Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what safeguards are in place to ensure that automated analysis by private tech companies of the content of private email complies with the UK General Data Protection Regulation and the Data Protection Act 2018.
Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology)
The UK’s data protection legislation applies to any processing of personal data regardless of the technology being used. Technology companies that screen or analyse personal emails must identify an appropriate legal ground for doing so, such as obtaining user consent. Personal data must also be processed fairly and transparently so that people can make informed decisions about whether to use a service.
The data protection legislation is monitored and enforced independently of government by the Information Commissioner’s Office (ICO). The ICO has published guidance for organisations on automated decision making, profiling and artificial intelligence at: Automated decision-making and profiling | ICO and Artificial intelligence | ICO. It will also consider complaints about organisations that fail to comply with the legislation.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the effectiveness of the regulatory framework governing VoIP services.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
As the independent regulator for telecommunications, Ofcom is responsible for making regulatory decisions in the fixed telecoms sector, including on Voice over Internet Protocol (VoIP).
However, while we are engaging with Ofcom and stakeholders on this issue, including with regard to the Public Switched Telephone Network (PSTN) migration to VoIP, the Department has not made any formal assessment of the effectiveness of the regulatory framework governing VoIP services.
VoIP uses fibre cables which are far more resilient than copper and offers consumers better quality calls, improved flexibility, and better protections against nuisance and scam calls. The Government is committed to ensuring that any risks from the industry-led migration from the PSTN to VoIP are mitigated for everyone. The Government secured additional safeguards to protect the vulnerable and landline dependent in November 2024. These include measures to identify the vulnerable and telecare users, timely and repeated communications, free engineer visits, and providing a battery back-up where appropriate.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the effectiveness of current obligations of tech companies to communicate to customers about how their data will be used.
Answered by Ian Murray - Minister of State (Department for Science, Innovation and Technology)
The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (DPA) impose obligations on tech companies to process customers’ personal data lawfully, fairly, transparently and securely, unless certain limited exemptions apply. Organisations must only process personal data where there are legitimate grounds to do so, and be clear with people about how and why their data is being used, such as through privacy notices.
The data protection legislation is monitored and enforced independently of Government by the Information Commissioner’s Office (ICO). The ICO has published guidance on transparency requirements here: https://ico.org.uk/for-organisations/advice-and-services/audits/data-protection-audit-framework/toolkits/accountability/transparency/.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what steps she is taking to help prevent the misuse of VoIP services for scam and nuisance calls.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
Tackling scam and nuisance calls are a priority for the Government, including via VoIP.
Unsolicited direct marketing calls are regulated by the Privacy and Electronic Communications Regulations 2003 and enforced by the Information Commissioner. Organisations must not make live marketing calls to a number that is registered on the Telephone Preference Service list or make automated marketing calls unless the recipient has specifically consented to receive them.
Government works closely industry and recently published the second Telecommunications Fraud Sector Charter, including actions to strengthen trust in voice communications. The Home Office will also publish its new Fraud Strategy with measures to prevent scam calls early this year.
Government also works closely with Ofcom who have a duty to protect consumers and a duty to ensure that UK numbers are not misused. Ofcom has made several changes in recent years, including since January 2025 under new rules by Ofcom operators have had to block calls from abroad which present as a UK numbers.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, whether her Department has had recent discussions with social media companies on the rapid removal of graphic or traumatic content depicting serious injury or death.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
DSIT has regular discussions with social media companies about a number of online safety matters, including tackling harmful content.
The Online Safety Act gives social media platforms duties to protect their users from harmful content. Under the regulatory regime, platforms must swiftly remove illegal content, including illegal content which depicts serious violence or injury.
Services likely to be accessed by children must put in place age-appropriate protections from violent content, and ensure they have accessible reporting mechanisms in place for parents and children.
Service providers must assess risks and design services to be safe. Ofcom has powers to investigate compliance and can take enforcement action where necessary.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment she has made of the level of use of virtual private networks since July 2025.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The government and Ofcom continue to monitor the use of VPNs since the Child Safety Duties commenced in July.
After these duties came into force, UK users of VPN apps temporarily doubled to around 1.5 million. Ofcom has since reported that VPN app usage dropped to around 900,000 by the end of November.
There remains limited evidence on how many children use VPNs and the government is working to address this gap. We will ensure any future interventions are proportionate and driven by the evidence.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what criteria his Department is using to select locations for AI Growth Zones.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
I refer the Hon. Member to the answer I gave on 24 October 2025 to Question UIN 82268.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what steps her Department is taking to ensure that the AI Growth Lab promotes (a) responsible and (b) ethical AI innovation.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The AI Growth Lab is designed to enable closely-supervised testing of innovative AI technologies in real-world settings, so that safe, beneficial AI can reach the market faster.
Robust safeguards would be in place, including clear “red lines” - regulations which are strictly out of scope, such as consumer safety provisions, fundamental rights, workers’ protections, and intellectual property rights – to maintain safety and preserve public trust.
The Call for Evidence, which is open until 2 January, seeks views from the public, Parliament and innovators to inform further development of proposals, helping to drive growth and responsible AI innovation.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, whether OpenAI’s UK data storage facilities will be subject to routine government security audits.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
Data centres were designated as Critical National Infrastructure (CNI) in September 2024. In recognition of this, the government is expected to introduce proportionate regulatory oversight of this sector. The expected vehicle is the Cyber Security and Resilience Bill (CSRB). This will encapsulate OpenAI operations that use colocation services which are covered by the regulations in the CSRB.
DSIT is actively considering options to further improve the cyber security and resilience of Data Centres, as outlined in the Cyber Security and Resilience Policy Statement that was published on 1 April 2025. This would apply to most UK based data centres, including those used by OpenAI.
Specific questions in relation to contracts between OpenAI and relevant Government Departments are a matter for that Government Department. Departments must carry out cyber security assurance of their critical services through GovAssure, assessing key security outcomes against the National Cyber Security Centre's Cyber Assessment Framework. Government’s Public Procurement Note 014 directs all commercial suppliers holding government OFFICIAL, personnel or citizen data to have a minimum of NCSC’s Cyber Essentials certification.
Asked by: Andrew Snowden (Conservative - Fylde)
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what steps she plans to take to encourage continued private investment in rural broadband infrastructure.
Answered by Kanishka Narayan - Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
In July, we published our draft Statement of Strategic Priorities for telecommunications, the management of radio spectrum, and postal services that sets out the Government’s view on infrastructure sharing in the fixed telecoms sector, including asking Ofcom to demonstrate greater transparency in how they calculate and set PIA prices.
The draft Statement also sets out how Ofcom can continue to support private investment across the UK, including in rural areas, by promoting competition.