Technology, including artificial intelligence, cyber security, digital government, digital infrastructure, and data, is primarily the responsibility of the Department for Science, Innovation & Technology (DSIT).  The Department’s Secretary of State, Peter Kyle, announced on 8 July 2024 that DSIT would be expanding in both “scope and size” by incorporating experts in data, digital and AI from the:

  • Government Digital Service (GDS)
  • Central Digital and Data Office (CDDO)
  • Incubator for AI (i.AI)

He added that the department’s expansion formed part of wider efforts establish DSIT as the “centre for digital expertise and delivery in government”, to improve “how the government and public services interact with citizens”.

More information about how DSIT is structured and its key policy areas can be found in the National Audit Office’s Department for Science, Innovation & Technology 2022-23 overview, published in December 2023.

Outlined below are some of the main technology-related responsibilities of DSIT, together with recent parliamentary publications and stakeholder analysis.

Artificial intelligence

Artificial intelligence (AI) can take many different forms and there is no single, universally agreed, definition. The term is frequently used as a shorthand to refer to technologies that perform the types of cognitive functions typically associated with humans, including reasoning, learning and solving problems. Strategy documents and a white paper on AI were published by the previous Conservative government.

The Labour Government signalled, in both its 2024 general election manifesto (PDF) and in the 2024 King’s Speech, that it will seek to regulate those companies “developing the most powerful AI models”. The DSIT Secretary of State also emphasised that the government is seeking to put AI at the centre of its “agenda to deliver change, sustained economic growth and improved public services”. As part of this work, in July 2024, the Labour government commissioned Matt Clifford, Chair of the Advanced Research and Invention Agency, to produce an ‘AI Opportunities Action Plan’; a “roadmap for government to capture the opportunities of AI to enhance growth and productivity and create tangible benefits for UK citizens”.

Further reading

Digital government

Digital government is about using technologies and sharing data to deliver public services more efficiently and effectively. These may be public-facing services, such as filing a tax return or renewing a driving licence.  The Labour Government has said it wants to “overhaul the British public’s experience of interacting with the government, so it becomes personalised, convenient, and timesaving”. The gov.uk One Login system, for example, was first deployed on a limited basis in late 2021. It is being developed by the Government Digital Service (GDS) to make it straightforward and secure for people to verify their identity online and log in to government services. The intention is for most major government departments to use One Login for its services by March 2025. Gov.uk, the online platform for government information and services, is also maintained by GDS.

In addition, digital government also covers systems and software that support the government to carry out critical functions, but which are not publicly accessible, such as the Police National Computer and the NHS Federated Data Platform.

Further reading

Digital infrastructure

The use of technology in public services is underpinned by fast and reliable connectivity. The previous government set a target for 85% of UK premises to have access to gigabit broadband by 2025, and nationwide coverage by 2030. ‘Gigabit broadband’ means broadband capable of download speeds of at least 1,000 megabits per second (compared to around 30-80 for standard ‘superfast’ broadband).

On mobile coverage, it agreed a programme with the mobile industry to reach 95% 4G coverage by 2025 and standalone 5G coverage in all populated parts of the UK by 2030. ‘Standalone’ 5G is 5G that, unlike most current deployments in the UK, does not rely on legacy 4G equipment.

Current broadband and mobile coverage, including at constituency level, can be explored in Ofcom’s Connected Nations interactive report (April 2024).

The previous government’s approach to supporting the rollout of next-generation broadband and mobile infrastructure was to create a supportive regulatory environment for private investment, with public funding targeted at ‘hard to reach’ areas that would be missed by the commercial market.

There are two main funding programmes in progress: Project Gigabit (for broadband) and the Shared Rural Network (for 4G mobile).  These programmes are administered by Building Digital UK (BDUK), an executive agency within DSIT.

Funding for 5G has so far primarily focused on demonstrating ‘use cases’ to encourage adoption. The National Audit Office (NAO) reported in February 2024 that DSIT has “not yet determined” whether funding will be required to meet its targets for 5G.

In its 2024 election manifesto, the Labour Party said that it would “make a renewed push to fulfil the ambition of full gigabit and national 5G coverage by 2030.”

Further reading

Data

The sharing of personal data in public services must comply with the UK General Data Protection Regulation (UK GDPR). Under the UK GDPR, personal data can only be shared if there is a lawful basis for doing so. There are six bases: 

  • Consent – an individual has given clear consent for their personal data to be processed for a specific purpose.
  • Contract – processing is necessary for the performance of a contract to which the data subject is party or to take steps at the request of the data subject before entering a contract.
  • Legal obligation – processing is necessary for compliance with a legal obligation to which a data controller is subject.
  • Vital interests – processing is necessary to protect someone’s life.
  • Public task – processing is necessary for the performance of a task carried out in the public interest or for official functions and the task or function has a clear basis in law.
  • Legitimate interests – the processing is necessary for a data controller’s legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.

Personal data must be processed in accordance with seven principles, including purpose limitation, data minimisation, and accuracy.

There are additional protections for special category data – personal data that reveals, for example, a person’s racial origin, political opinions, health data, or sexual orientation. To process special category data, there must be a lawful basis under Article 6 of the UK GDPR and a separate condition for processing under Article 9. One of the conditions is explicit consent. There are nine others including health/social care and substantial public interest. The latter two must have a basis in law.

The Information Commissioner’s Office (ICO) enforces data protection law. ICO Guidance on the UK GDPR (PDF) (October 2022) gives further detail on the above. The ICO has also published a Data sharing: a code of practice (May 2021).

Digital Information and Smart Data Bill

The background briefing notes to the King’s speech (PDF) refer to a Digital Information and Smart Data Bill. The notes state that the bill would:

…enable new innovative uses of data to be safely developed and deployed and will improve people’s lives by making public services work better by reforming data sharing and standards; help scientists and researchers make more life enhancing discoveries by improving our data laws; and ensure your data is well protected by giving the regulator (the ICO) new, stronger powers and a more modern structure…

The bill has not yet been introduced.

Further reading

Cyber

If users are to trust digital public services, they must be confident that their personal data will be secure from, and services will be resilient to, cyber attacks. Cybersecurity is the practice of protecting IT systems, devices, and the data they hold from unauthorised access and interference.

The National Cyber Strategy 2022, published under the Johnson Conservative government, included an ambition for the UK public sector to be an “exemplar of best practice” in terms of cybersecurity.  In support of this, the 2022-2030 Government Cyber Security Strategy was published in January 2022. Its central aim was to “significantly harden” critical government functions to cyber attack by 2025, and for the whole public sector to be “resilient to known vulnerabilities and attack methods” by 2030.

In the 2024 King’s Speech, the Labour Government committed to introducing a Cyber Security and Resilience Bill. According to the King’s Speech briefing notes, the bill will include measures to mandate cyber incident reporting and bring more sectors into the scope of current cyber regulations. These issues are discussed in sections 4.2 and 4.3 of the Library briefing, Cybersecurity in the UK.

Additionally, Dan Jarvis MP (then shadow security minister and now Home Office minister) suggested during a Westminster Hall debate in May 2024 that a Labour government would reform the Computer Misuse Act 1990 to introduce a defence for ethical hacking. This proposal is discussed in section 4.1 of the Library’s briefing on cybersecurity.

Further reading


Related posts