Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Question to the Department for Digital, Culture, Media & Sport:
To ask His Majesty's Government what steps they are taking to address the risks posed by the use of artificial intelligence in the gambling industry, particularly (1) problem gambling, (2) addiction, and (3) mental health issues.
Answered by Lord Parkinson of Whitley Bay - Parliamentary Under Secretary of State (Department for Culture, Media and Sport)
The Gambling Commission, Great Britain’s statutory regulator, continues to monitor industry developments in artificial intelligence, informed by the expertise of its Digital Advisory Panel. This includes the exploration and consideration of the use of artificial intelligence and machine learning by gambling operators, and engagement with the industry better to understand their uses of AI. The Gambling Commission will continue to increase its capacity and capability to deploy data science in its regulation through the formation of a new Data Innovation Hub.
All gambling operators which provide gambling services to customers in Great Britain must be licensed by the Gambling Commission, and must comply with its codes of practice. The social responsibility code requires them to have and to put into effect policies and procedures to promote socially responsible gambling. These should reduce the risk of, and seek to identify those struggling with, problem gambling. The Gambling Commission has the power to remove an operating licence where a gambling business is deploying AI in a manner that undermines the statutory licensing objectives and duties.
Asked by: Lord Taylor of Warwick (Non-affiliated - Life peer)
Question to the Department for Business and Trade:
To ask His Majesty's Government what steps they are taking to assess the benefits, challenges and regulatory considerations of the potential integration of artificial intelligence in auditing practice within firms.
Answered by Lord Offord of Garvel - Parliamentary Under Secretary of State (Department for Business and Trade)
The Financial Reporting Council has conducted outreach with its regulated communities, establishing a Technology & Digital Steering Group, publishing work on the use of technology and committing to “promote improvement and innovation”. Overall, its view is that use of artificial intelligence and machine learning tools by those for which it has regulatory responsibility presents potential opportunities for quality improvements, though there are risks which require mitigation. The FRC continues to work on initiatives to support the safe use of these tools by audit firms, based on the principles in the Government's March 2023 white paper, “AI regulation: a pro-innovation approach”.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department of Health and Social Care:
To ask the Secretary of State for Health and Social Care, pursuant to the Answer of 23 December 2022 to Question 111586, on Medical Records: Data Protection, in which specific circumstances personal health data can be used for purposes beyond individual care and treatment; what is the legal basis for any such disclosure; and whether his Department informs the affected patients.
Answered by Will Quince
Health and care organisations must ensure there is a lawful basis for sharing confidential patient information from a person's medical records for purposes beyond their individual care and treatment. This will generally mean that the person has provided their consent; there is a statutory or other legal requirement to disclose information; or there is an overriding public interest justification.
When using personal data, health and care organisations must comply with UK General Data Protection Regulation (UKGDPR) requirements and are guided by the eight Caldicott principles which state that confidential patient information should only be used when it is lawful, necessary and there is a clear purpose for doing so.
There are a limited number of legal gateways that set aside the common law duty of confidentiality, such as the powers of NHS Digital under the Health and Social Care Act 2012 to require or request data- for example for purposes directed by the Secretary of State for Health and Social Care. In addition, where it can be demonstrated that it is impracticable to obtain patient consent or work with anonymised data, the Health Service (Control of Patient Information) Regulations 2002 permit personal information to be used for cancer registries, communicable diseases and other threats to public health and enable the approval of the use of confidential patient information for other ‘medical purpose’s such as research, clinical audit and service planning by the Health Research Authority (HRA), for research, or the Secretary of State, for other medical purposes. Before approving such applications, the HRA and Secretary of State must be advised by the Confidentiality Advisory Group, an independent body which considers all applications, balancing patient and public interest with appropriate use of confidential patient information without consent.
Both the UKGDPR and Caldicott principles include specific principles related to transparency and it is the responsibility of each health and care organisation to make a range of information materials readily available to patients and members of the public about what, why, how, when and where confidential patient information might be shared.
Asked by: Chi Onwurah (Labour - Newcastle upon Tyne Central)
Question to the Department of Health and Social Care:
To ask the Secretary of State for Health and Social Care, pursuant to the Answer of 23 December 2022 to Question 111586, on Medical Records: Data Protection, how many legal gateways there are which set aside the common law duty of confidence.
Answered by Will Quince
Health and care organisations must ensure there is a lawful basis for sharing confidential patient information from a person's medical records for purposes beyond their individual care and treatment. This will generally mean that the person has provided their consent; there is a statutory or other legal requirement to disclose information; or there is an overriding public interest justification.
When using personal data, health and care organisations must comply with UK General Data Protection Regulation (UKGDPR) requirements and are guided by the eight Caldicott principles which state that confidential patient information should only be used when it is lawful, necessary and there is a clear purpose for doing so.
There are a limited number of legal gateways that set aside the common law duty of confidentiality, such as the powers of NHS Digital under the Health and Social Care Act 2012 to require or request data- for example for purposes directed by the Secretary of State for Health and Social Care. In addition, where it can be demonstrated that it is impracticable to obtain patient consent or work with anonymised data, the Health Service (Control of Patient Information) Regulations 2002 permit personal information to be used for cancer registries, communicable diseases and other threats to public health and enable the approval of the use of confidential patient information for other ‘medical purpose’s such as research, clinical audit and service planning by the Health Research Authority (HRA), for research, or the Secretary of State, for other medical purposes. Before approving such applications, the HRA and Secretary of State must be advised by the Confidentiality Advisory Group, an independent body which considers all applications, balancing patient and public interest with appropriate use of confidential patient information without consent.
Both the UKGDPR and Caldicott principles include specific principles related to transparency and it is the responsibility of each health and care organisation to make a range of information materials readily available to patients and members of the public about what, why, how, when and where confidential patient information might be shared.
Asked by: Lucy Powell (Labour (Co-op) - Manchester Central)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, whether she has had discussions with Ofcom on the impact of a potential merger between Three and Vodafone on regulation in the telecoms market.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
In October 2022, Vodafone and Three announced that they were in talks to merge their UK businesses.
It is the statutory responsibility of the Competition and Markets Authority (CMA) to review mergers under the Enterprise Act 2002 with input from relevant sector regulators, in this case, it would be Ofcom. The Government has no role in the merger review or decision.
On 10 January 2023, I met Ofcom Chairman Lord Grade and one of the topics discussed was Ofcom’s view on the number of mobile operators in the market.
Asked by: Stephen Farry (Alliance - North Down)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, if she will make an assessment of the impact of the dramatisation of true crime events in television and film on the privacy of victims' families.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Government is committed to a free and independent media and does not intervene in what can and can not be broadcast, or in the regulation of how content is made.
Ofcom is required by legislation, and accountable to Parliament, to independently draw up and enforce a Broadcasting Code for television to ensure that audiences are adequately protected from harm. Within this, there are rules in place on fairness and privacy, which are designed to ensure that broadcasters avoid unfair or unjust treatment of individuals and avoid any unwarranted infringement of privacy in programmes.
Ofcom has responsibility for the Broadcasting Code, including for any amendments, and the Code is kept under continual review. In making any decision, Ofcom has to strike a balance between ensuring freedom of expression and protection from harm.
Under Ofcom’s Code, broadcasters should try to reduce the potential distress to victims and/or relatives when making or broadcasting programmes intended to examine past events that involve trauma to individuals, including crime, unless it is warranted to do otherwise. This applies to dramatic reconstructions and factual dramas, as well as factual programmes.
In particular, so far as is reasonably practicable, surviving victims and/or the immediate families of those whose experience is to feature in a programme, should be informed of the plans for the programme and its intended broadcast, even if the events or material to be broadcast have been in the public domain in the past.
Asked by: Stephen Farry (Alliance - North Down)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, whether she has made an assessment of the potential merits of introducing a requirement for production companies to (a) consult with and (b) gain the consent of a victim's family when dramatising true crime events for television and film.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Government is committed to a free and independent media and does not intervene in what can and can not be broadcast, or in the regulation of how content is made.
Ofcom is required by legislation, and accountable to Parliament, to independently draw up and enforce a Broadcasting Code for television to ensure that audiences are adequately protected from harm. Within this, there are rules in place on fairness and privacy, which are designed to ensure that broadcasters avoid unfair or unjust treatment of individuals and avoid any unwarranted infringement of privacy in programmes.
Ofcom has responsibility for the Broadcasting Code, including for any amendments, and the Code is kept under continual review. In making any decision, Ofcom has to strike a balance between ensuring freedom of expression and protection from harm.
Under Ofcom’s Code, broadcasters should try to reduce the potential distress to victims and/or relatives when making or broadcasting programmes intended to examine past events that involve trauma to individuals, including crime, unless it is warranted to do otherwise. This applies to dramatic reconstructions and factual dramas, as well as factual programmes.
In particular, so far as is reasonably practicable, surviving victims and/or the immediate families of those whose experience is to feature in a programme, should be informed of the plans for the programme and its intended broadcast, even if the events or material to be broadcast have been in the public domain in the past.
Asked by: Julian Knight (Independent - Solihull)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what assessment she has made of Ofcom's performance on its promoting and protecting competition responsibility set out by the Statement of Strategic Priorities; and if she will make a statement.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Government’s Statement of Strategic Priorities (SSP) for Ofcom (published in 2019) sets out that Ofcom must take account of the Government’s priorities for full-fibre connectivity, including by delivering stable and long-term regulation that incentivises network investment and ensures fair and effective competition between new and existing network operators when taking its regulatory decisions.
Ofcom is required to report on how it has considered the Statement every twelve months. The updates which form part of Ofcom’s Annual Reports can be found here: https://www.ofcom.org.uk/about-ofcom/annual-reports-and-plans.
Additionally, in 2021 Ofcom published its Wholesale Fixed Telecoms Market Review (WFTMR) which set out Ofcom’s decisions for regulation of the fixed telecoms markets until 2026. The WFTMR makes explicit mention of the government’s desire for regulatory stability and certainty set out in the Statement of Strategic Priorities.
Since the publication of our SSP for Ofcom, there are now over 80 companies investing over £35bn to connect premises all over the UK, and gigabit coverage has increased to over 72%, rising from just 6%.
Asked by: Jim Shannon (Democratic Unionist Party - Strangford)
Question to the HM Treasury:
To ask the Chancellor of the Exchequer, what steps his Department is taking to support security in the banking sector in the context of risk of Russian cyber attack; and if he will provide financial assistance to the banking sector to help maintain the integrity of its digital systems.
Answered by Richard Fuller
Responsibility for information technology infrastructure in the UK financial sector is primarily for the firms themselves. Financial assistance is not provided to firms to do so. However, the Financial Authorities have a role to play in supervising, coordinating and driving change to improve the sector’s operational resilience.
HMT works together with the Bank of England, the Prudential Regulation Authority, the Financial Conduct Authority (as the UK Financial Authorities), Cabinet Office, the National Cyber Security Centre and the National Crime Agency to improve cyber resilience across the finance sector.
The finance sector also benefits from having a dedicated team within the UK’s National Cyber Security Centre (NCSC). They work closely with the Financial Authorities and firms to help improve the sector’s resilience and provide support during incidents. This includes providing advice and consultancy to critical national infrastructure organisations to secure the confidentiality, integrity, and availability of the banking sector’s digital systems.
While the NCSC have stated they are not aware of any current specific threats to the UK, they have published guidance on actions organisations, including those in the finance sector, can take when the cyber threat is heightened. They have also warned that the threat may remain that way for some time and advised organisations on how to maintain a heightened security posture.
Asked by: Kevan Jones (Labour - North Durham)
Question to the Department for Digital, Culture, Media & Sport:
To ask the Secretary of State for Digital, Culture, Media and Sport, what sanctions the Ofcom can impose on advertisers referred to them by the Advertising Standards Agency for consistently breaking advertising standards.
Answered by Julia Lopez - Minister of State (Department for Science, Innovation and Technology)
The Advertising Standards Authority (ASA) is responsible for writing and enforcing standards for advertisers through the UK Code of Broadcast Advertising (BCAP Code) and the UK Code of Non-broadcast Advertising and Direct & Promotional Marketing (CAP Code). In certain areas of these codes the ASA can refer cases to a number of different backstop regulators who have additional enforcement powers. The regulators that can be involved depend on the media in which advertising is published or the type of breach in question.
The ASA’s responsibility for the day-to-day regulation of broadcast advertising content is established under a co-regulatory arrangement with Ofcom. Ofcom can take enforcement action, such as sanctions, against broadcasters who do not comply with ASA decisions and/or where breaches are sufficiently serious.
For non-broadcast advertising, including newspapers, magazines, out of home and the majority of online advertising, the self-regulatory framework primarily applies to advertisers. Where further powers of enforcement have been deemed necessary, the ASA is able to refer certain cases to relevant statutory backstop regulators, such as to the Gambling Commission in the case of gambling advertising, the Competition and Markets Authority in relation to competition in digital markets, and to Trading Standards Services for misleading advertising. Those organisations are able to apply sanctions in line with their respective legislative powers.
Separately, as a result of the Health and Care Act, from 1 January 2024, Ofcom will have the power to sanction broadcasters and online advertisers that breach restrictions surrounding the advertising of products high in fat, sugar or salt on TV or via paid-for advertising online. Ofcom will have statutory responsibility for enforcing restrictions including powers to designate functions to a frontline regulator who will be responsible for the day to day enforcement of the policy. Ofcom will be able to take enforcement action, including the imposition of financial penalties on broadcasters and online advertisers.
The Government consultation on the Online Advertising Programme launched earlier this year and closed on 8 June. The Online Advertising Programme is examining the regulatory model for online advertising to ensure it protects consumers and minimises harm. This work includes looking at the role of platforms and intermediaries, as well as advertisers, to ensure the overarching system is coherent, supporting a sustainable, transparent and accountable online advertising market. We will be publishing a Government response to the consultation in due course.