To match an exact phrase, use quotation marks around the search term. eg. "Parliamentary Estate". Use "OR" or "AND" as link words to form more complex queries.


Keep yourself up-to-date with the latest developments by exploring our subscription options to receive notifications direct to your inbox

Written Question
Members: Correspondence
Monday 26th February 2024

Asked by: Mike Penning (Conservative - Hemel Hempstead)

Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, when she plans to respond to the correspondence from the hon. Member for Hemel Hempstead of 20 July 2023, followed up on 2 August, 25 September, 20 October, 2 November 2023, and 11 January 2024, reference MP79291.

Answered by Michelle Donelan

The Department apologies for the severe delay the Member has experienced in this case. Timely responses to Member’s correspondence is a priority for the department, with resources being aligned to ensure the department achieves this in all cases. A full response will be issued to the Member as a matter of urgency.


Written Question
Artificial Intelligence
Monday 17th April 2023

Asked by: Mike Penning (Conservative - Hemel Hempstead)

Question to the Department for Science, Innovation & Technology:

To ask the Secretary of State for Science, Innovation and Technology, if he will respond to the open letter entitled Pause giant AI experiments: an open letter.

Answered by Paul Scully

It is important that industry voices are actively engaged in the discourse around responsible AI. British based companies, like Deepmind, are at the forefront of responsible innovation. However, it should be noted that questions have been raised regarding the veracity of some of the signatures of the open letter on Artificial Intelligence published by the Future of Life Institute (FLI). Some of the researchers whose work was cited in the letter have also apparently raised concerns. It is also important to note that the letter is not expressly targeted towards the UK or any other government.

Government recognises the need to act to adapt the way in which we regulate AI as systems become more powerful, and are put to different use. As Sir Patrick Vallance highlighted in his recent regulatory review, there is a small window of opportunity to get this right and build a regulatory regime that enables innovation while addressing the risks. Government agrees that a collaborative approach is fundamental to addressing AI risk and supporting responsible AI development and use for the benefit of society. The AI regulation white paper we published on 29 March identifies “trustworthy”, “proportionate” and “collaborative” as key characteristics of the proposed AI regulation framework.

The AI regulation white paper sets out principles for the responsible development of AI in the UK. These principles such as safety, fairness, and accountability are at the very heart of our approach to ensuring the responsible development and use of AI. We will also establish a central risk function to bring together cutting-edge knowledge from industry, regulators, academia and civil society – including skilled computer scientists with a deep technical understanding of AI - to monitor future risks and adapt our approach if necessary. This is aligned with the calls to action in FLI’s letter.

In addition, our recently announced Foundation Model Taskforce has been established to strengthen UK capability - in a way that is aligned with the UK’s values - as this potentially transformative technology develops.

The approach to AI regulation outlined in the AI regulation White Paper is also complemented by parallel work on AI Standards, supported by the AI Standards Hub launched in October 2022, and via the Centre for Data Ethics and Innvovation’s AI Assurance Roadmap, published in December 2021. In concert, our holistic approach to AI governance combining regulation with an approach to standards development and AI assurance is in line with efforts to develop shared safety protocols, and will at the same time allow the UK to benefit from AI technologies while protecting people and our fundamental values.


Written Question
Information Commissioner's Office: Data Protection
Monday 27th February 2023

Asked by: Mike Penning (Conservative - Hemel Hempstead)

Question to the Department for Science, Innovation & Technology:

To ask Secretary of State for Science, Innovation and Technology, if she will make an assessment of the potential merits of requiring the Information Commissioner’s Office to (a) maintain a (i) central and (ii) publicly accessible repository of privacy notices providing the required Articles 13 and 14 information in the standard format and (b) challenge organisations where the information provided does not fully and clearly inform data subjects.

Answered by Paul Scully

The UK Data Protection regime is administered and enforced independently of the government by the Information Commissioner’s Office (ICO). Article 52(1) of the UK General Data Protection Regulation (UK GDPR) requires that the Information Commissioner is to act with complete independence in performing his tasks and exercising his powers under the UK GDPR. Article 52(2) goes on to require that the Commissioner must remain free from external influence and neither seek nor take instructions from anybody when carrying out his functions under the UK GDPR. The Data Protection Act 2018 (DPA) sets out further detail about the governance arrangements and responsibilities of the Information Commissioner, in particular at Part 5 and Schedule 12.

The Information Commissioner is directly accountable to Parliament and reports against agreed key performance indicators to the DCMS Select Committee. The ICO-DCMS management agreement provides more information about the relationship between the ICO and DCMS, and can be found at: https://ico.org.uk/about-the-ico/who-we-are/relationship-with-the-dcms/.

The UK GDPR can be found at: https://www.legislation.gov.uk/eur/2016/679/contents, whilst the DPA can be found at: https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted.


Written Question
Data Protection
Monday 27th February 2023

Asked by: Mike Penning (Conservative - Hemel Hempstead)

Question to the Department for Science, Innovation & Technology:

To ask Secretary of State for Science, Innovation and Technology, if she will take steps to require that statutory disclosures under articles 13 and 14 of the General Data Protection Regulation be presented in a standard format that (a) identifies (i) all the personal data categories processed for each purpose and (ii) the lawful basis for each purpose and (b) itemises the rights available to data subjects in each case.

Answered by Paul Scully

Articles 13 and 14 give data subjects the right to be informed about the collection and use of their personal data. Article 13 and 14 already stipulate that controllers must include (i) information about the purposes of the processing for which the personal data are intended as well as the legal basis for the processing, and (ii) information about the rights available to the data subject in relation to their information, such as the rights of access, rectification and erasure.

Article 12 of the UK GDPR states that the information provided in Articles 13 and 14 must be provided in a ‘concise, transparent, intelligible and easily accessible form, using clear and plain language’. Additionally, Article 12 makes provision for this information to be provided in a variety of formats, rather than a single, standard format (‘the information shall be provided in writing, or by other means, including, where appropriate, by electronic means’).

The Information Commissioner’s Office (ICO) provides detailed guidance on the right to be informed. This guidance sets out that it is most effective to provide information to data subjects using a combination of different techniques including layering, dashboards, and just-in-time notices. The guidance also provides advice for controllers on what to consider when presenting this information to a data subject. This can be accessed here: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/the-right-to-be-informed/