


























Between the UK government’s announcement that it will commit £1b to AI-related infrastructure, the EU’s launch of ‘InvestAI’ to mobilise EUR200b of investment in AI and the US Pentagon offering $200M contracts to AI companies like Anthropic (then OpenAI), Google and xAI, we are seeing a rapidly growing fervour among national governments to reap the perceived promises of artificial intelligence (AI). This government buy-in of AI in the form of massive investments and regulatory capture recalls previous trends of governments buying into and subsidising the oil and gas industry, the tobacco industry and the coal industry, often at the detriment of its own citizens. So, are we to wonder: is AI the new oil?
While some have previously responded to AI as regulators (e.g., the EU and the EU AI Act), the pro-regulation tides are shifting under threat by the AI race. The US and increasingly the UK are responding as customers and business partners, and the EU is caught in the middle of falling behind home-grown AI development at the risk of relying on AI developed on U.S. soil, while also juggling its commitments and cultural identity of regulating the harms of AI. These ‘GovTech’ relationships are still in their nascent stages, and only time can tell how they will play out in practice. However, it is precisely at the genesis of this GovTech era that we should scrutinise the potential risks and harms to privacy that government uses of AI could create.
In this article, we will discuss what we know so far about the state of GovTech and the larger concerns of what we don’t know. We conclude with precautions about the lack of transparency and lack of standardised deployment guidelines for governments utilising AI, with a mind for the geopolitical influences behind this GovTech advancement and the collectivised market power of the top companies dominating the AI market.
The UK’s plans for AI, as articulated in its AI Opportunities Action Plan, are aimed at driving economic growth in the country and the performance of public services (e.g., providing administrative tools for civil servants). This plan covers a wide range of departments and emphasises the government’s urgency to:
The UK government has already been quick to build relationships with third-party vendours, such as signing a deal with OpenAI and establishing a Memorandum of Understanding between the Department for Science, Innovation and Technology (DSIT) and Anthropic - both to enhance public services. This comes as the government has already been developing an internal arsenal of AI tools, such as:
DSIT categorises these AI products into two uses: productivity tools (like ‘Consult’) and policy tools (like ‘Extract’). Many of these tools are built in-house, but this could include some use of existing APIs (application programming interface) from third-party providers such as OpenAI. Representatives from DSIT describe these partnerships with vendours as ‘collaborations’ and not as ‘procurement’, as they intend to scale up the tool rather than use it as it is off the shelf.
In the EU, we are observing an interesting movement in its regulatory appetite. As one of the earliest entities to initiate legislation around AI, the EU has since shifted into a deregulatory and ‘pro-innovation’ approach. At the AI Action Summit in February 2025, European Commission President Ursula von der Leyen announced the launch of InvestAI, an initiative to mobilise 200 billion euros for investment into AI, particularly the financing of four AI ‘gigafactories’ in the EU for training complex AI models. This suggests the EU’s growing inclination towards ‘homegrown’ sovereign AI rather than the risk of relying on U.S.-grown Big Tech. Already the Commission has announced seven AI Factories worth 10 billion euro, which is apparently the largest public investment in AI in the world, ‘and will unlock over ten times more private investment’.
It remains to be seen how these AI investments - and national AI strategies that member-states like France plan to release - will manifest in practice alongside the phased enforcement of the EU AI Act. This could be a promising scenario to assess how technology can be developed when policy has been prescribed alongside it rather than after it.
The American playing field offers some insights into the GovTech wave as well, especially as pertains to third-party vendours. The U.S. government has been quick to pour investments into top AI players like OpenAI, Anthropic, xAI/Grok, Google, Scale AI and Microsoft.
The U.S. General Services Administration (GSA) announced the launch of USAi in August 2025, ‘a secure platform designed to let employees experiment with popular AI models made by OpenAI, Anthropic, Google and Meta’. The stated purpose of USAi is to allow government employees to voluntarily experiment with an approved suite of AI tools to make their workflows more efficient. According to the USAi website, one agreement with them allows access to multiple AI providers that they have vetted against federal requirements, ‘replacing the need for separate contracts, security reviews, and compliance checks with each vendor’.
The US Federal Government already has requirements for data processing as outlined by the National Institute of Standards and Technology (NIST) in their Federal Information Processing Standards (FIPS) framework, though it remains unclear how these new agreements coalesce with those existing obligations.
Claude, Gemini and ChatGPT were also added to the GSA’s Multiple Award Schedule (MAS) Programme, which:
In effect, being an MAS contractor acts as a seal of approval for federal buyers looking to adopt the technology so that the buyer does not have to go through any federal compliance checks themselves and can procure straight from the MAS list. Interestingly, OpenAI and Anthropic had announced they would sell their services to the government for as low as $1, which:
Doing this cements companies into the governments’ ecosystem in ways similar to how IBM, Oracle and Microsoft have done previously in government. By becoming the incumbent system, particularly if proprietary features are added, it makes migration to alternatives challenging and problematic.
Recent geopolitical intertwining between the U.S. and the UK adds some interesting texture to the developing GovTech space, too. U.S. President Donald Trump’s state visit to the UK in September culminated in a Memorandum of Understanding between the U.S. and the UK for a ‘Technology Prosperity Deal’. The MOU affirms both countries’ ‘common desire to enhance cooperation in science and technology matters that support initiatives of mutual interest that produce tangible benefits to their citizens’. This union between the UK and U.S. perhaps represents an urgency, or at least unified agreement, to advance a pro-deployment rhetoric over heavy-handed over-regulation. Among other provisions, the MOU intends to:
The argument made for deploying AI in the civil service is that it could help cut down on public spending and boost efficiency by better streamlining tedious administrative tasks. However, UK shadow science secretary Alan Mak cautioned that economic mismanagement could preclude any promised benefits. If a council website deploys an AI chatbot to service constituents who opt to speak with a human agent anyway, is the procurement and deployment of that chatbot a responsible use of taxpayers’ funds?
In parallel to these GovAI initiatives, there is a rapid and largely opaque race within military and defence administrations. The recent fall out between Anthropic and the US Department of War has illustrated how the same frontier models are deployed for war and can raise serious concerns around control and accountability. Yet, despite this technological convergence, policy initiatives aimed at regulating for civilian public services often deliberately exclude military and defence uses—most notably under the EU AI Act. This largely artificial institutional separation is not only problematic from a regulatory perpective; it also entrenches the militarisation of technology by masking how AI developed under logics of conflict, secrecy, and exceptionalism can spill over into civilian governance, normalising intrusive practices and undermining citizens’ rights, accountability, and democratic oversight.
Given the current state of play, what we’re concerned about is how little we actually know about how these AI tools work and what their long-term impact will be to citizens, especially as governments have access to troves of sensitive personal data in order to further develop and fine tune the technology. How are government AI models storing and processing data about public servants, citizens and/or residents of a country, whether in experimental sandboxes or beyond?
There are merits to streamlining tedious administrative tasks, but there are still big questions that must be answered around data privacy, transparency and automated decision-making if the government is about to promote and embed wide-spread agentic AI use for civil services.
On the data privacy front, several questions arise:
Data protection in the govAI context is especially important when we consider how highly sensitive, and sometimes secret, government data might be that could end up being processed by a black box algorithm - e.g., where an employee or colleague lives, any confidential documents that appear in meeting notes, etc.
To understand the data privacy concerns embedded in AI, we first provide a quick explainer about how AI is developed and fine-tuned. Recall that large language models (LLMs) are advanced machine learning models, such as chatbots or AI assistants, designed to understand and generate content like a human being. LLMs are trained on huge troves of data in order to learn complex patterns in language to perform a wide variety of tasks, such as delivering chatbot responses, predicting text in email-writing, or summarising textual or verbal material.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。