Call for evidence outcome

Data brokers and national security: government response

Updated 4 December 2025

Background

In March 2025, the Department for Science, Innovation and Technology (DSIT) launched a call for views to better understand the data broking sector, its operations, security practices, customer base and the implications for national security.

The initiative aimed to gather insights from a broad spectrum of stakeholders including companies conducting data broking, industry bodies, academics, and members of the public.

Whilst the feedback provided some valuable insights, there was a limited number of substantive answers to some questions. Nonetheless, DSIT conducted productive industry engagement alongside this, and the call for views has helped shape DSIT’s understanding of the sector and informed next steps in policy development.

Scale of responses

The call for views received 168 responses from a diverse range of stakeholders: 47% from data brokers and the remainder from industry bodies, independent experts, and the public.

Key themes emerged around the definition of data brokers, security standards across the sector and the effectiveness of UK GDPR in mitigating national security risks.

Next steps

In response to the information received, the government will focus on 4 priority areas.

1. Refining the definition of data brokers

Feedback from respondents showed mixed views on how data broking and data brokers should be defined. Many respondents supported a broad definition whilst others felt it grouped together very different types of organisations, each with their own risk profiles. The government will revisit its approach to ensure the definition reflects the range of activities in the sector and is clear and workable for any potential policy proposals.

2. Recognising socio-economic benefits

Many respondents highlighted the positive role data brokers play in areas like healthcare, fraud prevention, business data and emerging technologies. The government recognises the importance of data brokers in day-to-day life, from helping consumers make informed choices regarding their finances through to businesses more easily reaching their intended audiences. Safeguarding and supporting these functions will remain paramount as the government continues to develop its understanding of the sector and considers any future policy.

3. Assessing the role of UK GDPR in national security

There was broad awareness of how personal data could be misused by hostile actors, but views differed on whether current data protection laws are sufficient. Some pointed to gaps in enforcement, while others felt the legislation itself needed strengthening. The government will continue to explore this issue in more detail.

4. Exploring industry standards and operational practices

Views on industry standards varied, with some organisations reporting strong safeguards and others highlighting gaps, particularly in the AdTech ecosystem and the Real Time Bidding process. The government will continue to investigate industry standards in different parts of the data brokerage ecosystem, including engaging with stakeholders to build a clearer picture of current practices and where improvements may be needed to ensure UK data is secure.

Conclusion

The call for views has revealed a fragmented landscape with divergent views on definitions, standards, and regulatory efficacy. The government will take forward a refined approach to defining data broking, deepen its understanding of high-risk areas, and explore regulatory enforcement mechanisms.

We remain committed to ensuring that data broking supports innovation and economic growth while safeguarding national security and public trust. Further engagement with stakeholders will be essential as we refine our approach and develop future policy. The government is grateful to all the respondents that took the time to respond to the call for views.