The King has introduced the first bills and legislation of the newly elected Labour government to the UK Parliament, including several related to technology.
Among them, the King stated that his Government “will seek to establish appropriate legislation to impose requirements on those working on the development of the most powerful artificial intelligence models.”
The government is also looking to introduce a Cyber Security and Resilience Bill to strengthen the cyber resilience of public bodies such as the Ministry of Defence (MoD) and the NHS.
A step towards regulation or a brake on innovation?
Experts' reactions to the announcement of both bills have been mixed, but one point has garnered consistent support: UK public services rely on outdated and insecure IT systems to operate, putting them and the public at greater risk of services being disrupted and data being leaked.
In January 2024, a report was published that revealed the The Ministry of Defense will have 11 computer systems “with red rating” that are exposed to cyber attacks and breaches, or are simply too inefficient or unsuitable for use. In May, the Ministry of Defence was allegedly attacked by a Chinese state-sponsored cyber attack who stole personal information of current and former staff.
The same month, a report found that The British public has very little confidence in the NHS's cybersecurity and data handlingand almost half (49%) believe the service could mishandle their data, and more than four in five (82%) say they are somewhat concerned about cyber attacks on NHS systems. In June, Synnovis, a pathology provider to Guy's and St Thomas' NHS Foundation Trust, was Hit by a cyber attack who stole patients' blood test data.
Subsequently, publicly available information from the board meeting revealed that concerns had been raised about third-party service providersDirectors said an IT modernisation programme was needed to increase the NHS's cyber resilience.
Responding to the introduction of the Cyber Security and Resilience Bill, Dominic Trott, Director of Strategy and Partnerships at Orange Cyberdefense, said: “Any measure that serves to further strengthen our defences and ensure more essential digital services are protected than ever before should be welcomed. Over the past year, we have seen a number of attacks on organisations providing critical services to the UK. In the healthcare sector, for example, the pressures faced by hospitals have been intensified by the growing threat from cybercriminals who have brazenly targeted the critical systems of the most vulnerable.”
“According to our own data, there were 69 cyber extortion attacks on healthcare companies in the first quarter of this year, an increase of more than 100% compared to the first quarter of 2023. To combat this, organisations must optimise access to skills, adopt appropriate processes and use technology correctly to achieve cyber resilience. It is pleasing to see that the Bill will update the legacy regulatory framework by expanding the scope of regulation to protect supply chains, which are an increasingly important threat vector for attackers,” concluded Trott.
Growth of AI
As for the AI bill, experts are concerned that if enacted too quickly, it could impose strict regulation on a technology that has already proven its ability to improve productivity and efficiency, and that the legislation could unfairly stifle innovation.
David Shepherd, Senior Vice President, EMEA, Ivanti, said: “The announcement of intentions to introduce AI legislation is a positive step, but it will be the details that will matter. For regulations to be successful and foster innovation while ensuring security, clear, transparent and consistent global safeguards are critical – especially when it comes to protecting workers, one of the key objectives of the new Labour government.”
“While regulation cannot be rushed, it is essential to act in time,” he added. “Delays could lead to increased bias in AI and ethical issues such as potential job losses, a concern the new government clearly wants to address.”
“As Labour’s plans develop, it will be essential to nail down the regulatory details. To ensure that no group is disproportionately affected, the development process must embrace diverse viewpoints to ensure AI is ready for businesses and employees to thrive in harmony. This engagement will be critical to the success of the AI Bill and ultimately to employee safety and overall business success.”
