UK gov invites experts to contribute to its overhauled AI regulatory approach
The new approach will not adopt the EU's centralised model and sits alongside the National AI Strategy and Data Protection and Digital Information Bill


The UK government has announced its intention to introduce new regulations for artificial intelligence (AI) to plug ‘confusing’ gaps and inconsistencies in current regulatory approaches.
Industry experts, academics, and civil society organisations are invited to take part in a 10-week call for evidence that begins today and runs up until 26 September. The input will help shape the government’s actions in putting its plans into place.
Announcing the news this morning, the Department for Culture, Media and Sport (DCMS) said that it wants the regulations to differ from the EU’s centralised approach.
It plans to introduce a set of rules that can be interpreted and enforced by numerous regulators such as the Information Commissioner’s Office (ICO), Ofcom, and the Competition and Markets Authority (CMA).
The government believes that by pursuing this decentralised model, each regulator will be able to take a “tailored approach” and apply the regulations more effectively in a range of different contexts.
While the final regulations have yet to be codified, the DCMS said the initial approach will require AI developers to adhere to six key principles:
- Ensure that AI is used safely
- Ensure that AI is technically secure and functions as designed
- Make sure that AI is appropriately transparent and explainable
- Consider fairness
- Identify a legal person to be responsible for AI
- Clarify routes to redress or contestability
The principles summarise the approach that was published in full this morning in the government’s latest AI paper.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
According to the government’s research, organisations report a lack of clarity in the current regulations which is a particular issue for small businesses that may not have access to the legal support required to interpret them accurately.
The new regulations will also aim to tackle the perceived inconsistencies with enforcement. Different regulators are currently seen as having varying levels of power to regulate AI within their respective remits, which means AI products could subsequently reach the market with different levels of oversight depending on the target market.
The government also acknowledges that current legislation has not been developed with consideration to AI. This means the associated risks with the technology aren’t properly addressed and developers may not be able to innovate in the most optimal regulatory conditions.
The new rules will aim to foster innovation in the AI sector, ensuring the UK continues to grow and compete as a global innovator in the space, while also addressing the widespread issues with the technology such as reliability and unfair biases.
Regulators will be encouraged to consider “lighter touch options” such as offering guidance or creating trial environments so products can be tested before reaching the market.
The DCMS said the UK leads Europe and currently sits third in the world for private AI investment. Domestic companies attracted £3.88 billion in investment last year, it said.
“We want to make sure the UK has the right rules to empower businesses and protect people as AI and the use of data keeps changing the ways we live and work,” said Damian Collins, digital minister.
“It is vital that our rules offer clarity to businesses, confidence to investors and boost public trust. Our flexible approach will help us shape the future of AI and cement our global position as a science and tech superpower.”
Data Reform Bill tie-in
The Data Reform Bill, recently renamed to the Data Protection and Digital Information Bill, is closely linked to the proposed overhaul of the UK’s AI regulations.
The bill is currently going through parliament and aims to offer greater flexibility to the way businesses can use data. The rules will dilute those introduced by the GDPR and domestically by the Data Protection Act 2018 but falls short of abolishing it entirely.
Announcing the Bill last month, the government said it would bring around £1 billion in savings for businesses while eliminating the ‘unnecessary’ red tape and box-ticking exercises that the GDPR’s rules enforce.
Although the new Bill aims to water down the data protections afforded by the GDPR, the government insists it will continue to preserve the privacy of individuals but do so in a way that allows businesses to use personal data more easily for things like scientific research.
National AI Strategy
The new approach to regulating AI is the latest step in the government's National AI Strategy. Initially announced last year, the ten-year strategy aims to keep the UK in its leading position as a global AI innovator.
Effective governance of the technology formed one of the key pillars of the strategy, along with ensuring the technology benefits all areas of the economy.
As part of the strategy, the government also plans to build a National AI Research and Innovation Programme that will provide a platform for collaboration among all the country's leading AI experts and researchers, to boost public sector adoption of AI.
Separate programmes are also being proposed to accelerate the development of AI outside of London and the South East of England.

Connor Jones has been at the forefront of global cyber security news coverage for the past few years, breaking developments on major stories such as LockBit’s ransomware attack on Royal Mail International, and many others. He has also made sporadic appearances on the ITPro Podcast discussing topics from home desk setups all the way to hacking systems using prosthetic limbs. He has a master’s degree in Magazine Journalism from the University of Sheffield, and has previously written for the likes of Red Bull Esports and UNILAD tech during his career that started in 2015.
-
The Race Is On for Higher Ed to Adapt: Equity in Hyflex Learning
By ITPro
-
Google faces 'first of its kind' class action for search ads overcharging in UK
News Google faces a "first of its kind" £5 billion lawsuit in the UK over accusations it has a monopoly in digital advertising that allows it to overcharge customers.
By Nicole Kobie
-
Top data security trends
Whitepaper Must-have tools for your data security toolkit
By ITPro
-
Why bolstering your security capabilities is critical ahead of NIS2
NIS2 regulations will bolster cyber resilience in key industries as well as improving multi-agency responses to data breaches
By ITPro
-
SEC data breach rules branded “worryingly vague” by industry body
News The new rules announced last week leave many questions unanswered, according to security industry experts
By Ross Kelly
-
Crackdown on crypto needed to curb cyber crime, says expert
News Threat actors would struggle to generate money without the anonymity provided by unregulated digital tokens, but such a move would require worldwide buy-in
By Rory Bathgate
-
The gratitude gap
Whitepaper 2023 State of Recognition
By ITPro
-
UK government opts against regulation for cyber security standards
News UK Cyber Security Council will move ahead with its planned chartered standards, with the government to monitor its adoption
By Daniel Todd
-
Encryption battle plays out in Australian Parliament
News The opposition said that the government is “addicted to secrecy”
By Zach Marzouk
-
Majority of Americans say ransomware attacks should be considered terrorism
News Most also believe it should be made illegal to pay ransoms to hackers
By Danny Bradbury