The Bill introduces significant provision for the creation of a regulator body, AI officer appointment, and transparency obligations
Robb Hiscock
Senior Content Marketing Specialist, CIPP/E CIPM
November 27, 2023
On November 23, 2023, the Artificial Intelligence (Regulation) Bill was introduced in the UK House of Lords, adding to the growing body of existing and proposed AI regulations, including in regions such as the EU and China. The Bill introduces a range of requirements for businesses that develop, deploy, or use Artificial Intelligence systems. The first reading of the bill took place on November 22, signaling the start of its journey through the House of Lords. The second reading is yet to be scheduled.
The bill still remains in its infancy, and it comes just a few weeks after the Prime Minister, Rishi Sunak, gave a speech noting that “The UK’s answer is not to rush to regulate.” However, should it progress, it outlines some key requirements to be aware of including the creation of an AI authority in the UK, the need to appoint an AI officer, and reporting requirements when training AI of third-party data and intellectual property (IP).
The bill sets out nine clauses including regulatory principles, transparency obligations, and regulatory sandboxes, among other things. However, some of the more significant provisions, detailed below, will establish rules for appointing individuals responsible for an organization’s oversight of AI, the creation of a regulatory body, and reporting obligations. Here is a closer look at a selection of the most significant provisions of the UK AI Bill.
The bill aims to establish a regulatory body, the AI Authority, that will have responsibilities including ensuring harmonized AI-related regulatory approaches, analyzing gaps in AI regulation, and reviewing relevant laws, such as those related to product safety, privacy, and consumer protection.
The AI Authority will also evaluate the regulatory framework's effectiveness in fostering innovation and managing AI risks across the economy. It will engage in horizon-scanning, collaborate with the AI industry, support initiatives to bring AI technologies to market, accredit independent AI auditors, and educate businesses and individuals about AI. Additionally, the AI Authority will be responsible for aligning with international AI regulatory standards.
Another major provision found within the bill relates to a requirement for certain organizations to appoint an AI officer. The bill states that consultation between the Secretary of State, the AI Authority, and relevant experts must take place to establish specific regulations for every business involved in AI development, deployment, or use to appoint a designated AI officer. The officer is responsible for ensuring AI is used safely, ethically, and without bias or discrimination within the business. Additionally, the officer must seek to guarantee that data used in AI technologies is unbiased.
Furthermore, this provision contains an amendment to The Companies Act 2006, which will update section 414C(7)(b) to include details about AI developments and the appointed AI officer's role and activities.
Under the bill, the AI Authority will be required to establish regulations ensuring that:
Furthermore, the regulations may specify the nature of informed consent either as explicit (opt-in) or implicit (opt-out) and may vary based on different scenarios.
The AI Bill introduced to the House of Lords is at its earliest stage in the legislative process and therefore is subject to change following a range of consultations as it makes its way through both Houses. However, the rapid adoption of AI technologies and subsequent regulatory attention means that businesses should be developing robust AI governance programs to ensure they are developing, deploying, and using AI systems responsibly.
In relation to the UK AI Bill, developing an AI governance program based on industry recognized frameworks – e.g. the NIST AI RMF – in preparation for new regulations will set organizations on the right path for when compliance obligations become a reality. Under the AI Bill in the UK, AI officers will need to oversee how their organizations build and use AI systems and will need to submit transparency to the AI Authority. Therefore, it’s essential that they are empowered with full visibility into the different systems, training models, and data that the organization has in order to ensure the correct safeguards and controls are implemented.
The OneTrust AI Governance solution helps organizations to build visibility, transparency, and oversight into their AI adoption. The solution enables relevant teams to understand where AI/ML is being used, built, or procured, with a centralized inventory of AI systems. AI governance teams also have the ability to assess risks in individual AI applications and compliance with global requirements. Additionally, training datasets can be tracked and monitored to promote transparency, remediate issues with data quality, and recognize and address biases.
For more information about OneTrust’s Ai Governance solution, request a demo and speak to expert today.
Webinar
This webinar will explore the key privacy pitfalls organizations face when implementing GenAI, focusing on purpose limitation, data proportionality, and business continuity. Attendees will gain insights into how to navigate these challenges through strong data governance, version control, and detailed model documentation to ensure compliance and mitigate risks.
Report
Getting Ready for the EU AI Act, Phase 1: Discover & Catalog, The Gartner® Report
Webinar
This webinar unpacks California’s approach to AI and emerging legislations, including legislation on defining AI, AI transparency disclosures, the use of deepfakes, generative AI, and AI models.
eBook
Download this eBook to explore strategies for trustworthy AI procurement and learn how to evaluate vendors, manage risks, and ensure transparency in AI adoption.
Webinar
Join our webinar and learn about the EU AI Act's enforcement requirements and practical strategies for achieving compliance and operational readiness.
Video
Learn how OneTrust AI Governance acts as a unified program center for AI initiatives so you can build and scale your AI governance program
Webinar
Watch this webinar for insights on ensuring responsible data use while building effective AI and privacy programs.
Webinar
Discover the EU AI Act's impact on your business with our video series on its scope, roles, and assessments for responsible AI governance and innovation.
Resource Kit
Download this resource kit to help you understand, navigate, and ensure compliance with the EU AI Act.
Webinar
In this webinar, we'll navigate the intricate landscape of AI Governance, offering guidance for organizations whether they're developing proprietary AI systems or procuring third-party solutions.
eBook
Discover the ISO 42001 framework for ethical AI use, risk management, transparency, and continuous improvement. Download our guide for practical implementation steps.
Webinar
Join out webinar to hear about the challenges and solutions in AI governance as discussed at the IAPP conference, featuring insights and learnings from our industry thought leadership panel.
Webinar
Colorado has passed landmark legislation regulating the use of Artificial Intelligence (AI) Systems. In this webinar, our panel of experts will review best practices and practical recommendations for compliance with the new law.
Webinar
In this webinar, we’ll break down the AI development lifecycle and the key considerations for teams innovating with AI and ML technologies.
Report
In this 5-part regulatory article series, OneTrust sponsored the IAPP to uncover the legal frameworks, policies, and historical context pertinent to AI governance across five jurisdictions: Singapore, Canada, the U.K., the U.S., and the EU.
Webinar
In this webinar, we’ll look at the AI development lifecycle and key considerations for governing each phase.
Webinar
This webinar will provide insights for navigating the pivotal intersection of the newly announced OMB Policy and the broader regulatory landscape shaping AI governance in the United States. Join us as we unpack the implications of this landmark policy on federal agencies and its ripple effects across the AI ecosystem.
Webinar
In this webinar, we’ll discuss the evolution of privacy and data protection for AI technologies.
Resource Kit
What actually goes into setting up an AI governance program? Download this resource kit to learn how OneTrust is approaching our own AI governance, and our experience may help shape yours.
White Paper
Download this white paper to explore key drivers of AI and the challenges organizations face in navigating them, ultimately providing practical steps and strategies for setting up your AI governance program.
Webinar
In this webinar, we’ll discuss key updates and drivers for AI policy in the US; examining actions being taken by the White House, FTC, NIST, and the individual states.
In-Person Event
Learn how privacy, GRC, and data professionals can assess AI risk, ensure transparency, and enhance explainability in the deployment of AI and ML technologies.
Webinar
In this webinar, OneTrust DataGuidance and experts will examine global developments related to AI, highlighting key regulatory trends and themes that can be expected in 2024.
Webinar
In this webinar, we’ll break down the four levels of AI risk under the AI Act, discuss legal requirements for deployers and providers of AI systems, and so much more.
Webinar
Join Sidley and OneTrust DataGuidance for a reactionary webinar to unpack the recently published, near-final text of the EU AI Act.
Webinar
Join our panel of expert privacy professionals as they dissect the key happenings in 2023 and how privacy professionals can approach what may occur in 2024.
Webinar
In this webinar we’ll look at the AI Governance landscape, key trends and challenges, and preview topics we’ll dive into throughout this masterclass.
Webinar
OneTrust sponsored the first annual Generative AI survey, published by ISMG, and this webinar breaks down the key findings of the survey’s results.
Report
OneTrust sponsored the first annual ISMG generative AI survey: Business rewards vs. security risks.
Webinar
In this webinar, we’ll talk about setting up an AI registry, assessing AI systems and their components for risk, and unpack strategies to avoid the pitfalls of repurposing records of processing to manage AI systems and address their unique risks.
Infographic
A Conformity Assessment is the process of verifying and/or demonstrating that a “high- risk AI system” complies with the requirements of the EU AI Act. Download the infographic for a step-by-step guide to perform one.
eBook
With the use of AI proliferating at an exponential rate, the EU rolled out a comprehensive, industry-agnostic regulation that looks to minimize AI’s risk while maximizing its potential.
Webinar
Join this webinar demonstrating how OneTrust AI Governance can equip your organization to manage AI systems and mitigate risk to demonstrate trust.
White Paper
What are your obligations as a business when it comes to AI? Are you using it responsibly? Learn more about how to go about establishing an AI governance team.
Webinar
Stay ahead of US privacy laws as we explore the lessons learned from CCPA and FTC enforcement and how AI is effecting the regulatory landscape.
Infographic
AI Governance is a huge initiative to get started with for your organization. From data mapping your AI inventory to revising assessments of AI systems, put your team in a position to ensure responsible AI use across all departments.
White Paper
Download this white paper to learn how your organization can develop an AI governance team to carry out responsible AI use in all use cases.
eBook
We answer your questions about AI and chatbot privacy concerns and how it is changing the global regulatory landscape.
Webinar
Prepare your business for EU AI Act and its impact on the UK with this expert webinar. We explore the Act's key points and requirements, building an AI compliance program, and staying ahead of the rapidly changing AI regulatory landscape.
Webinar
Join Sidley and OneTrust DataGuidence as we discuss the proposed EU AI Act, the systems and organizations that it covers, and how to stay ahead of upcoming AI regulations.
White Paper
With AI systems impacting our lives more than ever before, it's crucial that businesses understand their legal obligations and responsible AI practices.
Webinar
Join OneTrust and their panel of experts as they explore Artificial Intelligence regulation within the UK, sharing invaluable insights into where we are and what’s to come.
Regulation Book
Download this reference book and have foundational AI governance documents at your fingertips as you position your organization to meet emerging AI regulations and guidelines.
Webinar
Navigate global AI regulations and identify strategic steps to operationalize compliance with the AI governance masterclass series.