At just after 1pm on 5th July 2024, Sir Keir Starmer announced that he’d accepted an invitation from the King to form the next Government. Labour has a majority not seen since the days of Tony Blair but how might it use its time in office to change the world of compliance?
The Labour manifesto is 135 pages long but won’t tell the whole story for what’s ahead for compliance following the UK General Election.
Clearly there will be work to be done in setting out the agenda for the next 5 years and many key ministerial appointments have not yet been made but, with the usual qualifications on these being predictions and not fact here’s some thoughts:
Bribery & corruption
The last Labour Government saw the passing of the Bribery Act 2010 as one of the key components of its time in office when it was last in power. But it didn’t have time to enforce the Act as the Act was effectively passed in the last days of Gordon Brown’s administration. It has the opportunity now to enforce an anti-corruption agenda. Sir Keir was formerly head of the Crown Prosecution Service (CPS) and knows the criminal justice system well.
At the same time Labour has promised to look at corrupt contracts from the last administration, notably in PPE procurement during the pandemic. They inherit a new Director of the SFO who’s only been in office since September 2023 and he seems keen on change too with new investigations including dawn raids. In addition Labour proposed a new COVID Corruption Commissioner specifically tasked with looking into £7.2bn of contracts which have caused concern.
The new administration has a chance to increase anti-corruption enforcement and show change from what was perceived to be a more lax enforcement regime during Boris Johnson’s time in office.
AI
The new Government is also likely to look again at AI enforcement. Whilst the EU AI Act seeks to regulate AI through a new legal regime, the last UK Government favoured self-regulation. That may change. Labour plans to set up a new Regulatory Innovation Office which will look at the challenges of AI and support existing regulators including the Information Commissioner’s Office and the Competition and Markets Authority in using their existing powers to regulate AI. Labour may also bring in specific legislation – that might be a simplified version of the EU AI Act. With a decent majority and a favourable legislative timetable it may even be possible for new UK legislation to come into force by at the same time as the EU legislation in 2026.
Labour also plans to set up a National Data Library which can be used to support AI applications given the issues which exist with training data currently. The model could be the new Rail Data Marketplace set up under the last administration.
Data protection
The proposed Data Protection & Digital Information Bill did not survive the wash-up process at the end of the outgoing Parliament. This would likely signal Labour opposition to some aspects of the Bill. It is likely to return in a modified form removing some of its more controversial provisions. The new administration is also likely to be more cautious about jeopardizing the UK’s EU adequacy status so expect fewer changes to UK data protection law than previously proposed. These changes might include some relaxation of some aspects of GDPR for research and innovation especially in an attempt to improve the NHS.
Justice
Labour has made commitments to tackle crime, policing and the court backlog. They have also made commitments to fix the prison system. If they can pull this off this may free up resources for more white collar investigations including in bribery as we’ve mentioned above and enforcing recently enacted anti-fraud legislation.
Public sector
Those dealing with the public sector can expect changes here too. Labour has proposed a so-called ‘Hillsborough Law’ with a new duty of candour for public servants. In addition, whilst not a manifesto commitment, there may be an extension of the Freedom of Information (FOI) regime to those in the private sector undertaking work for the public sector.
Trade & customs
The Labour party has a manifesto commitment to review trade barriers. This could lead to closer alignment with the EU. Likely members of Sir Keir’s cabinet have also favoured using exiting legislation to look more closely at the origin of goods, notably goods made in alleged slavery conditions in the Xinjiang Uygur Autonomous Region (XUAR). Tougher action on XUAR may also be politically expedient for a Labour Government wishing to learn lessons from a perceived lack of support for Muslim interests in some constituencies.
Labour/employment law
Labour is likely to want to review the existing employment law regime in its first 10 days. This could include a right to disconnect but this is unlikely to be as hard and fast as the laws enacted and proposed in some parts of Europe. Sir Keir is known to be keen on work-life balance so expect some sort of proposals encouraging employers and employees to agree on working hours, prohibitions on emails at weekends for those not scheduled to work etc.
Jonathan Armstrong discusses compliance with the media following the UK General Election 2024 Labour victory
Jonathan was a guest on FCPA Compliance Report Podcast: Jonathan Armstrong on changes in UK Government.
He also spoke with Bank Info Security: What UK Labour Government will mean for AI?
Speak with a compliance lawyer following the UK General Election 2024
If you wish to discuss compliance matters for your business following the GE, Contact Us.
You can learn more about our services at Governance & Compliance.
Update: The King’s Speech, 17 July 2024
Following the publication of this article, the Labour Government announced the agenda for the next five years or so in the King’s Speech.
To learn more, visit: The Labour Government & The King’s Speech: What might this mean for compliance?
Jonathan Armstrong
Partner
Jonathan is an experienced lawyer based in London with a concentration on compliance & technology. He is also a Professor at Fordham Law School teaching a new post-graduate course on international compliance.
Jonathan’s professional practice includes advising multinational companies on risk and compliance across Europe. Jonathan gives legal and compliance advice to household name corporations on:
- Prevention (e.g. putting in place policies and procedures);
- Training (including state of the art video learning); and
- Cure (such as internal investigations and dealing with regulatory authorities).
Jonathan has handled legal matters in more than 60 countries covering a wide range of compliance issues. He made one of the first GDPR data breach reports on behalf of a lawyer who had compromised sensitive personal data and he has been particularly active in advising clients on their response to GDPR. He has conducted a wide range of investigations of various shapes and sizes (some as a result of whistleblowers), worked on data breaches (including major ransomware attacks), a request to appear before a UK Parliamentary enquiry, UK Bribery Act 2010, slavery, ESG & supply chain issues, helped businesses move sales online or enter new markets and managed ethics & compliance code implementation. Clients include Fortune 250 organisations & household names in manufacturing, technology, healthcare, luxury goods, automotive, construction & financial services. Jonathan is also regarded as an acknowledged expert in AI and he currently serves on the New York State Bar Association’s AI Task Force looking at the impact of AI on law and regulation. Jonathan also sits on the Law Society AI Group.
Jonathan is a co-author of LexisNexis’ definitive work on technology law, “Managing Risk: Technology & Communications”. He is a frequent broadcaster for the BBC and appeared on BBC News 24 as the studio guest on the Walport Review. He is also a regular contributor to the Everything Compliance & Life with GDPR podcasts. In addition to being a lawyer, Jonathan is a Fellow of The Chartered Institute of Marketing. He has spoken at conferences in the US, Japan, Canada, China, Brazil, Singapore, Vietnam, Mexico, the Middle East & across Europe.
Jonathan qualified as a lawyer in the UK in 1991 and has focused on technology and risk and governance matters for more than 25 years. He is regarded as a leading expert in compliance matters. Jonathan has been selected as one of the Thomson Reuters stand-out lawyers for 2024 – an honour bestowed on him every year since the survey began. In April 2017 Thomson Reuters listed Jonathan as the 6th most influential figure in risk, compliance and fintech in the UK. In 2016 Jonathan was ranked as the 14th most influential figure in data security worldwide by Onalytica. In 2019 Jonathan was the recipient of a Security Serious Unsung Heroes Award for his work in Information Security. Jonathan is listed as a Super Lawyer and has been listed in Legal Experts from 2002 to date.
Jonathan is the former trustee of a children’s music charity and the longstanding Co-Chair of the New York State Bar Association’s Rapid Response Taskforce which has led the response to world events in a number of countries including Afghanistan, France, Pakistan, Poland & Ukraine.
Some of Jonathan’s recent projects (including projects he worked on prior to joining Punter Southall) are:
- Helping a global healthcare organisation with its data strategy. The work included data breach similuations and assessments for its global response team.
- Helping a leading tech hardware, software and services business on its data protection strategy.
- Leading an AI risk awareness session with one of the world’s largest tech businesses.
- Looking at AI and connected vehicle related risk with a major vehicle manufacturer.
- Helping a leading global fashion brand with compliance issues for their European operations.
- Helping a global energy company on their compliance issues in Europe including dealing with a number of data security issues.
- Working with one of the world’s largest chemical companies on their data protection program. The work involved managing a global program of audit, risk reduction and training to improve global-privacy, data-protection and data-security compliance.
- Advising a French multinational on the launch of a new technology offering in 37 countries and coordinating the local advice in each.
- Advising a well-known retailer on product safety and reputation issues.
- Advising an international energy company in implementing whistleblower helplines across Europe.
- Advising a number of Fortune 100 corporations on strategies and programs to comply with the UK Bribery Act 2010.
- Advising of Financial Services Business on their cyber security strategy. This included preparing a data breach plan and assistance in connection with a data breach response simulation.
- Advising a U.S.-based engineering company on its entry into the United Kingdom, including compliance issues across the enterprise. Areas covered in our representation include structure, health and safety, employment, immigration and contract templates.
- Assisting an industry body on submissions to the European Commission (the executive function of the EU) and UK government on next-generation technology laws. Jonathan’s submissions included detailed analysis of existing law and proposals on data privacy, cookies, behavioural advertising, information security, cloud computing, e-commerce, distance selling and social media.
- Helping a leading pharmaceutical company formulate its social media strategy.
- Served as counsel to a UK listed retailer and fashion group, in its acquisition of one of the world’s leading lingerie retailers.
- Advising a leading U.S. retailer on its proposed entry into Europe, including advice on likely issues in eight countries.
- Working with a leading UK retailer on its proposed expansion into the United States, including advice on online selling, advertising strategy and marketing.
- Dealing with data export issues with respect to ediscovery in ongoing court and arbitration proceedings.
- Advising a dual-listed entity on an FCPA investigation in Europe.
- Acting for a U.S.-listed pharmaceutical company in connection with a fraud investigation of its Europe subsidiaries.
- Acting for a well-known sporting-goods manufacturer on setting up its mobile commerce offerings in Europe.
- Comprehensive data protection/privacy projects for a number of significant U.S. corporations, including advice on Safe Harbor Privacy Shield and DPF.
- Risk analysis for an innovative software application.
- Assisting a major U.S. corporation on its response to one of the first reported data breaches.
- Work on the launch of an innovative new online game for an established board game manufacturer in more than 15 countries.
- Advice on the setting up of Peoplesoft and other online HR programs in Europe, including data protection and Works Council issues.
- Advising a leading fashion retailer in its blogging strategy.
- Advising one of the world’s largest media companies on its data-retention strategy.
- Advising a multinational software company on the marketing, development and positioning of its products in Europe.