Recommendations & Conclusions
13 items
1
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
Data rights are an important tool for empowering data subjects and balancing data processing against users’ rights and freedoms. However, there are many barriers to individuals being able to exercise these rights when using or interacting with connected tech, ranging from product design to digital literacy and resources. Users must …
Government response. The government agrees with the conclusion, stating that existing data protection legislation, including the UK GDPR, already addresses these issues by requiring transparent data processing and empowering individuals to report non-compliance to the ICO. It welcomes the ICO's existing recommendations …
Department for Culture, Media and Sport
3
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government should clarify the obligations in the Online Safety Bill for voice assistants, connected devices (like smart speakers) and other emerging technologies that can surface harmful content, to ensure that those that integrate search services in particular fall in-scope of the duties. It should also set out in its …
Government response. The government partially accepts the recommendation, clarifying that the Online Safety Act's broad scope covers voice assistants and connected devices integrating internet search, subjecting them to duties to conduct risk assessments and mitigate illegal content and harm to children.
Department for Culture, Media and Sport
5
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government should commit to ensuring that the Age-Appropriate Design Code is strengthened rather than undermined by data protection reform and to laying the revised code as soon as is practicable.
Government response. The government agrees with the recommendation, committing to ensure that forthcoming data protection reforms will not undermine the Age-Appropriate Design Code. The ICO will update its guidance, including the code, as soon as practicable once the Data Protection and Digital …
Department for Culture, Media and Sport
7
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The monitoring of employees in smart workplaces should be done only in consultation with, and with the consent of, those being monitored. The Government should commission research to improve the evidence base regarding the deployment of automated and data collection systems at work. It should also clarify whether proposals for …
Government response. The government partially accepts the recommendation, stating that workplace monitoring must comply with existing data protection law. It highlights safeguards in the Data Protection and Digital Information (No.2) Bill for automated decision-making and refers to its previously published AI Regulation …
Department for Culture, Media and Sport
8
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
The Information Commissioner’s Office should develop its existing draft guidance on “Employment practices: monitoring at work” into a principles-based code for designers and operators of workplace connected tech.
Government response. The ICO plans to publish final guidance for employers on employee monitoring in October, which will replace parts of the 2011 Employers Code of Practice, following a public consultation that closed in January.
Department for Culture, Media and Sport
12
Conclusion
Tenth Report - Connected tech: smart or…
Accepted
As the guidelines set out in the 2018 Code of Practice for Consumer IoT Security imply, cybersecurity and data protection are mutually reinforcing. Without cybersecurity, data cannot be meaningfully protected, while data protection can manage the risk and impact of cyberattack. The Information Commissioner’s Office, either bilaterally or through the …
Government response. The government commits that the Information Commissioner’s Office (ICO) will work with the Office for Product Safety Standards (OPSS), bilaterally or via the Digital Regulation Co-operation Forum, to support industry and ensure effective enforcement of new regulations.
Department for Culture, Media and Sport
13
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
Improving cybersecurity of consumer connected devices is an important and positive step, but the proliferation of connected tech in enterprise settings and the gap in the regime regarding network, storage and cloud security still present likely attack vectors that will continue to allow devices to be compromised. The Government should …
Government response. The government claims existing security requirements already apply to relevant software, including off-device elements, and highlights current initiatives like NCSC principles and ongoing work to understand risks in enterprise devices.
Department for Culture, Media and Sport
14
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
We are concerned about the ongoing skills shortage, as recognised in both the Government and industry’s regular reporting on cybersecurity skills in the labour market, and believe that the shortage will be exacerbated further as the product safety regime comes into force. We support industry’s calls for the Government to …
Government response. The government acknowledges an ongoing cyber skills shortage and states it already funds free cyber bootcamps across the UK through the DfE and National Cyber Strategy Programme. It also commits to continuing engagement with industry on improving hiring and retention.
Department for Culture, Media and Sport
15
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
We are particularly concerned that, despite the shortage of cyber skills in the UK, there are stubborn and significant disparities in the cyber workforce based on gender and race and ethnicity. The Government should reflect on the significant disparities in gender and race/ethnicity in the cyber workforce and take steps …
Government response. The government agrees to address diversity in the cyber workforce, highlighting ongoing initiatives like funding the National Centre for Computing Education, DSIT's 'Upskill in Cyber' programme, and funding the UK Cyber Security Council to develop professional recognition processes.
Department for Culture, Media and Sport
19
Recommendation
Tenth Report - Connected tech: smart or…
Accepted
The Government’s response to tech abuse should involve upskilling law enforcement to improve the criminal justice response and increasing law enforcement’s and victims’ and survivors’ awareness of specialist services tackling violence against women and girls. The Government should also reflect on how official crime data on tech abuse can be …
Government response. The government partially agrees, committing to provide up to £8.3 million over two years for frontline support, including training on tech-facilitated abuse, and £150k for the Revenge Porn Helpline. It also commits to continuing to work with policing partners on …
Department for Culture, Media and Sport
1
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
We welcome the Government’s sensible proposals for regulating AI, including taking a sectoral approach underpinned by six cross-sector principles. However, there are outstanding weaknesses with this approach that the Government should clarify, including ensuring that sector regulators who do not currently regulate in the tech sector will build up technical …
Government response. The government recognises the need for central coordination for AI regulation and has already established a central risk function and is implementing a coordination function across government departments, with further details to be provided in their response to the white …
Department for Culture, Media and Sport
7
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
The Government’s initial handing of the text and data mining exemption to copyright for AI development, though eventually correct, shows a clear lack of understanding of the needs of the UK’s creative industries. All branches of Government need to better understand the impact of AI, and technology more broadly, on …
Government response. The government highlights its existing Creative Industries Sector Vision and significant investments, including over £300 million in growth support and £75 million for the CoSTAR programme, to drive innovation and technology in the creative industries. It also mentions ongoing assessments …
Department for Culture, Media and Sport
10
Recommendation
Eleventh Report - Connected tech: AI an…
Accepted
The Government’s Cultural Education Plan Expert Advisory Panel has only recently been appointed, almost a year after the appointment of its chair and well over six months after Government said it would appoint its members. We have serious misgivings about the Government’s insistence that it will publish the Plan in …
Government response. The government clarified the scope and five objectives of the Cultural Education Plan, outlining the types of organisations it will cover. It committed to publishing the Plan "in the coming months."
Department for Culture, Media and Sport