Recommendations & Conclusions
31 items
1
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
Data rights are an important tool for empowering data subjects and balancing data processing against users’ rights and freedoms. However, there are many barriers to individuals being able to exercise these rights when using or interacting with connected tech, ranging from product design to digital literacy and resources. Users must …
Government response. The government agrees with the conclusion, stating that existing data protection legislation, including the UK GDPR, already addresses these issues by requiring transparent data processing and empowering individuals to report non-compliance to the ICO. It welcomes the ICO's existing recommendations …
Department for Culture, Media and Sport
2
Recommendation
Tenth Report - Connected tech: smart or…
Acknowledged
The Government should introduce appropriate measures to standardise privacy interfaces for connected devices as a first step, which will help users learn how to control connected devices in their homes and exercise data rights. Privacy interfaces should be appropriately accessible, intuitive and flexible enough so users of a reasonable level …
Government response. The government partially accepts the recommendation, referencing existing GDPR requirements for privacy information. While not committing to standardising interfaces for connected devices, it will engage with interest groups in the coming months to explore options for simpler and more granular …
Department for Culture, Media and Sport
3
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government should clarify the obligations in the Online Safety Bill for voice assistants, connected devices (like smart speakers) and other emerging technologies that can surface harmful content, to ensure that those that integrate search services in particular fall in-scope of the duties. It should also set out in its …
Government response. The government partially accepts the recommendation, clarifying that the Online Safety Act's broad scope covers voice assistants and connected devices integrating internet search, subjecting them to duties to conduct risk assessments and mitigate illegal content and harm to children.
Department for Culture, Media and Sport
4
Recommendation
Tenth Report - Connected tech: smart or…
Rejected
The use of connected tech in schools and by children in homes raises concerns, including the harvesting and third-party use of children’s data and their lack of control over what technology is used and when. The Government and ICO were quick to dismiss our concerns about this issue. We urge …
Government response. The government rejects the conclusion, asserting that the ICO has already been proactive through extensive work with industry since the Age-Appropriate Design Code came into force, producing guidance and resources for Edtech and schools.
Department for Culture, Media and Sport
5
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government should commit to ensuring that the Age-Appropriate Design Code is strengthened rather than undermined by data protection reform and to laying the revised code as soon as is practicable.
Government response. The government agrees with the recommendation, committing to ensure that forthcoming data protection reforms will not undermine the Age-Appropriate Design Code. The ICO will update its guidance, including the code, as soon as practicable once the Data Protection and Digital …
Department for Culture, Media and Sport
6
Recommendation
Tenth Report - Connected tech: smart or…
Acknowledged
Though smart cities provide a range of opportunities, such as more efficient management of resources, there are also additional risks to confidence in privacy and data protection, making it harder for individuals to exercise data rights. The Government should review how it can incentivise and actively pilot the creation of …
Government response. The government partially accepts the recommendation, stating it is examining how data intermediaries can facilitate data sharing and empower individuals. It highlights existing data-driven practices and discusses ongoing work to manage security risks associated with connected places technologies, providing guidance …
Department for Culture, Media and Sport
7
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The monitoring of employees in smart workplaces should be done only in consultation with, and with the consent of, those being monitored. The Government should commission research to improve the evidence base regarding the deployment of automated and data collection systems at work. It should also clarify whether proposals for …
Government response. The government partially accepts the recommendation, stating that workplace monitoring must comply with existing data protection law. It highlights safeguards in the Data Protection and Digital Information (No.2) Bill for automated decision-making and refers to its previously published AI Regulation …
Department for Culture, Media and Sport
8
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
The Information Commissioner’s Office should develop its existing draft guidance on “Employment practices: monitoring at work” into a principles-based code for designers and operators of workplace connected tech.
Government response. The ICO plans to publish final guidance for employers on employee monitoring in October, which will replace parts of the 2011 Employers Code of Practice, following a public consultation that closed in January.
Department for Culture, Media and Sport
9
Recommendation
Tenth Report - Connected tech: smart or…
Rejected
The Government has not yet made a compelling case for reform of data protection. While we understand that some companies do not share data outside the UK, we are concerned that differing expectations between those companies and companies that do share data outside the UK may give the impression of …
Government response. The government rejects the conclusion, asserting that the UK remains committed to high data protection standards and that the proposed Bill will simplify legislation while maintaining robust safeguards. It argues that EU adequacy does not require identical rules and that …
Department for Culture, Media and Sport
10
Conclusion
Tenth Report - Connected tech: smart or…
Rejected
We agree that reforming the governance and accountability structures of the Information Commissioner’s Office will be a positive step. We have previously recommended against executive overreach in the case of Ofcom and the Online Safety Bill; these concerns apply with respect to the Information Commissioner’s Office and the Data Protection …
Government response. The government rejects the conclusion, asserting that the reforms will enhance the ICO's accountability without undermining its independence, citing the Information Commissioner's agreement. It clarifies that the Strategic Statement of Priorities will be subject to parliamentary oversight and approval, ensuring …
Department for Culture, Media and Sport
11
Recommendation
Tenth Report - Connected tech: smart or…
Rejected
The introduction of the product security regime, which codifies three of the original thirteen guidelines set out in the Government’s internationally recognised 2018 Code of Practice for Consumer IoT Security, is an important first step in improving cybersecurity for connected devices. However, the remaining ten guidelines retain considerable support among …
Government response. The government rejects committing to codify the remaining guidelines in phases, stating it's not currently proportionate, but will monitor the impact of existing requirements and may mandate further ones if necessary.
Department for Culture, Media and Sport
12
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
As the guidelines set out in the 2018 Code of Practice for Consumer IoT Security imply, cybersecurity and data protection are mutually reinforcing. Without cybersecurity, data cannot be meaningfully protected, while data protection can manage the risk and impact of cyberattack. The Information Commissioner’s Office, either bilaterally or through the …
Government response. The government commits that the Information Commissioner’s Office (ICO) will work with the Office for Product Safety Standards (OPSS), bilaterally or via the Digital Regulation Co-operation Forum, to support industry and ensure effective enforcement of new regulations.
Department for Culture, Media and Sport
13
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
Improving cybersecurity of consumer connected devices is an important and positive step, but the proliferation of connected tech in enterprise settings and the gap in the regime regarding network, storage and cloud security still present likely attack vectors that will continue to allow devices to be compromised. The Government should …
Government response. The government claims existing security requirements already apply to relevant software, including off-device elements, and highlights current initiatives like NCSC principles and ongoing work to understand risks in enterprise devices.
Department for Culture, Media and Sport
14
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
We are concerned about the ongoing skills shortage, as recognised in both the Government and industry’s regular reporting on cybersecurity skills in the labour market, and believe that the shortage will be exacerbated further as the product safety regime comes into force. We support industry’s calls for the Government to …
Government response. The government acknowledges an ongoing cyber skills shortage and states it already funds free cyber bootcamps across the UK through the DfE and National Cyber Strategy Programme. It also commits to continuing engagement with industry on improving hiring and retention.
Department for Culture, Media and Sport
15
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
We are particularly concerned that, despite the shortage of cyber skills in the UK, there are stubborn and significant disparities in the cyber workforce based on gender and race and ethnicity. The Government should reflect on the significant disparities in gender and race/ethnicity in the cyber workforce and take steps …
Government response. The government agrees to address diversity in the cyber workforce, highlighting ongoing initiatives like funding the National Centre for Computing Education, DSIT's 'Upskill in Cyber' programme, and funding the UK Cyber Security Council to develop professional recognition processes.
Department for Culture, Media and Sport
16
Recommendation
Tenth Report - Connected tech: smart or…
Rejected
The creation of the Department for Science, Innovation and Technology is an opportunity to ensure a comprehensive, joined up approach to cyber policy. We recommend that responsibilities for cyber policy is co-ordinated by the dedicated Department for Science, Innovation and Technology and that government ensures collaboration between the Department and …
Government response. The government rejects the recommendation, stating that the UK National Cyber Strategy sets out a whole-of-government approach where various ministers have specific cyber responsibilities, and argues that national security cannot be separated from broader cyber policy.
Department for Culture, Media and Sport
17
Recommendation
Tenth Report - Connected tech: smart or…
Rejected
As the prevalence of connected technology grows, so too will the demand for the National Cyber Security Centre’s services. The Government should ensure that the National Cyber Security Centre has the capacity to meet demands for its services. It should explicitly consider and address capacity issues as part of its …
Government response. The government partially agrees, stating it ensures the NCSC is sustainably funded but rejects explicitly addressing NCSC capacity issues in its regular labour market reporting, instead confirming that NCSC needs are considered within broader workforce capacity assessments.
Department for Culture, Media and Sport
18
Recommendation
Tenth Report - Connected tech: smart or…
Acknowledged
The Government must make tackling technology-facilitated abuse, or “tech abuse”, a priority. There is little evidence to suggest that our law enforcement and criminal justice system has been equipped to deal with the problems caused by tech abuse now, let alone as connected devices become even more prevalent in future. …
Government response. The government agrees, stating that tackling technology-facilitated abuse is already recognised as a priority within existing strategies like the 2021 Tackling Violence Against Women and Girls Strategy, and commits to continuing to ensure it remains a priority.
Department for Culture, Media and Sport
19
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government’s response to tech abuse should involve upskilling law enforcement to improve the criminal justice response and increasing law enforcement’s and victims’ and survivors’ awareness of specialist services tackling violence against women and girls. The Government should also reflect on how official crime data on tech abuse can be …
Government response. The government partially agrees, committing to provide up to £8.3 million over two years for frontline support, including training on tech-facilitated abuse, and £150k for the Revenge Porn Helpline. It also commits to continuing to work with policing partners on …
Department for Culture, Media and Sport
20
Conclusion
Tenth Report - Connected tech: smart or…
Rejected
We want to see words from cross-sector stakeholders on tech abuse now leading to positive actions. The Office for Product Safety and Standards should, at the earliest opportunity, convene a “tech abuse working group” with stakeholders, bringing industry together with researchers, specialist support services and public services. This group should …
Government response. The government rejects the recommendation, stating there are no plans for OPSS to convene a tech abuse working group as aspects of tech abuse are addressed in existing policies and legal frameworks, and it is not within OPSS's primary remit.
Department for Culture, Media and Sport
1
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
We welcome the Government’s sensible proposals for regulating AI, including taking a sectoral approach underpinned by six cross-sector principles. However, there are outstanding weaknesses with this approach that the Government should clarify, including ensuring that sector regulators who do not currently regulate in the tech sector will build up technical …
Government response. The government recognises the need for central coordination for AI regulation and has already established a central risk function and is implementing a coordination function across government departments, with further details to be provided in their response to the white …
Department for Culture, Media and Sport
2
Recommendation
Eleventh Report - Connected tech: AI an…
Acknowledged
The Government should set out a plan to provide upskilling and resourcing for non- digital sector regulators to ensure they can meet the needs of the new cross-sector regulatory regime for AI.
Government response. The government recognises the need for central coordination and states it is establishing a central risk function and implementing a coordination function. It will provide further details in a forthcoming response to the white paper consultation.
Department for Culture, Media and Sport
3
Recommendation
Eleventh Report - Connected tech: AI an…
Deferred
The Government has announced that it intends to take on a central support role to buttress the regime for AI regulation and provide cross-sector cohesion. The Government should establish a discrete AI regulation co-ordination unit within Whitehall to ensure coherent working and enable robust stakeholder engagement. This unit should publish …
Government response. The government's response discusses implementing and ratifying the Beijing Treaty on Audiovisual Performances and exploring stronger protections against the misuse of performers' likenesses, but does not address the recommendation to establish a discrete AI regulation co-ordination unit or publish regular …
Department for Culture, Media and Sport
4
Conclusion
Eleventh Report - Connected tech: AI an…
Deferred
We are pleased that the Government has been listening to stakeholders on text and data mining intellectual property for commercial benefit and we are encouraged that Ministers are looking again at this. The current framework, which provides an exemption for text and data mining for non-commercial research purposes and otherwise …
Government response. The government responds by discussing its commitment to implementing the Beijing Treaty on Audiovisual Performances, which relates to moral rights for performers and deepfakes, and not to the committee's observation on text and data mining intellectual property.
Department for Culture, Media and Sport
5
Recommendation
Eleventh Report - Connected tech: AI an…
Deferred
We recommend that the Government does not pursue plans for a broad text and data mining exemption to copyright. Instead, the Government should proactively support small AI developers in particular, who may find difficulties in acquiring licences, by reviewing how licensing schemes can be introduced for technical material and how …
Government response. The government's response focuses on implementing the Beijing Treaty on Audiovisual Performances and addressing deepfakes, rather than directly addressing the recommendation concerning text and data mining copyright exemptions, licensing schemes, or a strong copyright regime for AI content.
Department for Culture, Media and Sport
6
Recommendation
Eleventh Report - Connected tech: AI an…
Deferred
The Government must work to regain the trust of the creative industries following its abortive attempt to introduce a broad text and data mining exemption. The Government should consider how creatives can ensure transparency and, if necessary, recourse and redress if they suspect that AI developers are wrongfully using their …
Government response. The government's response addresses the implementation of the Beijing Treaty on Audiovisual Performances and issues like deepfakes, sidestepping the recommendation to regain trust with creative industries and consider transparency and redress for wrongful AI use of creative works.
Department for Culture, Media and Sport
7
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
The Government’s initial handing of the text and data mining exemption to copyright for AI development, though eventually correct, shows a clear lack of understanding of the needs of the UK’s creative industries. All branches of Government need to better understand the impact of AI, and technology more broadly, on …
Government response. The government highlights its existing Creative Industries Sector Vision and significant investments, including over £300 million in growth support and £75 million for the CoSTAR programme, to drive innovation and technology in the creative industries. It also mentions ongoing assessments …
Department for Culture, Media and Sport
8
Conclusion
Eleventh Report - Connected tech: AI an…
Acknowledged
While institutions are understandably investing in products such as the metaverse and generative AI, this should not be to the exclusion of novel and emerging technologies, which are enabling artists to innovate and attract audiences. In order to encourage a rich and diverse cultural and creative technology ecosystem, the Government …
Government response. The government outlines the five objectives and scope of its forthcoming Cultural Education Plan, which aims to support high-quality cultural education for children and young people and strengthen talent pipelines, and will be published in the coming months.
Department for Culture, Media and Sport
9
Conclusion
Eleventh Report - Connected tech: AI an…
Acknowledged
As we have repeatedly raised, the tech sector and creative industries are experiencing long-standing skills and personnel shortages that have capped the potential for growth. The Government’s forthcoming Cultural Education Plan should explicitly discuss how educators can combine digital skills provision with creative and cultural education to nurture the next …
Government response. The government outlines the objectives of its Cultural Education Plan, including strengthening talent pipelines into cultural and creative sectors, and states the plan will be published in the coming months. However, it does not explicitly commit to detailing how educators …
Department for Culture, Media and Sport
10
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
The Government’s Cultural Education Plan Expert Advisory Panel has only recently been appointed, almost a year after the appointment of its chair and well over six months after Government said it would appoint its members. We have serious misgivings about the Government’s insistence that it will publish the Plan in …
Government response. The government clarified the scope and five objectives of the Cultural Education Plan, outlining the types of organisations it will cover. It committed to publishing the Plan "in the coming months."
Department for Culture, Media and Sport
11
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted in Part
The rapid growth of generative artificial intelligence and the impact this is already having on the ability of artists to protect their moral rights means that urgent action is necessary. The Government should improve protections for creatives to prevent misuse of their likeness and performances by emerging technologies such as …
Government response. The government committed to implementing and ratifying the Beijing Treaty, expecting it to come into force in late 2024, fulfilling the request for ratification. However, for broader protections against AI misuse of likeness, it will only "explore the case for …
Department for Culture, Media and Sport