2024: Key things to look out for in tech regulation

As political institutions slowly emerge from their Christmas hibernation, we look at the key unresolved issues in tech regulation in the UK and the EU. 

UK

Last year was a big one for tech regulation in the UK, with the passage of the Online Safety Act and the country’s hosting of the first ever AI Safety Summit. The defining political event of 2024 will undoubtedly be the general election, but with the poll not expected until later in the year, there is still plenty of time for the UK Government to pass its outstanding tech legislation. The Digital Markets, Competition and Consumer Bill, and the Data Protection and Digital Information Bill will undergo scrutiny in the House of Lords in the first two months of this year. Both pieces of legislation were in the recent King’s Speech and therefore we expect them to pass during this parliamentary session. However, the government is facing resistance from the House of Lords over some of the changes it has made to the bills during the legislative process, so neither’s progress is likely to be smooth. 

During the King’s Speech, the government also promised to pass the Automated Vehicles Bill. This legislation gives the government delegated powers to make autonomous vehicles on public roads a reality. These powers include creating safety and cyber security requirements for automated vehicles, introducing a licensing scheme for vehicles capable of operating without a responsible individual, and building a framework whereby those responsible for self-driving systems will be accountable for those systems while they are in use. The Automated Vehicles Bill will be scrutinised by the House of Lords from 10 January, giving it a good chance of clearing the necessary legislative hurdles before the election. 

Following the AI Safety Summit in November 2023, the government will publish its response to the consultation on its AI White Paper. The Labour Party and the House of Commons Science, Innovation and Technology Committee have called on the government to legislate for the UK’s regulatory authorities to operationalise the six principles of safe AI outlined in the white paper, but the government has hitherto refused to commit to this, arguing that it is too early to legislate. The government is expected to announce a new AI Opportunity Forum alongside its white paper response. The forum will explore the adoption of AI technologies across the private sector and will focus on how AI can be deployed to boost innovation and productivity, in distinction to the AI Safety Summit’s focus on existential risk.  

It is not just the UK Government that will be busy. The House of Lords Communications and Digital Committee will soon publish its report on Large Language Models, and the Intellectual Property Office may provide an update on ongoing talks between the tech and creative sectors on copyright. The Competition and Markets Authority is in the early stages of a possible review into the relationship between Microsoft and OpenAI, and Ofcom will need to undertake a lot of work to implement the Online Safety Act. While this work will take years, many of the initial consultations and some of the guidance (such as that on illegal content) will likely be published in 2024. 

The shadow of the general election looms large over all of this. The Labour Party is bulking up its tech expertise, with Shadow Secretary of State for Science, Innovation and Technology Peter Kyle hiring two tech policy advisors  and reportedly meeting with several tech executives. The Labour leadership has told shadow ministers to have their policy proposals ready by the end of January so that Labour’s manifesto can be completed in February. By that time, we should have a clear idea of what Labour’s offer is likely to be heading into the election. 

EU

It will also be an interesting year for tech regulation in Europe. We are approaching the end of the current EU mandate, with elections to the European Parliament in June 2024 and a new Commission due to be in place after the summer recess. The most recent Commission work programme is focused primarily on tying up loose ends, but there are still a few new initiatives on the horizon. Foremost among these is a white paper on telecoms policy, which Commissioner Breton is expected to present on 21 February, and which will form the blueprint for a Digital Networks Act. The policy seeks to address the perception that market fragmentation is holding European telecoms operators back. This has been welcomed by the individual operators and the body which represents them. Others have criticised the proposal, arguing that it is premature while the EU is still debating the Gigabit Infrastructure Act. 

The Gigabit Infrastructure Act, which is designed to stimulate the provision of high capacity ‘Gigabit’ networks, is currently in trilogues, with a political deal expected on either 25 January or 5 February. There are several other high-profile pieces of tech regulation at the same stage, including the Right to Repair policy, which makes it easier for consumers to repair defective goods, the Net Zero Industry Act, to boost the production of green technologies in the EU, and the Cyber Solidarity Act, which aims to improve the preparedness, detection and response to cybersecurity incidents across the EU. The Ecodesign Regulation, which empowers the Commission to adopt ecodesign requirements for products, and the AI Act, have been agreed politically by the Council and Parliament, but still require further technical negotiations before they can be formally adopted by both institutions. Finally, the recently adopted Data Act will come into force on 11 January 2024. 

Regulation of AI will remain a hot topic in 2024 even after the AI Act is adopted. The AI Liability Directive is still in preparation, although no substantial progress has been made either in the Council or the Parliament. The AI Liability Directive is often seen as the counterpart to the Product Liability Directive, on which the EU institutions reached a provisional agreement in December 2023. The Product Liability Directive updates the EU framework for defective products to take account of technological developments. Formal adoption of the Product Liability Directive is still pending.   

Belgium assumed the Presidency of the European Council on 1 January 2024 and has cited “strengthening Europe’s resilience to cybersecurity threats and addressing diverse challenges in telecommunications” among its chief priorities for its six-month mandate.  We might therefore expect to see the Cyber Resilience Act finalised before the parliamentary elections in June alongside its counterpart the Cyber Solidarity Act. The fate of the Platform Workers Directive remains unclear, however, after several Member States vetoed the final agreement between the Council and the Parliament.  As part of its ‘human-centred and sustainable approach to the digital transition’ encouraging ‘open strategic autonomy’, the Belgian Presidency is likely to push for regulation on the governance and transparency of algorithms and might propose the creation of a European Algorithms Agency. 

Inline Policy will be following all these developments, as well as anything else which emerges in either the UK or the EU. If you have any questions about any of these, or if you want to know more about the work that we do, please contact matthew.niblett@inlinepolicy.com.