Skip to main content

Technology trends that shaped 2023: A legal and regulatory round-up

The Topline

“At the start of the year, we gave our top tech predictions for 2023, including in relation to: AI regulation; data reform; digital trade; cyber security; and more. As we approach the end of the year, we take the opportunity to reflect on what came to pass – and what didn’t – in 2023.”

Sally Mewies, Head of Technology & Digital

Sally Mewies B&W

An image of a laptop screen in front of a purple background. On screen is the ChatGPT login screen. A visual metaphor for the topic of this article, technology trends that shaped 2023.

Technology trends that shaped 2023: Introduction

At the start of the year, we gave our top tech predictions for 2023. We publish a regular round-up of legal and non-legal tech-related news stories (see our latest edition here): to receive this and other similar updates direct to your inbox, click here to register.

If you have queries about any of the technology trends that shaped 2023 discussed below, or need further advice or assistance, please get in touch with SallyLuke or one of our Technology & Digital experts.

Click here to watch our video round-up.

Regulation, regulation, regulation!

We said we expected to see concrete action on various aspects of digital regulation, and we haven’t been disappointed. While 2023’s conversation was increasingly dominated by what to do about AI, there were developments in other areas too, including cryptoasset and platform regulation. Cooperation between governments, regulators and other bodies continued to be a driving force. We expect this to intensify further next year as pivotal decisions are made about the future regulation of emerging tech.

All of the reports and government responses forming the pro-innovation regulation of technologies review – announced in 2022’s Autumn Statement – have now been published. They focus on the key growth sectors of: digital technologies; life sciences; green industries; advanced manufacturing; and the creative industries.

A legal framework for AI

With the rapid rise of generative AI (think ChatGPT) in particular, AI is probably the standout of the technology trends that shaped 2023.

At the start of the year we said we were expecting the government’s overdue AI regulation white paper “any day now”. It was finally published at the end of March. Instead of introducing specific legislation, or creating a new single regulator for AI, the preferred pro-innovation approach is to empower existing regulators to come up with tailored, context-specific approaches that suit the way AI’s being used in their sectors. This is in contrast to the EU, for example, where an AI Act is already at an advanced stage and set to be signed off early next year. Looking ahead, businesses operating across borders will need to make sure they have the systems in place to comply with multiple regimes.

The UK recently hosted the first AI Safety Summit, kickstarting a much-needed global conversation about how we can both manage the risks and reap the benefits of this rapidly evolving technology. We’re expecting the government to publish the response to its AI regulation white paper any day now, paving the way for concrete developments in 2024.

The Information Commissioner’s Office recently published a round-up of its guidance and resources about AI and, hot off the press, the Supreme Court ruled that an AI machine cannot be the named “inventor” for the purposes of the Patents Act 1977, as it’s not a natural person.

Other ongoing initiatives include: the Intellectual Property Office working on a code of practice on copyright and AI; and the Competition and Markets Authority reviewing AI foundation models. As part of a continuing dialogue, the financial regulators recently published a feedback statement on AI and machine learning.

Click here to access the recording of our recent webinar on unlocking and controlling AI with News UK CTO Simon Farnsworth.

Cryptoasset regulation (and a possible digital pound)

Next up in the technology trends that shaped 2023 – cryptoasset regulation. Key expected developments were consultations on the use of ‘stablecoins’ (a type of cryptoasset) for payments, and on proposed next steps around a central bank digital currency (a ‘digital pound’).

With the Financial Services and Markets Act 2023 bringing stablecoins in scope of regulation, HM Treasury recently published the response to a February consultation and call for evidence on the future financial services regulatory regime for cryptoassets; together with an update on plans for the regulation of fiat-backed stablecoins. The financial regulators are currently seeking views to help develop their approach to regulating that regime, part of a phased approach to cryptoasset regulation.

In related news, the financial promotions regime was extended in October to promotions of qualifying cryptoassets. The FCA recently published guidance to help crypto firms comply with the new rules.

As expected, HM Treasury and the Bank of England consulted on the potential case for a digital pound. Issued by the Bank and backed by government, a digital pound would not be a cryptocurrency or cryptoasset, but it certainly sets the stage for more to come in the area of digital finance and payments.

In a recent speech, the Bank’s former Deputy Governor for Financial Stability said that: a digital pound will likely be needed by the end of the decade; there’s been a strong response to the consultation; and a detailed response is expected in the coming months. The Treasury Committee has urged the Bank and HM Treasury to address data privacy and financial stability concerns before considering implementation.

In a report on NFTs in sport and culture, the Culture, Media and Sport Committee warned that artists, consumers and club reputations are at risk from the rise of cryptoassets. A government response is awaited.

Over in Europe, as expected, the MiCA regulation on markets in cryptoassets entered into force. Some provisions will start to apply from June 2024.

Platform regulation

We expected legislative progress on online safety and a new competition regime for the most powerful digital firms. There was movement on both counts.

The much-discussed Online Safety Act 2023, which imposes various duties of care on online service providers, was finally passed. Aimed in particular at protecting children, the Act includes other provisions such as tackling online fraud. Regulator Ofcom is taking a phased approach to implementation and has started consulting on codes of practice and guidance.

The Digital Markets, Competition and Consumers Bill continues to progress through the parliamentary stages and is expected to become law in spring/summer 2024.

Over in Europe, identified ‘gatekeepers’ – large digital platforms providing core platform services – need to comply with a list of do’s and don’ts in the Digital Markets Act by March 2024 at the latest.

In the briefing notes to the King’s Speech it was said that the UK’s approach is more targeted than the EU’s broader approach, which risks creating unnecessary burdens for too many firms and will impose a rigid set of rules. This reflects the UK’s ongoing balancing act between seeking to rein in Big Tech and promoting innovation.

Data reform at last?

We said we’d be very surprised not to see movement on data reform following the announcement in October 2022 about a new “business and consumer-friendly, British data protection system”.

This got off to a bit of a slower start than expected. A Data Protection and Digital Information Bill – designed to seize on post-Brexit freedoms and reduce burdens for business – was first introduced in July 2022. Progress stalled with the change in Prime Ministers, and it wasn’t until March this year that a revamped Bill began its journey. It’s expected to become law in spring 2024.

It’s anticipated that businesses operating both here and in the EU will likely be compliant with the new law if they follow EU GDPR rules, avoiding the need to spend time and money adjusting to two separate regimes.

Progress on data adequacy arrangements between the US and UK and US and EU is discussed below.

Facilitating digital trade

Next up in the technology trends that shaped 2023 – developments around facilitating digital trade.

The Electronic Trade Documents Act 2023 came into force as expected, with the potential to revolutionise international trade. Granting electronic trade documents the same legal status as physical ones is estimated to deliver a more than £1 billion boost to the UK economy over the next decade.

We also mentioned at the start of the year how reducing barriers to data flows is essential for boosting digital trade. As expected, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework, allowing personal data to flow freely between the EU and participating US companies, without requiring additional safeguards. UK businesses can also transfer personal data to US companies certified under the UK extension to the Framework.

We’re still awaiting ICO guidance on the international data transfer agreement and UK addendum to the EU standard contractual clauses. We’re also expecting the ICO to publish a UK addendum to EU binding corporate rules (another available safeguard allowing cross-border data transfers in the absence of a data adequacy decision) and associated guidance. This will make it easier for businesses that have to comply with both the UK and EU data protection regimes. The documents have already been published in draft form.

In other developments: the UK signed a digital trade agreement with Ukraine; and the Centre for Digital Trade and Innovation was formally launched at its location at Teesside University.

Sustainable technology

In our top tech predictions for 2023 we were sure we’d continue to see businesses digitising their operations and experimenting with new tech as the push towards net zero dominates the agenda, and sustainability reporting and due diligence requirements come to the fore. And we weren’t wrong.

There are so many initiatives we could mention, from developments in drone technology and plans to create AI factories, to space-driven climate services and the 30 cutting-edge manufacturing projects awarded over £50 million in government funding.

We mentioned at the start of the year the government’s £1.5 million AI for Decarbonisation Programme, part of its £1 billion Net Zero Innovation Portfolio. Successful projects include; a new virtual centre supporting high carbon-emitting sectors to adopt AI technologies to reduce their emissions; and innovations in electricity, industry and agriculture. A further £2.25 million in funding was made available later in the year to extend the programme’s scope to electrification and smart grid, transportation, and land use for renewables generation.

Sustainability features prominently in the government’s recently published UK battery strategy and advanced manufacturing plan.

In May, the heads of some of the world’s leading banks, energy companies, technology giants and finance firms were among attendees at the first-ever meeting of the government’s Net Zero Council, which will support industry to help cut their emissions and develop greener practices.

Over in Europe, the European Commission unveiled its draft Net Zero Industry Act as part of the European Green Deal. The aim is to scale up net zero technology manufacturing in the EU to provide at least 40% of the bloc’s annual deployment needs for strategic net zero technologies by 2030.

Focus on biometrics

We talked earlier in the year about the ICO having biometric tech firmly in its sights, with guidance expected in spring. It was in autumn that the regulator consulted on the first phase of its guidance on biometric data and biometric technologies. A second phase focusing on biometric classification and data protection will include a call for evidence early in 2024.

The ICO’s been asking organisations interested in participating in its Regulatory Sandbox in 2024 to get in touch by 31 December. Biometric processing is one of the current areas of focus for which it’s accepting expressions of interest.

A recent report warned of a ‘worrying vacuum’ in government plans to safeguard the public in relation to biometrics and surveillance. The roles of the Biometrics and Surveillance Camera Commissioner will be revoked if the Data Protection and Digital Information Bill becomes law in spring 2024 as expected. There’s a concern that the existing safeguards are needed more than ever with advances in AI and other tech. The government recently proposed a series of amendments to the Bill, including on the use of biometric data to strengthen national security.

Employment practices and new technologies

One of the more easily relatable technology trends that shaped 2023 is the impact that new tech, including AI, is having on the world of work.

As we anticipated at the start of the year, we’ve seen the ICO publish various resources for employers around employment practices and new technologies, including: guidance to ensure lawful monitoring in the workplace (considering specific types of monitoring practices, including the use of biometric data to monitor timekeeping and attendance); guidance to help employers understand their data protection obligations when handling workers’ health information; and guidance on responding to subject access requests, including in relation to searches across social media and provision of CCTV footage. The ICO is currently consulting on two new pieces of guidance on keeping employment records and recruitment and selection.

The ICO warned that neurotech – technology to monitor neurodata, the information coming directly from the brain and nervous system – poses a major risk of being biased if it isn’t developed and used correctly. Specific guidance is expected by 2025. A report set out the possible future avenues of development, including in the workplace and employee hiring.

Our recent briefing on AI and recruitment explores the potential that AI has for introducing discrimination into processes via the backdoor. As with all fast-moving tech, it’s important to make sure you don’t fall into the trap of ignoring risks when chasing the benefit.

Product and cyber security

On product security and safety, we expected to see – and did see – regulations setting out details of the security requirements that manufacturers, importers and distributors of consumer connectable products will have to comply with. They will apply from 29 April 2024.

We were also awaiting the outcome of the Transport Committee’s inquiry into self-driving vehicles. Its report was published in September. The Committee later welcomed the Automated Vehicles Bill 2023 but said it remains concerned the government’s ambition for how safe these vehicles should be may end up being too weak and too vague.

As part of its smarter regulation programme, the government also consulted this year on plans to overhaul the UK’s product safety laws to make them fit for the digital age, including accommodating the shift to online shopping and regulating innovations such as internet connected devices and AI.

Over in Europe, as expected, progress was made on a number of initiatives. Among other things, a Cyber Resilience Act to boost digital products’ security and a revised Product Liability Directive continued through the legislative stages. Progress has been slower on a separate AI Liability Directive to complement the EU’s AI Act.

Very recently, the Joint Committee on the National Security Strategy published its report on ransomware and UK national security; and the government published a consultation on protecting and enhancing the security and resilience of UK data infrastructure.

The implementation period for a voluntary code of practice setting out minimum security and privacy requirements for app store operators and app developers was extended to June 2024.

The Science, Innovation and Technology Committee launched an inquiry into the cyber resilience of the UK’s critical national infrastructure. The National Cyber Security Centre recently warned of an enduring and significant threat as it published its latest Annual Review.

We’ve seen a host of guidance coming out of the NCSC this year, including a major update to its cyber security board toolkit guidance. Following on from the AI Safety Summit, the NCSC recently announced new global guidelines for AI security.

Future law reform

And finally, the last of the technology trends that shaped 2023 – future law reform.

We were expecting to see various reports and consultations from the Law Commission relating to its projects on emerging tech.

The Commission published its final report on digital assets, reminding us how the flexibility of English law makes this the ideal jurisdiction for resolving legal issues in this evolving space. We’re still awaiting the consultation on a related project concerning how the rules of applicable law and jurisdiction apply to digital assets and other emerging technologies. And we haven’t yet seen the results of a call for evidence on decentralised autonomous organisations.

In other developments: the Law Commission advised that robust regulation is needed before remote driving technology (which enables a person to drive a vehicle from a remote location) is on our roads; and the UK Jurisdiction Taskforce of Lawtech UK published a legal statement on digital securities.

That’s all for now on technology trends that shaped 2023 – watch out for our top tech predictions for 2024!

Technology trends that shaped 2023: How we can support you

Whatever your technology needs are, we’ve got the expertise to help you. Our multidisciplinary Technology & Digital team offers the full range of services, from dealing with contract drafting and competition issues to regulatory compliance and dispute resolution.

If you have queries about any of the technology trends that shaped 2023 discussed above, or need further advice or assistance, please get in touch with SallyLuke or one of our Technology & Digital experts.

Our people



Head of Technology & Digital

Sally's contact details

Email me





Luke's contact details

Email me