act, the next UK government could end up falling closer in line with the EU’s regulatory agenda.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.