Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government what steps they are taking to monitor the compliance of artificial intelligence systems deployed in the UK with standards on privacy, transparency and non-discrimination.

The UK’s data protection framework adopts a technology-neutral and principles-based approach, that applies to all organisations processing personal data, including those deploying Artificial Intelligence systems. The Information Commissioner’s Office (ICO), which is responsible for enforcing data protection laws, has taken steps to provide guidance on how data protection law applies specifically to AI systems, including through updates following recent generative AI consultation series. The ICO also has the power to investigate and impose penalties for non-compliance. Organisations deploying AI systems are required to ensure that any personal data is processed fairly, lawfully, transparently, and securely. Where legal or similarly significant decisions have been made about individuals based solely on automated processing, organisations must put in place safeguards to allow individuals to exercise their right to make representations about the decisions, contest that decision, and to obtain human intervention for it.