In its National Quantum Strategy, which includes £2.5 billion in funding, as well as plans for research zones and skills training, the government announced it will establish a regulatory framework “that supports innovation and the ethical use of quantum technology”. This must be stable, flexible, simple and ethical while protecting the UK’s capabilities and national security. An expert told Tech Monitor the focus should be on legislating for post quantum encryption before the UK is left behind.
Quantum computing is a potentially transformative technology, once realized it has the potential to transform our understanding of the universe, the human brain and tackle problems such as climate change. But it also comes with risks, including the potential to easily crack encryption and change warfare.
Governments around the world are investing heavily in quantum technology with China leading the world in direct funding at the national level followed by the EU and now the UK. Billions of dollars in venture capital, private investment and university research funding are also being poured into the technology.
Last year, Stanford University professor Mauritz Kop declared that we need to learn from our mistakes made around the regulation of AI “before it’s too late” and said that quantum computing has the potential to be “more dangerous than artificial intelligence” without adequate regulation.
In its National Quantum Strategy, the government says it is important to engage early in the debates that will shape the future regulation of quantum technology. Early work will help identify potential risks with the use of the new technology and develop new common taxonomies, languages and principles to guide development.
“Eventually, new standards, benchmarking and assurance frameworks will increase in importance to facilitate technological development as use cases become more apparent, helping to set requirements for interoperability and to measure performance in key sectors,” the strategy says.
How the UK will develop ethical quantum systems
It includes a commitment to put innovation, business growth and the ethical use of quantum technology at the heart of the UK economy while testing technologies within the UK through regulatory testbeds and sandboxes, as well as working with “like-minded partners” around the world to shape standards and standards as technology evolves and becomes more mainstream.
Much of the engagement is outward-looking, with the strategy calling for the UK to play a role in the World Trade Organisation, the World Economic Forum, the G7, the G20, the OECD, NATO, the Council of Europe, the Commonwealth and the UN, including “using the UK’s seat in the International Telecommunications Union (ITU) to ensure that quantum regulation supports UK business and innovation, that the UK’s wider prosperity, security and defense interests are represented and that we continue to uphold UK values including those on human rights.”
Content from our partners
The government also outlined proposals to ensure the economy and national security are protected, including working with “like-minded allies” to monitor and review current and future controls, including through export regimes, security targets and IP protection.
The plan is also to ensure that the National Cyber Security Center (NCSC) continues to publish guidance on the transition to quantum-secure cryptography. “In terms of the government’s own preparedness, restrictions have already been placed on critical information and services,” the report explains, with specific recommendations to follow the US NIST process.
There will also be work on technical standards, including through quantum-secure cryptography in collaboration with ISO, IEC and ITU and efforts to build security frameworks for the use of these technologies as they mature. Much of this follows the pattern set out for artificial intelligence regulation, including sandboxes, standards and regulator-led guidelines.
“The Chancellor strengthened the UK’s technology strategy with the £2.5 billion ‘Plan for Quantum’, but the writing is on the wall: the extraordinary processing power of quantum computers will have a catastrophic impact on digital systems if we don’t start a cryptographic transition now,” Tim shared Callan, head of experience at digital identity and security company Sectigo Tech Monitor.
“IT leaders need to start paying attention to the coming threat from quantum computing and prepare their organizations to upgrade to new ‘post-quantum’ cryptography to stave off, or at least mitigate, the damage.”
As well as pledging investment in research, promoting greater computing power and regulation, the National Quantum Strategy also promises £15 million in direct funding to “enable the government to act as an intelligent, early customer of quantum technology”, which James Sanders, lead analyst of cloud and infrastructure at CCS Insight said “greater articulation” is needed because it is currently unlikely that there are many circumstances where a quantum computer could be used by government to find efficiencies or optimization that could not be done with a classical machine
Export controls and IP protection for quantum technologies
When it comes to regulation, Sanders says it falls under two different priorities: export restrictions and intellectual property rights. The first is similar to the approach of exporting precision technology for semiconductor manufacturing as well as exporting advanced GPUs for AI model training, which he says are “two aspects that are today prioritized by the US government.”
Ben Packman, head of strategy at UK post quantum encryption firm PQShield, says quantum technology is developing at a rapid pace around the world, and more upfront funding will be required for the UK to maintain its leading position in the sector. “Any delay could leave the door open for others to overtake us, which is a real problem when you consider that Britain’s adversaries are developing a quantum computer intended for malicious purposes,” he says.
Private and public partnerships are required to protect against this and other risks associated with the technology, including the adoption of legislative and policy updates. The U.S. has the Quantum Computing Cybersecurity Preparedness Act, but in the U.K., this new approach “is light on mitigating the risks associated with quantum,” Packman says.
He said that while regulators are already working with industry and academia across the quantum value chain to build a regulatory framework, the UK is lagging behind on cryptography legislation. “The US is already actively legislating for quantum-secure cryptography, and where the US National Security Agency (NSA) has issued a very specific set of guidelines and timelines in its CNSA 2.0 framework,” he says. “We would like to see the UK match and even go beyond this if it is to become a true quantum superpower.”
Many UK companies, including PQShield, contribute to the cryptographic standards considered as part of the NIST review. The result of this will set the global standard for post-quantum encryption, including algorithms used in industry and government.
“We’d like to see the UK’s quantum performance heralded from the top,” adds Packman. “The Government must also align all its departments along the same path, including bodies such as GCHQ and the National Cyber Security Center (NCSC) and MI5’s newly created National Protective Security Authority (NPSA).
“The strategy does not mention the DRCF or the Digital Catapult and how they can support the broader quantum strategy. It seems to me that both systems can play a relevant role, so it would be good to see the dots connected at a strategic level.”
Read more: Can quantum computing make our energy grid sustainable?
#regulate #quantum #computers