After announcing plans to ‘turbocharge’ growth in the UK through AI at the start of the year, a recent report from the Public Accounts Committee (PAC) has delivered a sobering assessment of the difficulties the UK government faces in implementing its plan.
The report used evidence from the Department for Science, Innovation and Technology (DSIT) and the Cabinet Office on the use of artificial intelligence (AI) in government to highlight the challenges and make considered recommendations regarding AI in the UK.
PAC
First appointed in 1861, the PAC is a cross-party group of no more than 16 members of parliament (MPs). Members have the unenviable task of holding the Government and its civil servants accountable for the delivery of public services by assessing whether they provide value for money from public expenditure.
Although concerned with the proper use of public finances, public service delivery structures have undergone a dramatic transformation over the years, and the scope of PAC has, in turn, extended “beyond government departments to also examine public bodies and private companies providing public services.”
Barriers to AI Adoption
The PAC report highlights several key areas of concern and makes some important recommendations to start resolving identified issues.
Legacy Technology, Data Quality and Data Sharing
Outdated legacy technology, low data quality, and data sharing are all factors putting AI adoption in the public sector at risk. The report cites how 21 out of the 72 highest–risk legacy systems operational in government that were prioritized as part of the 2022–25 digital and data roadmap still lack remediation funding.
The PAC report recommends that DSIT publicly set out within six months how it intends to prioritize and ensure funding for the remediation of the highest–risk legacy technology and develop an approach for measuring the cost of not addressing legacy technology. Track funding allocated for remediation work, act where progress is slow, and address the risks to AI adoption related to data sharing and poor data quality.
Public Trust
Slow progress on embedding transparency and establishing robust standards for AI adoption in the public sector is jeopardizing public trust, with only 33 records having been published so far on the government website set up to provide greater transparency on algorithm–assisted decision-making in the public sector.
The recommendations in this matter involve DIST providing an update on how it is tackling gaps in transparency, addressing public concerns, and how its strengthened spend controls for high–risk AI use cases will support safe and ethical AI roll–out.
Digital and Data Skills and Capability
The PAC report considers the government’s State of Digital Government Review (SODGR) from January 2025 in order to highlight several concerning statistics relating to this category. They point to the failure of 50% of digital and data recruitment campaigns, uncompetitive levels of pay with the private sector, exemplified by a 35% noted pay gap between public and private sector technical architects, and the general need for more technical roles as such roles are often outsourced.
Recommendations made on this issue include DSIT and the Cabinet Office writing to the committee alongside the publication of the Digital and AI Roadmap to explain how the planned reforms will resolve the skills gap, how it will be monitored, and how progress will be reported publicly.
Sharing AI Pilot Learnings and Scaling up
The report identifies little evidence of successful adoption at scale so far, with no systematic mechanism for combining and disseminating the learnings from all the pilot activities across the government. It claims that without DSIT committing to address these issues, the government risks duplication of effort and cost from siloed pilot activities.
To address these matters, the report recommends establishing a system for collecting, sharing, and reviewing details on these AI pilots whilst also detailing out how AI products are planned to be identified, developed, and rolled out at scale.
AI Procurement
Returning to the SODGR, the report highlights how DSIT reported that government procurement processes had not adapted to the shift in the technology market away from upfront capital purchases to subscription-based models, and were ill-suited to a dynamic, fast-paced market. They also pointed to concerns they had received from technology suppliers, third–sector bodies, and academics over the AI market being dominated by a few large technology suppliers, which was reducing competition and acting as a barrier to innovation.
The PAC recommends that DSIT works in conjunction with the Cabinet Office, to publicly detail how its proposed AI sourcing and procurement framework will work.
Leadership
DSIT told us that chief digital information officers are “not sufficiently represented at the executive committee level.”
To tackle this, recommendations have been made regarding ensuring accountability, as well as the suggestion that the Cabinet Office might consider embedding a Government Digital Service officer with digital and procurement skills in relevant senior positions.
Expert Analysis
In addressing the magnitude of the challenge ahead, Adam Pilton, Senior Cybersecurity Consultant at CyberSmart, underscores the importance of AI to the UK in terms of its global standing and believes that the challenges facing the UK government will be similar to those facing many other organizations.
He points to the continued use of Legacy IT as a concern for both the cybersecurity industry and the government and bemoans the digital skills and pay gaps as significant issues. As for the likelihood of the government achieving its aims, he states that “AI adoption is possible; I can’t see it happening on the scale envisioned, but that shouldn’t stop us from trying.”
Adam Parlett is a cybersecurity marketing professional who has been working as a project manager at Bora for over two years. A Sociology graduate from the University of York, Adam enjoys the challenge of finding new and interesting ways to engage audiences with complex Cybersecurity ideas and products.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.