What’s New? December 2024

Autumn Budget infotech initiatives

As part of its first Budget, the government announced £20.4 billion of investment for research and development projects in the UK, in an effort to drive economic growth. A portion of this will undoubtedly fund artificial intelligence (AI) projects, and to help lay the framework for AI development the government:

  • “will shortly publish the Artificial Intelligence Opportunities Action Plan setting out a roadmap to capture the opportunities of AI to enhance growth and productivity and better deliver services for the public.”
  • “is creating a National Data Library to unlock the full value of our public data assets. This will provide simple, ethical, and secure access to public data assets, giving researchers and businesses powerful insights that will drive growth and transform people’s quality of life through better public services and cutting-edge innovation, including AI.”

In addition to the investment pledge, the government has commissioned a review to identify “barriers to adopting transformative technologies”. In an effort to surmount one such barrier, £500 million has been allocated by the Treasury for Project Gigabit and the Shared Rural Network, to help accelerate the rollout of digital connectivity, with the target of achieving “full gigabit coverage” by 2030.

UK Data (Use and Access) Bill

As mentioned in the previous edition of this newsletter, the newly elected Labour government was quick off the mark to establish its digital transformation credentials with the Digital Information and Smart Data Bill – essentially a reincarnation of the ill-fated Data Protection and Digital Information Bill introduced by Conservative government in 2022 (previously dubbed the “Data Reform Bill”), which had failed to make it through the “wash up” period prior to the general election. The Bill has once again undergone a re-christening and now goes under the moniker of the UK Data (Use and Access) Bill.

The core aim of the Bill is to improve and facilitate the sharing of data between citizens and public services. Some of its provisions include:

  • setting up Digital Verification services, which will basically provide citizens with a digital identity to be used when interacting with the public sector;
  • promoting Smart Data schemes, to enable the streamlining of consensual customer data sharing, similar to Open Banking/PSD2;
  • introduction of a National Underground Asset Register (NUAR) used for planning and work involving pipes and cables etc;
  • fast-tracking access to mass public data for purposes of scientific research;
  • renaming the Information Commissioner’s Office (ICO) to the “Information Commission” and tweaking its structure;
  • improving the efficiency of transferring patients’ data across the NHS;
  • limiting Subject Access Requests; and
  • expanding the scope of legitimate interest processing of personal data and providing more exceptions to user consent for internet cookies and tracking.

Commenting on the Bill, Technology Secretary Peter Kyle, said:

“With laws that help us to use data securely and effectively, this Bill will help us boost the UK’s economy, free up vital time for our front-line workers, and relieve people from unnecessary admin so that they can get on with their lives.”

Osborne Clarke notes that this is:

“a wide-ranging bill, with many intricate provisions, much of it amending existing legislation or setting up frameworks to be fleshed out later in secondary legislation, and businesses will need time to consider the detail.”

Digital Assets Bill

The Property (Digital Assets Etc.) Bill, which was introduced to the House of Lords in September 2024, attempts to tackle the legal difficulties pertaining to digital assets vis-a-vis personal property rights. It comes in the wake of a report by the Law Commission which proposed a third category of personal property (in addition to the two traditional categories: “things in action” and “things in possession”) to cover digital assets such as cryptocurrency, non-fungible tokens (NFTs) and carbon credits. In its current form, all the Bill does is to create said third category, leaving it up to the courts to decide exactly what digital assets it will encompass.

Law Society AI strategy

In an attempt to grapple with the impact of AI on the legal sector, the Law Society has announced an AI strategy which it has described as “the three I’s” which denote:

  • innovation – the deployment of AI within the legal sector to benefit law firms and their clients;
  • impact – the influence of the legal sector to inform and implement AI regulation; and
  • integrity – upholding the rule of law and enabling access to justice through the responsible and ethical use of AI.

Commenting, Richard Atkinson, president of the Law Society of England and Wales, said:

“The rapid development of artificial intelligence technologies has ushered in new possibilities and challenges for the legal sector. As the professional body for solicitors, we’re there to support all our members navigate and benefit from the new AI landscape.”

Online Safety Act updates

There have been a couple of recent developments related to the Online Safety Act which came into force just over a year ago:

  • Ofcom has published an updated roadmap, detailing the implementation plans for 2025 in a phased approach, with certain obligations arising as soon as March 2025.
  • Ofcom has published a consultation, setting out its proposed fees and penalties.

Meanwhile, Technology Secretary Peter Kyle has set out new online safety priorities for Ofcom, in the form of a Draft Statement of Strategic Priorities for online safety. It’s also worth mentioning a joint UK-US statement which has recently been issued pertaining to the protection of children online.

New data protection audit framework

The ICO has launched a new data protection audit framework, extending their existing Accountability Framework with the addition of nine toolkits, designed to help organisations conduct their own assessments to help meet best practice guidelines.

Commenting, Ian Hulme, ICO Director of Regulatory Assurance, said:

“Our new audit framework will help build trust and encourage a positive data protection culture, as well as being flexible in targeting the most pressing areas of compliance. We want to empower organisations to embrace data protection as an asset, not just a legal requirement.”

The EU Digital Fairness Act

Having recently published the findings of a Digital Fairness Fitness Check – which “evaluates whether the current EU consumer protection laws are fit for purpose to ensure a high level of protection in the digital environment” – the European Commission has announced that it will seek to develop tighter regulations in the guise of a Digital Fairness Act. According to Commissioner-designate for Democracy, Justice and the Rule of Law, President von der Leyen, this new piece of legislation will aim to “tackle unethical techniques and commercial practices related to dark patterns, marketing by social media influencers, the addictive design of digital products and online profiling especially when consumer vulnerabilities are exploited for commercial purposes.”

Hogan Lovells warns that this new Act could add “another layer of regulation in an already heavily regulated sector that has seen numerous legislative initiatives in recent years.”

Alex Heshmaty is technology editor for the Newsletter. He runs Legal Words, a legal copywriting agency based in the Silicon Gorge. Email alex@legalwords.co.uk.

Photo by Ales Nesetril on Unsplash.