UK MPs back AI kill switch

British lawmakers are moving AI-adjacent infrastructure deeper into the UK’s national resilience framework as Parliament advances a cyber bill that would classify data centres as essential services. The shift comes as OpenAI is expanding safety hiring around model autonomy and adding product features that let Codex keep using a Mac after it locks. Together, the developments put emergency powers, infrastructure oversight and company readiness into the same conversation. The UK measure is not an AI law in the narrow sense, but it reaches the facilities that increasingly host and serve advanced AI systems. ### What exactly did MPs back in Britain? The Cyber Security and Resilience (Network and Information Systems) Bill is a government bill that originated in the House of Commons and was last updated on the UK Parliament site on May 21, 2026. Its long title says it would amend the Network and Information Systems Regulations 2018 and cover systems used for essential activities. (bills.parliament.uk) The Department for Science, Innovation and Technology said on March 6 that the bill would bring data centres into scope by classifying data infrastructure as a relevant sector and data centres as an essential service. The government said data centres were designated critical national infrastructure in 2024 and argued the sector underpins services ranging from patient records to financial systems. (bills.parliament.uk) The bill also gives regulators and ministers broader tools over critical digital systems. A delegated powers memorandum from DSIT says the legislation is meant to equip regulators with proportionate powers, bring more entities into scope and give government sufficient powers to amend the NIS regime in future and respond to threats to UK national security. (gov.uk) ### Does the bill literally create an AI “kill switch”? The official materials reviewed for the bill show a clear move to treat data centres as essential infrastructure, but the specific “AI kill switch” label is not the language used in the government factsheet or the Parliament bill page. Those sources describe resilience duties, incident reporting and ministerial powers tied to national security and the NIS framework. (publications.parliament.uk) A March 18 amendment paper for report stage shows lawmakers tabling new clauses on foreign interference and cyber support for smaller firms, which indicates the bill was still being revised during Commons stages. But the official pages surfaced here do not, on their face, reproduce the wording described elsewhere as a last-resort power to shut down AI systems in a catastrophic emergency. That means the infrastructure piece is verified; the shorthand description is an inference drawn from broader emergency-direction powers and from external reporting, not from the official text quoted here. (bills.parliament.uk) ### Why are data centres central to this story? DSIT said operators above defined capacity thresholds would be brought into the NIS regime and regulated by Ofcom, with the department also acting as joint regulator in the wider bill architecture. In the delegated powers memorandum, DSIT said data centre operators at or above 1 megawatt of UK data-centre services capacity — or 10 megawatts for enterprise-only services — would be designated operators of essential services. (publications.parliament.uk) The March 6 factsheet also says 80% of sector revenue is generated by ten operators controlling about two-thirds of live capacity. The government used that concentration to argue that outages can have broad effects across public services and the wider economy. ### What is OpenAI doing at the same time? (gov.uk) OpenAI has posted a job for an “Abuse Investigator (AI Self-Improvement Risk)” in San Francisco on its Intelligence and Investigations team. The role says the investigator would examine cases where models show “autonomous or agentic behavior,” including chaining capabilities, increasing independence and patterns that may introduce safety risk. (gov.uk) OpenAI’s Codex changelog says that on May 21 it added “remote computer use,” allowing Codex to use desktop apps after a Mac locks, including remotely through Codex Mobile. The company said the feature is limited to active, trusted turns and includes safeguards such as short-lived authorization, covered displays, relock on local input and a manual-unlock fallback. (openai.com) OpenAI’s computer-use documentation says the feature is currently available on macOS, except in the European Economic Area, the United Kingdom and Switzerland at launch. The page says users must install a plugin and grant Screen Recording and Accessibility permissions for Codex to see and operate apps. ### What happens next? The UK Parliament bill page says the Cyber Security and Resilience Bill is in its later parliamentary stages after being reintroduced at report stage on May 14, 2026. (developers.openai.com) OpenAI’s public materials show the company is continuing to ship agent features and hire for investigations into autonomy-related risk, with the Codex changelog and careers pages serving as the next public markers to watch. (bills.parliament.uk) (developers.openai.com)