AI White Paper proposes joint regulatory guidance

The UK government is investing heavily in AI, and is now trying to create an environment for AI to flourish. The much-awaited White Paper identifies however, some risks to human rights and privacy, for example the use of AI to generate deepfake pornographic video content, bias in assessing credit-worthiness of loan applicants, or intrusive collection of data through connected devices in the home. On a larger scale, the privacy law community needs to worry about disinformation generated and propagated by AI, and its impact on trust in democratic institutions and processes.

The consultation on the AI White Paper is now open for 12 weeks, until 21 June. This is the time to shape the future direction of AI in the UK – although regulation elsewhere will have an impact too. Cross-jurisdictional requirements mean that companies need to prepare AI compliance programmes now. Organisations can no longer claim they were not aware of the issues involved. The ICO has for some time been saying that AI is no longer a new concept, and it will therefore enforce data protection law on AI as vigorously as in any other field.

The White Paper will lack any statutory footing, and the government is not seeking to appoint a new regulator. While AI is a strategic priority for the ICO, as is empowering responsible innovation, the regulator says that it would welcome clarification on the respective roles of government and regulators in issuing guidance and advice as a result of the proposals in the AI White Paper. The ICO encourages the government to reach out to the Digital Regulation Cooperation Forum (DRCF) which consists of several regulators in this field, and where joint regulatory responses can be formulated.

In April, the Data Protection and Digital Information No. 2 Bill received its second reading in the House of Commons. The Online Safety Bill is at the Committee stage in the House of Lords, and the Digital Markets, Competition and Consumers Bill was recently introduced into Parliament. All this activity will keep DPOs, and us at PL&B, very busy. Join the debate at Who’s Watching Me? our summer conference in Cambridge in July to hear from the new government home for data protection, the Department for Science, Innovation & Technology (DSIT), the ICO and other stakeholders. Register here.

Laura Linkomies
Editor, Privacy Laws & Business

May 2023