Department for Science, Innovation & Technology

The Government does not routinely comment on operational security matters. GOV.UK One Login works closely with the National Cyber Security Centre (NCSC) to identify and mitigate risks and align to the Cyber Assessment Framework (CAF). The programme is committed to achieving CAF compliance by the end of 2025/26, in line with Government standards.

The vast majority of premises will be covered by commercial activity or Project Gigabit, but it will remain too expensive to build a gigabit capable connection to a very small proportion of premises on either a commercial or subsidised basis. The government is exploring options for the kind of support that might be required and appropriate to ensure sufficient, affordable and reliable connectivity in these cases.

The Life Sciences Sector Plan will focus on enabling world-class R&D, making the UK an outstanding place to start, scale, and invest in life sciences, and driving healthcare innovation and reform. This approach will cement the UK’s global leadership in life sciences and support high-growth businesses, deliver better health outcomes across various diseases – including cardiovascular disease.

The Government is committed to supporting the digital economy, removing barriers to inclusive economic growth, and ensuring that the UK remains one of the best places in the world for our great tech businesses to start, scale and stay.

Programmes such as the SEIS/EIS schemes and R&D Tax Credits demonstrate the UK’s commitment to supporting tech companies in thriving in the UK.

The AI Action Plan sets out our intention to support the growth ambitions of businesses across the AI sector. Initiatives include opening the AI Research Resource to a wider pool of SMEs to drive forward new AI-enabled innovations, fostering national champions within the UK startup ecosystem, and unlocking data assets for startups to access.

The Labour Manifesto commits to “partner with scientists, industry, and civil society as we work towards the phasing out of animal testing”. While it is not yet possible to replace all animal use, we support the development and application of approaches that replace, reduce and refine animal use in research (the 3Rs), including via artificial intelligence. The Prime Minister launched the AI Opportunities Action Plan in January which outlined 50 actions needed to drive up the development and deployment of AI.

The Government will publish a strategy to support the development, validation and uptake of alternative methods later this year.

CityFibre is currently delivering a Project Gigabit contract across Norfolk.

However, Building Digital UK’s (BDUK) regular market reviews have indicated that premises in the PE30 3RW, PE30 3BZ and PE30 3NQ postcode areas are likely to be included in suppliers’ future commercial plans and should receive a gigabit-capable connection without the need for public subsidy.

BDUK continually monitors suppliers' commercial plans and, if it becomes apparent that these commercial plans will not deliver as expected, premises in these postcode areas may then become eligible for inclusion within the scope of Project Gigabit.

Vouchers issued under the Gigabit Broadband Voucher Scheme are valid for 12 months from the date issued. Building Digital UK (BDUK) maintains regular contact with local authorities and broadband suppliers to discuss any issues relating to the delivery of voucher projects, and suppliers can request an extension if they are experiencing delays to their rollout due to third parties, for example as a result of wayleave application and civil works.

As set out in ARIA's Framework Agreement, ARIA has unique operational freedoms, including over its research and project choice and its procedures. This independence allows ARIA to take bold steps to better understand the world we live in, and the Government supports ARIA exploring critical areas like this.

The Government is not in favour of using Solar Radiation Modification. ARIA is an independent research body, and they are conducting cautious, controlled research aimed at improving understanding of its risks and impacts. This will produce important information for decisions around the world.

Generative AI services - including chatbots - are regulated by the Online Safety Act where they allow users to share content, or they search the internet to provide responses. Such services are required to assess and mitigate the risk of harm to users from illegal content and services likely to be accessed by children will need to protect them from harmful content.

The Government published the final report of the Independent Pornography Review on 27 February. The Review found violent pornography is common and easily available online. It is right that the government takes time to understand this complex, deeply important topic. A further update will be provided in due course.

The Online Safety Act requires services publishing or hosting user-generated pornographic content to prevent children from accessing it using highly effective age assurance. Extreme pornography is a priority offence under the Act, requiring services to proactively mitigate and remove this illegal content on their platforms.

This Government is supporting the development of supply chains for compound semiconductors and other critical semiconductor materials as part of our work to deliver the upcoming Industrial Strategy, which includes Digital and Technologies as a priority growth-driving sector. We recently secured a £250 million investment from one of the world’s largest manufacturers of semiconductors - Vishay Technologies – into the UK’s largest semiconductor facility as part of plans to develop large-scale compound semiconductor manufacturing in the UK, supported by the government’s Automotive Transformation Fund. Investments such as this will help develop UK supply chains in this high growth area of technology.

(a) There are 4 staff within DSIT with one or more of the terms in their job title, the individual breakdowns are as follows - Equality: 0, Diversity: 0, Inclusion: 4, Race: 0, Gender: 0, LGBT: 0.

(b) There are 20 staff within UKRI and its research councils with one or more of the terms in their job title, the individual breakdowns are as follows: (note: some staff have multiple terms in their job title, while some staff only have one term in their job title, so the numbers below are greater than 20) - Equality: 18, Diversity: 18, Inclusion: 19, Race: 1, Gender: 0, LGBT: 0

It is not yet possible to replace all animal use due to the complexity of biological systems and regulatory requirements for their use. The Government has reviewed the FDA roadmap and is engaging with the MHRA on how to accelerate the science-led adoption of alternatives to the use of animals for drug development and testing. The Government will publish a strategy later this year that will support this ambition and accelerate the development, validation and uptake of alternative methods across the biosciences.

The Shared Rural Network continues to deliver 4G connectivity where there is limited or no coverage. Beyond this, our ambition is for all populated areas, including rural communities, to have higher quality standalone 5G by 2030.

We are working with Ofcom and the industry to ensure we have the right policy and regulatory framework to support investment and competition in the market.

Ofcom have written to me confirming that their improved online coverage checker will go live in the second half of June, which will better reflect people’s real experience. A copy of my letter and their letter has been deposited in the libraries of both houses.

Project Gigabit is the government’s programme to deliver gigabit-capable broadband to UK premises not included in suppliers' commercial plans.

As of the end of March 2024, over one million premises had been upgraded to gigabit-capable broadband through government-funded programmes.

More than £2.3 billion of contracts have already been signed to connect over one million more premises with gigabit-capable broadband, predominantly in rural areas.

The Data Bill does not alter data collection practices for public services.

Public service providers processing personal data are still subject to compliance requirements under data protection legislation.

The Government accepts the Supreme Court Ruling. We are working through this judgement carefully, including on how public services collect (and subsequently process) sex data in public services.

As of April 2025, the way that Devolved Administrations (DAs) receive funding for cyber security has changed. Previously ringfenced cyber budgets will be absorbed into departmental baselines and provided directly to DAs in their overall HM Treasury settlement.

The revised funding arrangements further support DAs, including the Northern Ireland Executive, to make their own choices about how to champion the cyber sector in each part of the UK. DSIT will continue to engage with the Northern Ireland Executive on how to assist the cyber sector, including through the Cyber Local programme.

DSIT continues to support the successful cyber ecosystem in Northern Ireland with key investments such as the Cyber AI Hub programme at Queen’s University Belfast.

As of April 2025, the way that Devolved Administrations (DAs) receive funding for cyber security has changed. Previously ringfenced cyber budgets will be absorbed into departmental baselines and provided directly to DAs in their overall HM Treasury settlement.

The revised funding arrangements further support DAs, including the Northern Ireland Executive, to make their own choices about how to champion the cyber sector in each part of the UK. DSIT will continue to engage with the Northern Ireland Executive on how to assist the cyber sector, including through the Cyber Local programme.

DSIT continues to support the successful cyber ecosystem in Northern Ireland with key investments such as the Cyber AI Hub programme at Queen’s University Belfast.

As of April 2025, the way that Devolved Administrations (DAs) receive funding for cyber security has changed. Previously ringfenced cyber budgets will be absorbed into departmental baselines and provided directly to DAs in their overall HM Treasury settlement.

The revised funding arrangements further support DAs, including the Northern Ireland Executive, to make their own choices about how to champion the cyber sector in each part of the UK. DSIT will continue to engage with the Northern Ireland Executive on how to assist the cyber sector, including through the Cyber Local programme.

DSIT continues to support the successful cyber ecosystem in Northern Ireland with key investments such as the Cyber AI Hub programme at Queen’s University Belfast.

We want to support local leaders to unlock their regions’ innovation potential – ensuring everyone benefits from innovation-led growth. Regardless of whether they have a Mayor or are a local authority. That’s why UK Research and Innovation invests in innovation across the UK, including through the £316 million Strength in Places Fund and £80 million Launchpads programmes. These are bolstering clusters in areas with and without devolution agreements. UKRI has awarded £85,000 to Ultraframe UK in the Ribble Valley, to develop high quality retrofit solutions.

The Government Digital Service (GDS) role is to ensure the delivery of digital services that work for all of our citizens. That includes monitoring the services each departments delivers online - to make sure they are providing support for citizens with low technical skills.

Additionally, there is strong regulation in place to provide technical specifications to improve the accessibility of websites and many other digital experiences to ensure that no citizen is left behind during this government's digital revolution.

Details on the £45 billion figure were published as part of the State of Digital government review. The £45 billion figure referenced reflects an estimate of potential long-term annual benefits from digital transformation across the public sector, covering simplifying and automating routine tasks, shifting transactions to cheaper digital channels, and reducing fraud and error. Estimates include both cash-releasing and non-cash-releasing benefits. The estimate is designed to highlight the value at stake and not to inform specific organisational implementation through disaggregation. The Government Efficiency Framework (GEF) does not require savings estimates to be disaggregated or published. Any implementation of projects to deliver this value will require further departmental analysis and appraisal, including cost and benefit realisation in accordance with the Green Book.

The Government is determined to ensure that any risks of the industry-led migration from the Public Switched Telephone Network (PSTN) to Voice over Internet Protocol (VoIP), also known as Digital Voice, are mitigated for all customers across the UK.

Communication providers, including BT, signed a voluntary PSTN Charter in December 2023, committing them to protecting vulnerable consumers during the PSTN migration. In November 2024, providers agreed to additional safeguards in the Non-Voluntary Migrations Checklist. The Government is engaging regularly with the signatories of the Charter to monitor their plans and to ensure compliance with the Checklist.

The Government have not requested that providers publish geographical timetables. Providers are migrating customers only when the safeguards are in place. Further, providers are starting migrating the least vulnerable customers first, regardless of geography.

The principle of collective responsibility requires that the privacy of ministerial discussions at cabinet and its committees be maintained. It is a long standing precedent that details of these proceedings are not disclosed publicly.

Sections 58 and 59 introduced limited retrospective rights to upgrade and share apparatus situated under land in specific circumstances. Sections 61 – 64 may have limited retrospective effect once in force: potentially affecting the terms on which affected agreements are renewed on expiry, but not directly altering the terms of any existing agreements. A consultation on draft regulations to commence sections 61-64 is open until 2 July.

The Labour Manifesto includes a commitment to “partner with scientists, industry, and civil society as we work towards the phasing out of animal testing”, which is a long-term goal. The government will publish a strategy to support the development, validation and uptake of alternative methods later this year. The Government will also be hosting a roundtable shortly with representatives from animal welfare organisations to discuss the strategy.

The cyber security of the UK is a priority for the government. We are taking a range of action to protect people, businesses and the economy from cyber threats. This year the government will introduce the Cyber Security and Resilience Bill to improve UK cyber defences and better secure our essential services and the IT infrastructure they rely upon. In Staffordshire, the Cyber Resilience Centre for the West Midlands is part of a nationwide police-led collaboration helping strengthen cyber resilience in small and medium-sized businesses, while the Cyber PROTECT Network operates in every police force area, providing advice and guidance to individuals to help protect against a range of threats and provide support to victims. The government’s Stop! Think Fraud campaign provides the public with advice on how to prevent fraud and cyber crime.

The Government is continually engaged with developments in the mobile sector. This involves considering sector-wide investment challenges and technological innovations and their impact on the market and rollout of high-quality infrastructure, as well as mobile signal and coverage issues and the quality of service afforded to mobile customers. This is separate to the Government’s work on the Product Security and Telecommunications Infrastructure Act 2022. The Government monitors the impacts of the PSTI Act reforms through ongoing tracking of progress against connectivity targets and stakeholder engagement.

No assessment of any disparity in treatment has been made. It will not be possible to retain a copper landline for telephone use only. From April 2024 to March 2025, there were over 2,600 major incidents on the Public Switched Telephone Network (PSTN), each affecting 500 or more customers. The decision to upgrade the PSTN has been taken by industry and is a necessity.

The PSTN migration does not affect the universal service obligations in the Electronic Communications Order 2003 which require the designated providers (BT and KCOM) to offer landline-only services throughout the UK. It is therefore possible to order a Voice over Internet Protocol landline without purchasing a general internet connection.

The Government is determined to ensure any risks arising from the industry-led migration of the Public Switched Telephone Network (PSTN) to Voice over Internet Protocol (VoIP), also known as Digital Voice, are mitigated for all customers across the UK.

In November 2024, providers, including BT, agreed to safeguards in the Non-Voluntary Migrations Checklist including requirements to provide resilience solutions, such as battery back-up units, for vulnerable customers, including the landline-dependent, to enable access to emergency organisations for at least one hour in a power outage. A number of communication providers have gone beyond this minimum, providing solutions that provide 4 to 7 hours that customers can use to power their router during a power cut.

Ofcom and its advisory committees are independent of government. The name of the advisory committee is therefore a matter for Ofcom.

The Online Safety Act makes the Committee’s role clear. The Act mandates that the Committee must advise the regulator on how providers should address mis- and disinformation on their services. It also requires them to advise Ofcom on exercising their transparency powers and fulfilling their statutory duty to promote media literacy in relation to mis- and disinformation. These duties remain unchanged and will be the focus of the new Online Information Advisory Committee.

Cyber criminals are attacking our public services and businesses with increased frequency, costing billions of pounds per year. The Cyber Security and Resilience Bill will protect more digital businesses than ever, essential services that the public rely on and our national security. The government is committed to minimising additional costs to business and will set out a full assessment of this in an impact assessment, to be published upon introduction of the Bill.

My department is working across government, including working closely with departments who act as cyber sector regulators, to deliver the government’s commitment to reducing the gap in cyber skills. Our assessment of this is set out in the Cyber Security Skills in the UK Labour Market Survey. The priority skillset for the Bill will be the Audit and Assurance specialism, as defined by the UK Cyber Security Council. We have made strides in reducing the gap in these skills this year with a reported fall to 18%, down from 28% in 2023.

Cyber criminals are attacking our public services and businesses with increased frequency, costing billions of pounds per year. The Cyber Security and Resilience Bill will protect more digital businesses than ever, essential services that the public rely on and our national security. The government is committed to minimising additional costs to business and will set out a full assessment of this in an impact assessment, to be published upon introduction of the Bill.

My department is working across government, including working closely with departments who act as cyber sector regulators, to deliver the government’s commitment to reducing the gap in cyber skills. Our assessment of this is set out in the Cyber Security Skills in the UK Labour Market Survey. The priority skillset for the Bill will be the Audit and Assurance specialism, as defined by the UK Cyber Security Council. We have made strides in reducing the gap in these skills this year with a reported fall to 18%, down from 28% in 2023.

GOV.UK One Login follows the relevant security standards for government and private sector services, and we take addressing security concerns very seriously. As of 1 May, all critical and high vulnerabilities have been addressed. Risk mitigation will continue to be central to our approach to ensure we keep pace with the constantly changing cyber threat landscape.

The GOV.UK One Login team collaborates closely with the National Cyber Security Centre (NCSC) to assess and mitigate risks associated with insider threats, unauthorised privileged access, and production environment compromise, aligning with the Cyber Assessment Framework outlined in the Government Cyber Security Strategy 2022-2030. Although the programme does not specifically pursue ISO 27001 certification, it adopts multiple overlapping controls and the risk management framework is based on the HMG Orange Book, which is closely aligned with ISO 27005 guidance on managing information security risks.

While assessments of insider threats have been made, copies of these assessments will not be placed in the Library of the House, as they are part of ongoing security measures and internal governance processes.

GOV.UK One Login takes the security clearance and audit of personnel very seriously. Access to production is granted only to those that require it and is closely monitored. As part of strengthening our approach to privileged access management, all individuals with production access to GOV.UK One Login must undergo a Security Check (SC), alongside further two-person checks for changes and audit loggings of actions. One Login has implemented a policy of SC clearance for all development staff; this is higher than Baselines Personnel Security Standard (BPSS) which is considered sufficient across many parts of government.

No personnel developed components of the One Login service offshore without prior consultation with the National Cyber Security Centre (NCSC). We undertook a risk assessment in consultation with the NCSC before any offshore development by a small number of developers took place.

Any code in GOV.UK One Login that was produced by overseas staff was further subjected to a review by a staff member with Security Check clearance in the UK before it was deployed to production. As of March 2025, there is no longer any off-shored development on GOV.UK One Login.

It is not a mandatory requirement to publish a Data Protection Impact Assessment (DPIA). We do have an obligation to let citizens know how we are processing their data, which we do via a privacy notice published on GOV.UK. We continually develop our DPIA to take into account the new identity verification journeys, such as the no photo ID route. Nevertheless, we are working on a publishable version of our DPIA which will be easy to digest for the public. The One Login programme meets with the Information Commissioners’ Office (ICO) on a monthly basis, engaging openly on programme developments, including iterations of the DPIA, and has been doing so since 2022. The lawful basis for data sharing in place has been agreed by the ICO.

The Government is working with the telecoms industry and Ofcom, the independent telecoms regulator, to ensure the migration happens safely. In November 2024 major communication providers agreed additional safeguards to protect vulnerable customers. It is for BT to determine their process for the migration, including for those in off-grid premises.

The Government is determined to ensure all risks arising from the industry-led migration of the Public Switched Telephone Network (PSTN) to Voice over Internet Protocol (VoIP), also known as Digital Voice, are mitigated for all customers across the UK.

The GOV.UK One Login programme works closely with the National Cyber Security Centre (NCSC) to identify and mitigate risks and align to the Cyber Assessment Framework (CAF). NCSC advises One Login on any key risks which should be prioritised as part of our security efforts. This independent review by NCSC is something we encourage and have continued to prioritise since the programme was established. As a Government Major Projects Portfolio programme (GMPP), the programme is subject to regular internal and external scrutiny and reporting. The Infrastructure and Projects Authority has reviewed the programme positively in the last three Assurance Gateway Reviews.

According to the independent website ThinkBroadband, over 99% of premises in Slough have access to superfast broadband speeds, and over 96% have access to a gigabit-capable (1000 Mbps) connection.

We currently expect the remaining premises in Slough to be reached by suppliers' commercial rollout, but if there are any premises that cannot be covered commercially, they will be considered for inclusion in Project Gigabit or other interventions.

The Government is determined to ensure that any risks arising from the industry-led migration of the Public Switched Telephone Network (PSTN) to Voice over Internet Protocol (VoIP) are mitigated for all customers across the UK.

In November 2024, providers agreed to safeguards in the Non-Voluntary Migrations Checklist including requirements to provide resilience solutions (e.g., battery back-up) for vulnerable customers, including the landline-dependent and those living in rural areas, to enable access to emergency organisations for at least one hour in a power outage. After discussions with government ministers, a number of communication providers have gone beyond this minimum, providing battery back-ups of 4-7 hours.

The National Space Council has not been reinstated under this government. However, along with the Ministry of Defence and other departments, the Department for Science, Innovation and Technology (DSIT) remains committed to ensuring that space activities are effectively coordinated across all relevant departments. On 22 April, Ministers from across government met to discuss our approach to this policy area and to develop plans in the government’s Spending Review and Strategic Defence Review.

GOV.UK One Login is a centrally funded programme, to deliver one ‘front door’ for government services in order to replace the previous landscape of siloed and duplicative sign-in and identity-proofing methods. This will save time for users and taxpayer money by avoiding duplication across government. As an organisation within government, Companies House services are included in this government programme. As is the case with all other government services on GOV.UK One Login, the service is free to use to enable inclusive and easy access to public services.

Government refuses to tolerate violence against women and girls. Sexually explicit deepfakes are degrading and harmful.

We are legislating to ban their creation in the Data (Use and Access) Bill and have introduced a further offence in the Crime and Policing Bill to criminalise the possession, creation or distribution of AI tools designed to generate child sexual abuse material.

Government is also actively looking at options to address ‘nudification’ tools themselves.