Policy paper

Digital Regulation Cooperation Forum: Plan of work for 2022 to 2023

Published 28 April 2022

CEO Foreword

The Digital Regulation Cooperation Forum (DRCF) brings together the major UK regulators tasked with regulating digital services:

• the Competition and Markets Authority (CMA),

• the Financial Conduct Authority (FCA),

• the Information Commissioners Office (ICO), and

• the Office of Communications (Ofcom).

Together, we can collectively drive greater regulatory co-operation and deliver coherent approaches to digital regulation. I was delighted to join the Forum late last year as its inaugural Chief Executive.

This document sets out the workplan and key priorities for the DRCF during 2022 to 2023. This includes projects that help to collectively tackle some of our biggest digital challenges: from protecting the safety and privacy of children online to promoting fair and competitive online advertising markets. The DRCF will also support work to drive best practice across the regulators. We will look at how to enable responsible innovation within industry and build expertise in horizon scanning. This means that regulators can better understand and anticipate what new technological developments are coming down the track and industry can have greater certainty of the regulatory environment for their new ideas.

This year represents a crucial moment in the UK’s approach to regulating digital technologies and services. Regulators are gearing up to take on new and revised responsibilities across the digital space. These new responsibilities - both individually and collectively – represent a seismic step change in the UK digital landscape. They are setting the foundations for a UK digital economy that is pro-growth and innovation friendly, protects people from the range of growing online harms and data protection concerns and promotes competition in markets. Success for the DRCF will mean that, as a result of working together, each regulator becomes more effective in the delivery of their digital responsibilities.

The goals of the Forum are threefold:

• to promote greater coherence, so that where regulatory regimes intersect the DRCF helps to resolve potential tensions, offering clarity for people and industry;

• to work collaboratively on areas of common interest and jointly address complex problems; and

• to work together to build the necessary capabilities, learning from what each regulator is doing and striving to be best in class, both now and in the future.

We are publishing the 2021 to 22 DRCF annual report alongside this workplan. It reflects on the progress of the DRCF in year one. A wide range of stakeholders provided valuable feedback to the forum, including direct engagement with industry, civil society and academia. We have also had engagement via the recent House of Lords Communications and Digital Committee inquiry on Digital Regulation^{[footnote 1]} and responses to the Department for Digital, Culture, Media & Sport (DCMS’s) consultation on its Digital Regulation Plan^{[footnote 2]}. We welcome this input and have included here plans to engage more closely with a wide range of external stakeholders over the next 12 months.

The task ahead is significant. But by working together as regulators and in close co-operation with others, we intend for the DRCF to make an important contribution to the UK’s digital landscape to the benefit of people and businesses online. We welcome your feedback.

Gill Whitehead (DRCF CEO)

Introduction

The DRCF brings UK regulators together to deliver a coherent approach on digital regulation for the benefit of people and businesses online.

We formed the DRCF because efficient and joined-up regulation is key to addressing the complex challenges that digital services and technologies pose.

Digital regulation is a rapidly evolving field. The innovative nature of the DRCF’s model means that the UK has a significant opportunity to lead the way on delivering coordinated digital regulation. Other countries such as the Netherlands^{[footnote 3]} and Australia^{[footnote 4]} are now also adopting this model and our work is helping to inform policy makers as to what a joined-up approach to digital regulation looks like in practice.

Collectively we have a huge responsibility - both now and in the future - for digital regulation in the UK. We set out our individual remits in this area below:

Regulator	Key responsibilities in relation to digital services*
CMA	Responsible for promoting competition for the benefit of consumers, the CMA has powers to enforce competition and consumer law, conduct market studies and assess mergers. The CMA has also been tasked by Government with overseeing a new pro-competition regime for digital markets, through its new Digital Markets Unit, currently established in shadow form.
Ofcom	As the UK’s communications regulator, Ofcom promotes the interests of consumers and citizens in relation to communications services – from telecoms and internet provision to content services. As part of this, Ofcom regulates video sharing platforms such as TikTok and Snap, and the recently published Online Safety Bill named Ofcom as regulator for the new Online Safety regime. Ofcom also has regulatory responsibilities for cyber security and resilience of UK communications networks.
ICO	Responsible for upholding people’s rights and freedoms when organisations process their personal data, including protecting children online through the Age Appropriate Design Code (Children’s code). The ICO also has regulatory responsibilities for the cyber security of UK digital and information systems.
FCA	Responsible for regulating the UK financial services industry, including digital markets. They have 3 operational objectives; to protect consumers; promote competition in consumers interests and protect and enhance the integrity of the UK financial system.

*This summary is not intended to cover the full comprehensive remits of the regulators but those relating most specifically to the work of the DRCF.

These important roles will see each member regulator engaging with some of the biggest challenges that digital services pose – challenges which are only becoming more pressing (see Figure 1). The current and future responsibilities of the DRCF members see us directly engaging with how to tackle these issues. Doing so not only benefits people using digital services in the UK, it also helps to foster innovation by supporting the growth of responsible digital services.

Figure 1: Examples of harms that digital services pose^{[footnote 5]}

This infographic shows 4 statistics. 76% of 13+ year olds have had at least one harmful online experience in the last four weeks. Fewer than 3 in 10 people trust companies and organisations storing their personal information. 16,400 possible scam enquiries were received between April – September 2021 – Up by a third compared to the same period in 2020. Consumer Detriment was estimated at £2.4 billion in 2018 as a result of excess profits.

In the last year, many stakeholders reinforced the importance of regulators working together to address these challenges. Both DCMS and the House of Lords Communications and Digital Committee have highlighted the DRCF’s important role. In the responses to DCMS’s Plan for Digital Regulation, there was widespread consensus on the need for the UK regulators to be effective, coherent and co-ordinated.^{[footnote 6]} The Secretary of State for DCMS said the DRCF had a ‘vital role to play’ and emphasised in relation to digital regulation that ‘sharing expertise, developing common capabilities, maximising efficiencies in the way regulators operate, and minimising unnecessary burdens on business will be paramount.’^{[footnote 7]}

In its report, the House of Lords Committee recognised the DRCF as a step in the right direction and re-emphasised the need for an approach to regulation that is ‘agile, streamlined and avoids duplication’. They recommended that the DRCF do more ‘to facilitate coordination and cooperation—both between and beyond regulators.’^{[footnote 8]}

By working together through the DRCF, we promote coherence, collaboration and capability building – prioritising coordination in areas which will enhance our effectiveness

The overarching goals of the DRCF are to promote:

1. Coherence between regimes – given the interactions and potential tensions between the regulatory regimes, we must work together to provide clarity and consistency for people and businesses.

2. Collaboration on projects – there is significant benefit in us coming together to address complex problems in areas of common interest. We can deliver clarity for businesses through joint guidance where appropriate.

3. Capability building across regulators – by working together, we can more efficiently develop and retain the right skills, knowledge, expertise and organisational capability to deliver effective digital regulation for people and businesses

Success for the DRCF lies in enhancing the effectiveness of each individual regulator in relation to their digital responsibilities. Our work on coherence, collaboration and capability also enables us to operate more efficiently, and we drive best practice by learning from each other. This will benefit people using digital services by delivering more effective regulation. It benefits industry by providing greater clarity on how to comply with different regulatory regimes.

We need to focus our efforts, given the vast range of technological developments and the related policy issues they might raise. Each year, we will therefore prioritise a joined-up approach on issues where we have pressing concerns and where we see the greatest potential impact for people and businesses.

Below, we set out our priorities for the coming year. However, we recognise that given the rapidly changing nature of the field, we need to stay adaptive and flexible to events during the course of the year.

Coherence

Our key priorities will be:

• Protecting children online: Through the DRCF we want our efforts to be synchronised - with a particular focus on improving outcomes for children and parents - by ensuring privacy and online safety protections work in unison. This includes a joint working framework to support the oversight of Ofcom’s Video Sharing Platform (VSP) regulatory framework and the ICO’s Age Appropriate Design Code (AADC) regime, as well as joint research on age assurance

• Promoting competition and privacy in online advertising: Through the DRCF we want to foster competitive online advertising markets that deliver innovation and economic growth, while respecting consumer and data protection rights. This includes the CMA and ICO working together to review: Google’s emerging proposals to phase out third-party cookies; and Apple’s App Tracking Transparency and Intelligent Tracking Prevention features.

We are also conducting further work to ensure a coherent approach across our regimes. This includes:

• mapping interactions between relevant regulatory regimes;

• publishing a joint statement on how we plan to work together to address areas of interaction between the online safety and privacy regimes;

• developing a clear articulation of the relationships between competition and online safety policy;

• continuing to develop our understanding of end-to-end encryption; and

• building on engagement between Ofcom and FCA on online fraud and scams

Collaboration

Our key priorities in this area are:

1. Supporting improvements in algorithmic transparency: As regulators of digital services, we want to support the use of algorithmic processing in a way that promotes its benefits and mitigate risks to people and competition. Transparency is key to this. This workstream explores ways of improving algorithmic transparency and auditing.^{[footnote 9]} We aim to: improve our capabilities for algorithmic auditing; research the market for third-party auditing; and promote transparency in algorithmic procurement.

2. Enabling innovation in the industries we regulate: We want to encourage responsible innovation in the market. We can do this by helping businesses to deliver the protections we expect and enabling individuals to trust in emerging technologies. This workstream will explore different models for how we coordinate our work with industry to support innovation.

Capabilities

Our key priorities in this area are:

1. Improving knowledge sharing through expert networks: This involves supporting connections between experts in our organisations to drive sustained collaboration on shared policy areas. We hope to create more informed and impactful policy. For example, we are creating a network to join up on the use of regulatory technologies (RegTech) and supervisory technologies (SupTech).

2. Building on synergies and bridging gaps in our horizon scanning activity: This builds on ongoing programmes of horizon scanning across the regulators. This scanning aims to develop knowledge on areas of rapid innovation and join up on engagement via external events. We are working together to identify and bridge gaps and offer collective, public insights of emerging technologies. This will help us better understand tech priorities for future DRCF workplans.

3. Recruiting and retaining specialist talent across all 4 regulators: Despite our different regulatory roles, we need common skills and expertise. This workstream supports the regulators to attract, build and retain the skills we need to deliver on current and future digital responsibilities.

In addition to these specific workstreams, we are planning a comprehensive programme of external engagement that will run throughout the year. We know there are a significant number of stakeholders with expertise on digital issues that we can learn from. These include other regulators, industry, academia, international partners and civil society groups. We plan to engage with each of these groups this year through briefings, events, and bilateral meetings. This ensures we give them the opportunity to input into our latest thinking and keep them informed of our priorities. We encourage input from all our stakeholders on our workplan.

The 2022 to 2023 DRCF workplan

Below, we set out our workplan for this financial year in full. We set out our plans against our overarching goals: coherence, collaboration and capabilities. We also outline how we intend to strengthen the way we engage with stakeholders on this work.

Coherence

Through the DRCF we are enabling each of our regimes to work together in practice. We are spotting gaps and exploring ways to apply regulation across different regimes in a cohesive way. We also discuss areas of possible tension between our regimes, working together to find the best way of achieving our respective objectives, provide clarity for businesses and improve outcomes for people using digital services

There are a range of interactions across our current and future regimes. This year we are particularly focusing on:

• protecting children online;

• promoting competition and privacy in online advertising; and

• undertaking further work to ensure a coherent approach across our regimes.

Protecting children online

Helping children to use online services safely is a key part of our work. We are increasingly asking the services children use to provide robust protections to safeguard their privacy and keep them safe online. At the same time, parents and children should feel empowered to ensure the experiences children have online are beneficial and safe.

Both the ICO and Ofcom have specific duties for the protection of children online. It is vitally important to deliver coherent regulation to ensure privacy and online safety protections work in unison for children and parents.

The ICO responsibilities for protecting children’s online data rights include overseeing the Children’s code, formally known as the Age Appropriate Design Code (AADC). Ofcom is responsible for the regulation of VSPs in the UK, which must put in place measures to protect children from harmful content. Ofcom is taking on additional responsibilities for ensuring a broader range of online services take appropriate measures to protect children from harmful content. Through the DRCF we want to synchronise our efforts to deliver better experiences for children and parents.

This year we are:

• improving our cooperation on the supervision of services under the VSP and AADC regimes by finalising a joint working framework and conducting scenario workshops to test the framework;

• publishing joint research on parental and children’s attitudes to age assurance across different online contexts; and

• collaborating on the development of guidance and standards on age assurance.

Promoting competition and privacy in online advertising

Online advertising plays an important role in the provision of hugely valuable services and content to consumers, such as advertising funded internet search and social media services. Consumers typically do not pay directly for these services. Rather, platforms and publishers finance them by monetising consumers’ attention and data through the sale of targeted online advertising. In turn, from the largest organisation to the local café, digital advertising provides a highly effective method of delivering ads to consumers, helping to drive brand awareness and sales.

However, the technologies used for targeted online advertising can create significant risks to the users’ privacy and data protection rights. The use of profiling and enrichment of personal data in online advertising may be opaque to users, disproportionate and in certain circumstances, unfair. Too often, organisations do not have meaningful consent for processing of people’s personal data. Together, these factors lead to users often not having meaningful choice and control over whether organisations track and profile them. Online advertising markets are also dominated by a small number of large technology companies that hold powerful positions. This may stifle competition within and across these markets, and again reduces user choice.

The CMA conducts a range of market-based activity, acting to improve the way digital markets function for consumers and businesses. The use and control of personal data plays a significant role in these markets. The ICO is aiming to improve compliance with data protection law today as well as shape the future of online advertising, both in the UK and on the global stage. Through the DRCF, the CMA and ICO continue to pool their collective expertise. This enables more informed decision-making about market interventions in the online advertising ecosystem.

This year we will continue to work together in order to:

• monitor the effectiveness of Google’s commitments made about its Privacy Sandbox proposals; and

• ensure close collaboration in relation to Apple’s App tracking transparency requirement and intelligent tracking prevention.

Further work to ensure a coherent approach across our regimes

Alongside the priorities above, we aim to strengthen our ability to work together where our regulatory responsibilities interact. We are continuing to develop our collective understanding and approach to the interactions between data protection and competition regulation, building on the CMA/ICO joint May 2021 statement.^{[footnote 10]}

We are also exploring wider areas of interaction around safety beyond those specifically about child protection, including between the online safety and privacy regimes. We will set out how we plan to work together to address these in a joint statement. We are developing a clear articulation of the potential relationships between competition and online safety policy. We are also continuing to develop a collective understanding of end-to-end encryption to inform a joined up regulatory approach.

Building on the close dialogue over the last year on online fraud and scams, the FCA and Ofcom will continue to join up to help inform Ofcom as it delivers protections relating to illegal financial promotions under the Online Safety Bill, optimise information sharing and platform engagement, and investigate possible wider interactions with the ICO and CMA regimes.

To enable us to plan and prioritise further coherency work in the future, we are mapping interactions between a wider set of relevant regulatory regimes covering digital services. This helps us think broadly about the potential interactions which may impact people and businesses.

Collaboration

We can enhance the way we work by considering common issues that affect our respective policy goals. For example, we each consider the impact of particular technologies (such as the use of algorithmic processing). We all have a vested interest in supporting innovation which benefits people using digital services and the digital economy.

While we each need to deal with issues and make decisions in a bespoke way to deliver on our regulatory duties, we have opportunities to work together. Doing this will allow us to work more efficiently, avoid duplicated efforts, develop shared approaches and deliver joint guidance for industry where appropriate.

This year we are particularly focusing on joining up to:

• support improvements in algorithmic transparency; and

• enable innovation in the industries we regulate.

Supporting improvements in algorithmic transparency

Using algorithms to process and collect data underpins many digital services, providing functionality which impacts people’s lives on a daily basis. Whether it is detecting fraudulent activity, connecting us to our friends or directing our navigation, such systems are now a core part of modern society. They provide many benefits but without appropriate oversight they can lead to individual harms and anti-competitive outcomes.

As regulators of digital services, we want to support the use of algorithmic processing in a way that promotes the benefits of algorithms and mitigates the risks to people and competition. As a result of our 2021-2022 workplan, we published joint papers setting out the benefits and harms of algorithmic processing and the current landscape for algorithmic auditing.^{[footnote 11]} This year, we are building our understanding of how to effectively assess algorithmic systems and support the appropriate development and deployment by businesses. We will do this by:

• improving our capabilities for algorithmic auditing. This includes sharing knowledge on different auditing techniques, as well as understanding and testing how to use digital solutions to monitor algorithmic processing systems and identify harms;

• researching the third-party algorithmic auditing market. We are assessing where regulators can play the most valuable role in how this emerging market develops; and

• promoting transparency in algorithmic procurement. We are supporting vendors and procurers through a publication on best practices, harmful behaviours, and clarity on each regulator’s role.

Enabling innovation in the industries we regulate

Innovation is an important part of a thriving, competitive market. It has huge benefits for people. It enables new and improved products and services, increases consumer choice and develops systems that drive down prices and improve service quality. Innovation also helps to drive the economy, supporting both improved productivity and economic growth.

As regulators, we each have responsibilities relating to innovation. These include specific duties to support innovation and broader interests in aligning innovation with our policy objectives. By collaborating, we can make it easier for innovators to engage with us. This means giving businesses a more comprehensive understanding of their regulatory responsibilities. In turn, this allows them to develop compliant products and services at pace with greater confidence. Ultimately, this benefits people by ensuring regulation is not a disproportionate barrier to innovation. It also helps businesses to deliver the protections we expect to be in place.

We have already made progress in the way we support innovation. The ICO and FCA provide joined up innovation support services, through advice and tech sprint challenges.^{[footnote 12]} This provides start-ups and market leaders alike with opportunities to test new ideas in regulatory ‘sandboxes’^{[footnote 13]} getting feedback along the way. Ofcom, together with Digital Catapult, has also worked with industry to create SONIC Labs.^{[footnote 14]} This allows Ofcom to test and develop new uses for mobile networks to involve new innovators and technologies. This year we will publish research into how DRCF regulators can make it easier for innovators to introduce new ideas, products and business models across multiple regulators’ remits. We are going to use the conclusions to explore options for us to improve the journey for innovators across our regulatory boundaries. This aims to improve the way we collectively support and engage with innovators.

Capability

We need to continuously update and equip ourselves for the task of digital regulation. We have great opportunities to coordinate, explore synergies and share lessons. Through this work we can challenge and support each other to improve our processes, striving for excellence in how we deliver for people and businesses online.

Over the past year we have made encouraging progress to join up on capabilities by:

• embedding cooperation on policy issues;

• supporting knowledge sharing; and

• developing a combined view on the skills we need.

This year we will build on this year one investment in relationships and infrastructure so that we:

• improve the way that we support knowledge sharing on policy issues and the use of regulatory technologies through the development of expert networks;

• build on synergies and bridging the gaps in the horizon scanning we each undertake; and

• recruit and retain specialist talent across all 4 regulators on the basis of skills analysis.

Improving knowledge sharing through expert networks

We want to better connect our colleagues to allow for deeper knowledge sharing across teams working on similar issues. We aim to do this by creating formal networks on common topics such as:

• regulatory and supervisory technologies;

• cloud services;

• advertising technologies;

• choice architecture; and

• privacy-enhancing technologies.

The networks will allow colleagues to make connections, share expertise and explore the potential for more formal joint work. By promoting these cross-regulator groups we hope to enable more informed and creative policy development. We aim to allow our experts to challenge each other, share experiences and access new perspectives.

We want to better understand how we can use technology to deliver regulation more efficiently and learn from industry practices on how it supports their compliance efforts. We want to build on the FCA’s work in this space – and that of the CMA, Ofcom and the ICO – to share knowledge between regulators and identify novel insights. This includes holding workshops, showcase days and teach-ins with other regulators as well as external experts and firms to expand our subject matter knowledge.

Building on synergies and bridging gaps in the horizon scanning we each undertake

Horizon scanning is already fundamental to each of our regulatory approaches. It enables us to keep pace with technological change and identify future challenges. This, in turn, allows us to build knowledge and explore solutions ahead of time, delivering more swiftly and effectively for people and businesses.

Recognising the value of our individual work on horizon scanning, we began to explore ways to better share knowledge and insights. As set out in our November 2021 ‘Joining up on future technologies’ policy paper^{[footnote 15]} we have 3 initial priorities:

• collating and sharing research;

• joint engagement with SMEs, start-ups and academia; and

• accelerating our knowledge building via symposiums.

In March 2022 we launched the digital research portal that collates our research relevant to digital services and that of other regulators.^{[footnote 16]} We held the first in a series of engagement with SMEs, start-ups and academia on 5 April 2022 in Manchester, focusing on cyber-security and fintech. We will hold a DRCF metaverse and immersive tech symposium in May. Further ahead, we plan to hold 2 further symposiums during 22-23 on topics including Web 3.0. We will also continue to host further joint SME engagements during the year.

Recruiting and retaining specialist talent across all 4 regulators

To regulate digital services effectively, we will need to build appropriate skills and capabilities. Despite our different regulatory roles, we need common skills and expertise. We are cooperating to build our capabilities more efficiently, particularly as the individual regulators expand new hubs regionally. This year we will prioritise the delivery of shared skills and capabilities by:

• developing our recruitment strategy to better articulate our shared goals and improve candidate attraction and retention;

• driving outreach to build interest in digital and technology policy issues particularly among graduates and early career candidates through promotional communications and joint events under the DRCF brand; and

• building digital regulation skills by developing a learning product for the DRCF members and by sharing our learning plans with each other.

How we will work with others

Engagement with external stakeholders is essential to the DRCF’s work. We know there are a significant number of stakeholders with expertise on digital issues that we can learn from. This includes other regulators, industry, academia and civil society groups. By doing this we can drive more informed, impactful work, and ensure our stakeholders and partners understand our priorities and give them the opportunity to input into our latest thinking.

The innovative nature of the DRCF’s model means that the UK has a significant opportunity to lead the way on delivering coordinated digital regulation. But we are learning as we go. We therefore need to engage internationally, as well as domestically, to share our thinking and learn from the broad community of organisations working on digital regulation.

Engagement with the wider regulatory community is crucial to the DRCF’s success. During this last year, we engaged with regulators outside the DRCF membership via our quarterly regulator roundtable, which includes a diverse group of UK regulators with interests in digital issues. We have held 3 regulator roundtables since launching in September 2021. We will continue to engage with UK regulators to:

• identify synergies and overlaps in our respective work;

• share knowledge and identify insights in relation to current regulatory technologies; and

• understand emerging trends through horizon-scanning.

More generally we will strengthen and broaden our engagement with stakeholders by:

• identifying opportunities to join up on our engagement with industry where appropriate;

• building stronger connections with academia;

• continuing to engage with international counterparts to discuss the regulation of digital markets and share experiences of working collaboratively across regulators;

• meeting with civil society groups to identify potential areas of focus for the DRCF and to raise awareness of our work; and

• continuing to engage collectively with Government and Parliament to ensure we remain joined up on digital regulatory issues.

The first DRCF workplan focused on building the strong foundations and structures needed to facilitate our effective collaboration. This included commissioning consumer research, engaging with industry, UK regulators and the UK Government. This workplan sets out the priority projects for the DRCF over the next 12 months as our focus now turns to execution and delivery. Given the rapidly changing nature of the field, we will stay adaptive and flexible to events during the year. We will continue to build our dialogue with other regulators who have overlapping interests and the internal processes that support effective cooperation. Wider engagement will be a significant feature of our work this year and we encourage input on our workplan from all our external stakeholders: please contact DRCF@ofcom.org.uk with any comments or feedback.

1. House of Lords, Digital Regulation: Joined up and accountable, December 2021 ↩

2. Department for Digital, Culture, Media & Sport, Plan for digital regulation: Summary of responses to the ‘call for views’, March 2022 ↩

3. The Dutch Data Protection Authority, Dutch regulators strengthen oversight of digital activities by intensifying cooperation, October 2021. ↩

4. Australian competition & consumer commission, Agencies form Digital Platform Regulators Forum, March 2022. ↩

5. Ofcom, Pilot Online Harms Survey (PDF, 482KB), fieldwork covering Nov 2020 to Feb 2021; ICO, Annual Track, 2021; The FCA, in its Consumer investments data review April, September 2021, found that scam enquiries remained consistently high between April and September 2021. The FCA had over 16,400 enquiries about possible scams in the period, approximately a one third increase on enquiries over the same period in 2020 (12,400); and The CMA, in its Online Platforms and Digital Advertising Market Study, estimated a consumer detriment of around £2.4bn in 2018 as a result of excess profits. ↩

6. Department for Digital, Culture, Media & Sport, Plan for digital regulation: Summary of responses to the ‘call for views’, March 2022 ↩

7. Department for Digital, Culture, Media & Sport, Letter from DCMS Secretary of State to the Digital Regulation Cooperation Forum, March 2022 ↩

8. Parliament Publications, Communications and Digital Committee Digital regulation: joined-up and accountable, December 2021 ↩

9. Algorithmic auditing refers to a range of approaches to assess such systems. It can take different forms, from checking governance documentation, to testing an algorithm’s outputs, to inspecting its inner workings ↩

10. See CMA-ICO joint statement on competition and data protection law, May 2021 ↩

11. The benefits and harms of algorithms: a shared perspective from the 4 digital regulators, DRCF 28 April 2022; and Auditing algorithms: the existing landscape, role of regulators and future outlook, DRCF 28 April 2022 ↩

12. ICO, ICO Innovation services, 2022 ↩

13. FCA, FCA Innovation Hub, 2022 ↩

14. Digital Catapult, Digital Catapult launches new high-tech 5G lab to boost network security and resilience, June 2021 ↩

15. Gov, Joining up on future technologies, November 2021 ↩

16. Gov, Digital Regulation Cooperation Forum digital markets research, 2022 ↩