Contact Us
  1. Home
  2. >
  3. News & Blog
  4. >
  5. Commercial
  6. >
  7. The new Labour...

NEWS & BLOG

The new Labour government’s approach to data security and AI:

The good news? A plan seems to be in place. The bad? A lot of regulation seems likely to follow.

Are you an owner-managed business, regular online retailer, or a business user of cloud & data services? If so, this one’s for you…

How important is data to everyday business in the UK?

Data and its associated infrastructure and services are increasingly crucial to the UK’s economy, future growth and security. For that reason, it’s strategically important at a national and global level. Without functioning, secure and reliable data infrastructure, the UK will struggle to innovate or even compete in the global economy.

Artificial Intelligence (“AI”) is a very ‘real’ innovation in the present day and is no longer considered in the realms of ‘sci-fi’. It has cemented its indispensability in day-to-day life and across a number of disciplines, namely:

  • Opening your phone with Face ID;
  • Large language models like ChatGPT;
  • Voice-controlled electric cars;
  • ‘Smart’ devices like smart TVs and smart thermostats;
  • Alexa and other equivalents, and
  • Watching your personalised recommendations on Netflix.

Equally, the world of trade and e-commerce is no different, where AI algorithms learn a customer’s purchasing or browsing patterns and push relevant recommendations. Likewise, in the world of banking, AI is used to help validate day-to-day business transactions, and in a very user-friendly manner.

AI is now deeply embedded in the day-to-day of modern life, so it’s safe to conclude… AI and its associated data are really here to stay.

How we manage that data is an important question to ask and is one the current Labour government is grappling with.

The Government’s plan to balance innovation and safety

The Government intends in light of this, to build the right business environment that encourages investment into the sector, whilst providing a safer framework for the development of AI. This stronger risk management framework will reflect the opportunities and challenges of our new ‘hyper-digital’ world.

Security threats continue to be a real issue for businesses, with such data infrastructure continuing to be an attractive target to those who intend to access and use the data for malign or criminal purposes. A delicate balance is certainly required between embracing innovation, and safeguarding the data that innovation produces.

What the last government planned to do

The UK government has previously stated that it wants the UK to be recognised as a science and technology ‘superpower’ by 2030. The National Data Strategy 2020 set out this commitment.

The former Conservative Government ran a consultation which sought to ‘test’ and gather further evidence to inform the development of proposals to improve and assure the security and resilience of current data infrastructure. Input was obtained from data centre operators; cloud platform providers; managed service providers; and academic/industry experts.

However, the Conservative’s Data Protection and Digital Information Bill failed to make it through Parliament before it was dissolved in May 2024 before the recent general election.

Labour’s proposals in the Kings speech

A LOT has changed since this initial consultation: … a new Government… a new Prime Minister… a new Chancellor of the Exchequer… and inevitably, a new Budget to follow.

The new Labour Government used the King’s Speech to lay out its plans (amongst others) around cyber resilience and data use. So data security remains very much ‘on the cards’ for this new Government’s agenda.

A fully-fledged ‘AI Bill’ was not announced during the State Opening of Parliament, but the King’s Speech set out how the Government would “seek to establish the appropriate legislation to place requirements on those working to develop the most powerful artificial intelligence models”.

The Government also announced that it would introduce the Cyber Security and Resilience Bill, which would give greater power to regulators to push more firms to implement better cybersecurity defences. It confirmed that the Bill would expand the remit of existing regulation and put regulators on a stronger footing, as well as increase the reporting requirements placed on businesses to help build a better picture of cyber threats to the UK. It would also be joined by a new Digital Information and Smart Data Bill, which would enable new, “innovative” uses of data to help boost the economy.

What this means for your business

A lot of regulation will undoubtedly follow in the coming months, but it is not likely to happen overnight.

It’s therefore a good idea for your business to start thinking about ensuring it has appropriate data policies and notices in place, as well as robust terms and conditions dealing with data handling and data processing.

With all the regulation that’s on the cards, now is really a good time to get ahead of the curve.


If you need help with your business’s data policies or would just like some support in preparing for the upcoming regulatory changes, our commercial team are on hand to offer timely and prudent legal advice.

To get started, you can contact Paul Lupton or Ines Ouadah in the Commercial Team. Call them on 0161 930 5117; email them at paul.lupton@gorvins.com  or ines.ouadah@gorvins.com; or complete the online enquiry form.