kamasigns - Fotolia
The government is set to use digital procurement to boost the UK economy in the run-up to Brexit. Whitehall’s annual £240bn spend on private sector contracts is not subject to the same EU state aid rules as subsidies, so it can be used to get funds to UK industries at risk from a Brexit effect.
World Trade Organisation (WTO) rules on public sector contracts are also different, so the measures will be applicable after 2019 whether the UK gets a “good deal” or “no deal” in the Brexit talks.
After the election, the government will encourage investment in technology to make new research and development (R&D) tax breaks even more effective; it will buy more through digital procurement; and it will ask suppliers to make public money go further by offering “social value”, even on contracts that have already been signed.
However, if the government wants to spend more money with suppliers online, it must also pay more attention to cyber security and whether foreign governments can access UK citizens’ data through private companies working in Whitehall.
The government’s approach to digital procurement is important to Brexit in three ways: it can help ease the restrictions of state aid rules on industries affected by Brexit; it will encourage investment in sectors most at risk of capital flight when we leave the EU; and it can be used to increase the social value of public spending.
EU restrictions on state aid are already widely recognised and we expect they would continue to be applied in the UK under most versions of a comprehensive trade deal with the EU27. Less widely noted, broadly similar restrictions on state aid would also apply under a WTO “no deal” scenario.
This makes the next government’s approach to digital procurement all the more important, as digital spending is likely to be beyond the purview of state aid rules under either system, so the government will be able to use its digital spend to support the UK economy and counter some of the potentially negative economic pressures we may face post-Brexit.
Greig Baker, Guide Consultancy
To date, the government has also been astute in using its online procurement policy to encourage private sector suppliers to make substantial investments in new technology. For example, the Cyber Essentials scheme started life with an exclusive focus on suppliers to the public sector and it has now been adopted and promoted by companies like Barclays, BT, Vodafone, Astra Zeneca and Airbus with their own suppliers, too.
By encouraging private companies to invest more heavily in UK-based tech, the government can dramatically improve its ability to support the UK economy post-Brexit if it has to. For example, a future government will be able to offer benefits like tax relief on R&D costs, investment support via co-owned tech incubators, and access to publicly funded cyber security protection. In fact, these things are already happening through the Industrial Strategy Challenge Fund.
While these measures will ostensibly be available across all sectors of the UK economy – which means they will stay on the right side of industry-specific state aid restrictions – they will offer the greatest benefit to industries that have voiced concern about the impact of Brexit on their future prospects.
So, for instance, automotive industry worries about tariffs may be mitigated by tax relief on investment in driverless cars, while financial sector concerns about passporting might be countered by improved cyber security for fintech.
In the meantime, the Civil Service remains committed to promoting social value through procurement. As recently as 18 April – the day Theresa May called for a general election – the Crown Commercial Service (CCS) announced it would be “placing social value at the heart of procurement”.
CCS even said it would be “reviewing current deals to identify social value opportunities” through individual procurement frameworks such as Technology Products 2. This would be welcomed by many working in digital procurement, where – ironically – social value goals, such as boosting digital skills in the UK workforce, have often been absent.
The risk of getting it wrong
If the next government is to exploit the opportunities provided by a strategic digital procurement programme, it will need to mitigate two significant risks. First, it will need to build on measures to protect government data stored in cloud servers if they are based outside the UK, or to repatriate especially sensitive data to UK shores and to cloud servers exclusively under UK control.
This could be done by working with UK-based tech companies whose approach to data security is not subject to foreign jurisdictions. Second, the next government should consider redoubling efforts to award a greater proportion of digital public sector contracts by value to SMEs (which are commonly also UK-based companies), as this would help to diversify and de-risk the government’s supplier base. It would probably also boost corporation tax take.
Thankfully, these issues are recognised by the incumbent government, MPs in various parliamentary select committees, and the Civil Service. The UK’s first director general for digital, Matthew Gould, has an explicit remit to “create an innovation-friendly and cyber-secure country” and Liam Maxwell, the UK’s first National Technology Advisor, argues that “it’s not unreasonable that people want to keep data in the UK. Citizens want to trust their government is holding their data securely.”
The Information Commissioner’s Office (ICO) has also set out how government departments and other public bodies should assess the risk of using cloud servers if they do decide to use servers that are based outside of the UK.
Read more about Brexit and tech
- Government outsourcing contracts could be extended without renegotiation due to the civil service being overburdened with Brexit work.
- Investment in UK financial technology companies fell in 2016 because of the uncertainty caused by the Brexit vote.
- The ICO is working to ensure that the UK’s post-Brexit data protection law is progressive, stands up to scrutiny and provides stability, says information commissioner.
The ICO has stressed that “the obligations of the public sector cloud customer as a data controller will not end once a cloud provider is chosen”, so the commissioning public sector body should “assess the security measures used by a data processor by inspecting their premises”.
This kind of inspection should consider whether premises are secure from both illicit physical access and unwanted virtual access – including where a foreign government could insist on access to data about UK citizens, even if that data is stored in a UK-based facility or secure government network, because the company providing the cloud servers is subject to another country’s cyber jurisdiction.
Even with the best UK-based security measures to protect the digital services government buys to store and manage sensitive data, threats will always exist. This means the next government should take care to de-risk public sector digital procurement as far as possible. One important way of doing that will be to ensure there is a diverse supplier base that fosters innovation in digital security and avoids over-reliance on a few large-scale providers.
Broaden the supplier base
The National Audit Office has warned that “94% of government procurement with digital and technology suppliers continues to be with large enterprises”, so there is still more to be done to secure a truly diverse and de-risked digital supplier base.
Large digital enterprises are not inherently less secure than those SMEs that already have accreditation certificates, CSA Star certification, and that meet ISO27001 and ISO28001.
But if the public sector relies on a small number of companies – whatever their size – to deliver most of its digital procurement needs, it necessarily becomes exposed to the security and maintenance risks faced by those companies. Similarly, by encouraging a more diverse digital supplier network, the government is more likely to benefit from new innovations – a “10 heads are better than one” approach.
Greater use of UK-based SMEs in the digital supplier network would also help the government stem the “erosion of the tax base” from corporate tax evasion – an objective that has been clearly enunciated by both the prime minister and chancellor as we move towards an increasingly digital economy.
The government has started to examine how it can encourage large tech companies with headquarters in other tax jurisdictions to meet public expectations of their UK tax liabilities, and a clear commitment to increase the value of digital contracts secured with and through UK-based SMEs would encourage more digital startups to launch here in the first place.
This would be in line with existing policies designed to support growing tech clusters in the UK and a more benign regulatory environment for incubators for startups in new digital industries, such as the Financial Conduct Authority’s regulatory sandbox.
During the general election campaign, there will be a chance for each political party to set out its proposals to protect sensitive government data stored both inside and outside the UK, as well as their plans to encourage a more diverse digital supplier base. Hopefully we’ll hear what they have in mind.