All 17 contributions to the Telecommunications (Security) Act 2021

Read Bill Ministerial Extracts

Mon 30th Nov 2020
Telecommunications (Security) Bill
Commons Chamber

2nd reading & 2nd reading & 2nd reading: House of Commons & Carry-over motion & Carry-over motion: House of Commons & Money resolution & Money resolution: House of Commons & Programme motion & Programme motion: House of Commons & Ways and Means resolution & Ways and Means resolution: House of Commons & 2nd reading & Programme motion & Money resolution & Ways and Means resolution & Carry-over motion
Thu 14th Jan 2021
Telecommunications (Security) Bill (First sitting)
Public Bill Committees

Committee stage: 1st sitting & Committee Debate: 1st sitting: House of Commons
Thu 14th Jan 2021
Telecommunications (Security) Bill (Second sitting)
Public Bill Committees

Committee stage: 2nd sitting & Committee stage & Committee Debate: 2nd sitting: House of Commons
Thu 21st Jan 2021
Telecommunications (Security) Bill (Fifth sitting)
Public Bill Committees

Committee stage: 5th sitting & Committee Debate: 5th sitting: House of Commons
Thu 21st Jan 2021
Telecommunications (Security) Bill (Sixth sitting)
Public Bill Committees

Committee stage: 6th sitting & Committee Debate: 6th sitting: House of Commons
Tue 26th Jan 2021
Telecommunications (Security) Bill (Seventh sitting)
Public Bill Committees

Committee stage: 7th sitting & Committee Debate: 7th sitting: House of Commons
Tue 26th Jan 2021
Tue 25th May 2021
Telecommunications (Security) Bill
Commons Chamber

Report stage & Report stage & 3rd reading
Wed 26th May 2021
Tue 29th Jun 2021
Tue 13th Jul 2021
Telecommunications (Security) Bill
Grand Committee

Committee stage & Committee stage
Thu 15th Jul 2021
Tue 19th Oct 2021
Tue 26th Oct 2021
Mon 8th Nov 2021
Telecommunications (Security) Bill
Commons Chamber

Consideration of Lords amendments & Consideration of Lords amendments
Mon 15th Nov 2021
Telecommunications (Security) Bill
Lords Chamber

Consideration of Commons amendments & Consideration of Commons amendments
Wed 17th Nov 2021
Royal Assent
Lords Chamber

Royal Assent & Royal Assent & Royal Assent & Royal Assent

Telecommunications (Security) Bill

2nd reading & 2nd reading: House of Commons & Carry-over motion & Carry-over motion: House of Commons & Money resolution & Money resolution: House of Commons & Programme motion & Programme motion: House of Commons & Ways and Means resolution & Ways and Means resolution: House of Commons
Monday 30th November 2020

(3 years, 4 months ago)

Commons Chamber
Read Full debate Telecommunications (Security) Act 2021 Read Hansard Text Read Debate Ministerial Extracts
[Relevant Documents: Oral evidence taken before the Science and Technology Committee on 24 June, 9 and 22 July, 30 September and 28 October 2020, on UK telecommunications infrastructure and the UK’s domestic capability, HC 450; Second Report of the Defence Committee, Session 2019-21, The Security of 5G, HC 201.]
Second Reading.
6.20 pm
Oliver Dowden Portrait The Secretary of State for Digital, Culture, Media and Sport (Oliver Dowden)
- Hansard - - - Excerpts

I beg to move, That the Bill be now read a Second time.

Cutting-edge technology such as 5G and gigabit broadband have the potential to transform our lives and this Government are investing billions of pounds in their roll-out nationwide, but we can only have confidence in that technology if we know it is secure, and this Bill will create one of the toughest telecoms security regimes in the world, one that will protect our networks even as technologies grow and evolve, shielding our critical national infrastructure both now and for the future.

This Bill acts on the recommendations of the United Kingdom telecoms supply chain review, which in turn was informed by the expert technical advice at the National Cyber Security Centre in GCHQ. First, it establishes a tough new security framework for all the UK’s public telecoms providers. This will be overseen by Ofcom and the Government, and they will have a legal duty to design and manage their networks securely. Rigorous new security requirements will be set out in secondary legislation, and codes of practice will set technical guidance on how providers should meet the law, and where providers are found wanting, Ofcom will have the power to impose steep fines. For example, under the current regime fines for failing to protect security are limited to just £2 million or £20,000 per day, while under the new regime they will rise significantly, to up to 10% of turnover or £100,000 per day. Under the current regime Ofcom has limited monitoring and enforcement powers. Under the new regime it will have the power to enter premises of telecoms providers, to interview staff and to require technical systems tests.

If we pass this Bill, few other countries in the world will have a tougher enforcement regime, and the point of this Bill is not just to tackle one high-risk vendor; it raises the security bar across the board and protects us against a whole range of threats. According to the NCSC, the past two years have seen malicious cyber-activity from Russia and China as well as North Korea and Iranian actors. While I know that telecoms providers are working hard to protect our networks against this hostile activity, the Government have lacked the power to ensure they do so. This Bill puts a robust security framework in place, guaranteeing the protection of our networks.

Tobias Ellwood Portrait Mr Tobias Ellwood (Bournemouth East) (Con)
- Hansard - - - Excerpts

It feels like a long time since we had debates about Huawei at, I think, the beginning of the year, which perhaps started this national conversation about our critical national infrastructure. My right hon. Friend speaks about threats: what is the biggest long-term geostrategic threat facing the UK now?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

The purpose of this Bill is to give us flexibility so that we do not get bound by the particular circumstances of today, and we have designed it to give us that. The four big threats we consistently face in cyber in this country are, as my right hon. Friend knows, in relation to Russia, China, North Korea and Iran, and we are seeing an evolution in some of those threats, particularly in relation to China.

This new security framework is just one half of the Bill; the second half gives the Government unprecedented new national security powers to identify and tackle high-risk vendors. Under the Bill the Government will be able to designate specific vendors that pose risks to our national security and issue directions to telecoms providers to control their use of goods, services or facilities provided by those vendors.

Kevan Jones Portrait Mr Kevan Jones (North Durham) (Lab)
- Hansard - - - Excerpts

In principle, I welcome the Bill. Its focus, however, is on kit, hardware and vendors, and that will go some way towards protecting our telecoms systems, but we are also still facing threats from hacking, so making sure we have basic good cyber-hygiene will be just as important as some of these measures we are discussing today.

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

In short, yes, the right hon. Gentleman is absolutely correct. What this Bill does is bite in three respects. First, it sets out the overarching duties on mobile network operators and other telecoms providers in statute. It then empowers the Government through secondary legislation to provide further requirements on them. On top of that, for the tier 1 providers, which will basically be all the big telecoms providers, it also introduces a code of practice whereby they have to comply with that to ensure that they are secure. Across the board, the Bill tightens the requirements on them.

Bob Stewart Portrait Bob Stewart (Beckenham) (Con)
- Hansard - - - Excerpts

To follow up on the comments of my good friend the right hon. Member for North Durham (Mr Jones), does the Bill also give added protection to private individuals using their mobile phone, to stop them having it tapped by, say, a newspaper reporter?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I cannot imagine what my hon. Friend is alluding to. This is aimed at the telecoms providers, but in tightening the security requirements on them, it in turn, of course, tightens the security for individual telecoms users. The Bill makes it a duty for telecoms providers to comply with those directions and introduces robust penalties for those that fail to do so.

The point is that these powers will protect us against both the high-risk vendors of today and the threats of tomorrow. I know that for right hon. and hon. Members there are significant concerns about one high-risk vendor, Huawei. This has rightly attracted the attention and concern of many hon. Members and I want, first, to reassure them that I have heard them, that I am acting and that I am taking a clear-eyed approach to protecting our national security.

In July, I announced that UK telecoms providers should cease to procure any new 5G equipment from Huawei after 31 December 2020 and remove all Huawei equipment from our 5G networks by the end of 2027. This Bill enables us to implement those decisions in law.

Tom Tugendhat Portrait Tom Tugendhat (Tonbridge and Malling) (Con)
- Hansard - - - Excerpts

I welcome both the Secretary of State’s direction and his much earlier than expected announcement of no new installations. Does he agree that this fundamentally changes the incentives on any boardroom for using any kit—in this case, Huawei—that is a risk? The cost is going to be laid with the company—that they will have to remove it anyway—which changes the pricing structure that any other company would have to bid for.

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

My hon. Friend makes a very important point, and I will be coming on to that in a minute. It is actually happening now because telecoms providers and mobile network operators know three things. They have to remove Huawei equipment in respect of 5G by 2027 entirely. They cannot purchase any equipment from the end of this year, and—I will come on to this shortly—we have double locked that, as it were, by having the installation requirement. Mobile network operators are already working on that assumption.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

I find that very strange because the Bill is about security. The Secretary of State is now saying that he is introducing proposals which mean that if, for example, Vodafone or any other operator has got some stock in, it cannot put it in from the end of this year. What is the security risk there? The only reason we changed the projections earlier last year—which I supported—was the US sanctions on future kit. There is not a security risk to the kit that is going in now so how can he use this Bill, on security, for doing that? Is this not just a political decision that he is making?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

To clarify the position for the right hon. Gentleman, mobile network operators cannot purchase from December this year—so they can purchase it now— and the installation limit will then apply from September 2021. The point of these measures is to address the concerns that Members rightly raised that companies could be incentivised to purchase large amounts of stock, stockpile it and then roll it out right the way through to 2027. I told the House in July that I would set us on a clear and unambiguous path to 2027, and these measures do exactly that.

Alun Cairns Portrait Alun Cairns (Vale of Glamorgan) (Con)
- Hansard - - - Excerpts

Does the Secretary of State agree that, associated with the Bill, there needs to be a plan for the greatest diversity in the supply chains? That is the long-term solution, because part of the challenge is that we have ended up focusing on one supplier, Huawei, which has been dominant in this field. What action is he taking in that area?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I thank my right hon. Friend for his intervention. The interventions are tempting me to jump around points that I intend to make, but he is right about the importance of diversification. We have published the diversification strategy, which is available for Members to examine, and I will come on to it in a moment.

It is this Bill and this Bill alone that gives Members the assurances they seek for the security of our networks both now and in the future. Further to the point made by my hon. Friend the Member for Tonbridge and Malling (Tom Tugendhat), operators are already taking our approach seriously—they are working now to meet the Government’s requirements. For example, BT has signed a deal with Ericsson for 5G equipment to enable it to phase out Huawei and is already in the process of using Ericsson products to replace Huawei in its core. Where operators can go further and faster without jeopardising the stability of our network, we will of course encourage them to do so, but it would be a big risk to force them to go even further. BT and others have warned that moving faster could put our networks under considerable strain, creating significant risk of blackouts, and it would take longer for 5G to reach the parts of the country where it would make the most difference.

Tobias Ellwood Portrait Mr Ellwood
- Hansard - - - Excerpts

O2, Three and BT had concerns that they would have to cancel their contracts with Huawei but still pay for them, because the equipment was on its way. Could my right hon. Friend clarify what happens to contracts that are in the pipeline, which could see these companies go bust if they have to pay for them?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

My Department is in close contact with mobile network operators. I do not think that the sort of risk my right hon. Friend describes of companies going bust is remotely the case. Furthermore, we have given clear advance notice of this. For example, we made the first statements in January this year. We updated the guidance in July, and we also consulted extensively with the mobile network operators on the requirements in relation to installation that I am announcing today.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

Will the Secretary of State give way?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I will make some progress. I may come back to the right hon. Gentleman later, but I have already given way to him twice.

I know that some Members are concerned that we have not named Huawei on the face of the Bill and that our approach could be reversed in years to come. I want to reassure those Members on a number of fronts. We have not chosen to name Huawei for two compelling practical reasons. First, as we discussed, this Bill is designed to tackle not only the Huaweis of today but the Huaweis of tomorrow, wherever they come from. It needs to be flexible enough to cover future threats and not tie our hands by limiting our response to one company and one company alone. Secondly—this is the most crucial point—making reference to any one company would create a hybrid Bill, dramatically slowing the passage of the Bill and therefore our ability to combat all high-risk vendors, including Huawei.

However, as a concrete sign of our commitment to tackling the national security risks posed by Huawei, I can confirm today that we are going further in two significant ways. First—I hope Members will have had a chance to see this—we have published an illustrative designation notice and an illustrative designated vendor direction to demonstrate how the Bill’s powers in relation to a high-risk vendor could be exercised. Given the level of concern in this House and in the other place about Huawei’s role in 5G infrastructure, these illustrative drafts name Huawei explicitly, clarifying our position beyond doubt, and set out a clear pathway to the reduction and removal of its equipment.

Luke Evans Portrait Dr Luke Evans (Bosworth) (Con)
- Hansard - - - Excerpts

Does the Secretary of State believe that taking out companies such as Huawei may damage the economic impact, and what assessment has he made about making sure that we are at the forefront of growing 5G network in the UK?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

My hon. Friend raises an important point. We are clear-eyed about putting national security first. If national security and economic interests are in conflict with each other, national security comes first. But within the context of that, we have properly weighed up the risks as between different dates. I believe that 2027 strikes the appropriate balance in that it can be delivered with impact, in the way that I described in my statement to the House in July—it will have an impact in terms of cost and roll-out for mobile network operators—but it does not run the risk that we go too far and too fast, whereby we risk some sort of blackout and loss of provision.

In addition to the draft directions, we are going a step further by using the illustrative directions to set out a new hard deadline for the installation of Huawei equipment. That direction makes it clear that all operators must not install Huawei equipment in their networks from the end of September 2021.

That clarification has clear practical implications. It will prevent any operator from stockpiling Huawei kit in the hope that the ban might be reversed. The new installation deadline will create cold hard facts on the ground, effectively turning the plan for Huawei’s removal into an irreversible reality.

The powers in the Bill also allow us to keep an eagle eye on the progress of Huawei’s removal. They enable us to require Ofcom to obtain information from companies to see whether a provider has complied, or is complying, and they allow us to require providers to prepare a plan setting out exactly how they intend to get to zero Huawei by 2027.

Using those powers, we will not just publish an annual report of compliance on the removal of Huawei equipment, but keep a close watch on the future progress of all telecoms companies where Huawei is concerned. Under this rigorous monitoring and reporting system, no provider will be able to drag their feet. They will need to provide proof that they are working to meet the 2027 deadline. But, critically, we can do this only if we secure these important powers—the powers that will enable us to take action in relation to Huawei to protect our networks, but also to take action against any other potential high-risk vendors now and in the future.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

The right hon. Gentleman is wrong. This Bill is actually about security. The reason he is going to get the powers is to take out vendors who are a clear high risk. Huawei has been there for a while. The kit that he is talking about banning after 2021—even if it is stockpiled or part of a contract—has not got a security implication at all because it has already gone through our Huawei centre. So I am not sure that he has the powers in the Bill to do that. I am sorry, but if I were a telecoms provider and I had a contract or a stockpile of kit that I could not use, I would be looking at taking legal action against the Government, because he cannot use the Bill if that equipment is not a threat to national security, which it is not.

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I say to the hon. Gentleman—[Interruption.] I beg his pardon. It is the right hon. Gentleman. I stand corrected. I say to the right hon. Gentleman that, first, this Bill and the measures in it implement what we announced as a Government in January and July, which, in turn, was based on the advice of the National Cyber Security Centre and GCHQ. In relation to whether I, or any Secretary of State, has sufficient powers in the Bill, I refer him to clause 16(2), which inserts new section 105Z8(4)(a) to (l) into the Communications Act 2003, which sets out a very wide range of bases on which I can designate a provider as high risk and take measures, so I am confident that I have those sufficient powers.

We must never find ourselves in this position again. Over the last few decades, countless countries across the world have become over-reliant on too few vendors, thanks to a lack of competition in the global telecoms supply chain. While this is a global problem, today this Government are officially leading the way in solving it. Alongside the Bill, we have published an ambitious diversification strategy—the first such strategy to be published anywhere in the world. It sets out our vision of what an open, competitive, diverse supply market for telecoms will look like, and the measures we will bring forward to develop an innovative and dynamic market.

We want to make progress as quickly as possible, so today I can also confirm that we are committing £250 million to kick-start this work. That includes funding and building a state-of-the-art national telecoms lab, which will bring together suppliers from across the world to test the performance and security of their equipment. We are also running a 5G open radio access network trial with the Japanese supplier NEC in Wales to help the entire UK benefit from this exciting new industry. That, of course, comes on top of NEC establishing a global open RAN centre of excellence in the UK just last month. We also know that Vodafone has recently announced that it intends to deploy open RAN technology across more than 2,600 of its sites—the largest commitment of its kind across any European network.

Tom Tugendhat Portrait Tom Tugendhat
- Hansard - - - Excerpts

The Secretary of State is rightly focusing on open RAN and the opportunity to partner with others in the democratic and law-abiding world. What has he done to reach out to countries such as South Korea, whose Samsung system could provide for the UK, and to encourage Nokia, Ericsson and Fujitsu in Japan?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I am pleased to say that the Minister for Digital Infrastructure has met every one of the parties my hon. Friend named; indeed, I have met many of them. Essentially, we are working across three strands. First, we are working with the existing vendors—there were three, now to become two—to secure them and make sure we do not lose a further one. We are also working with new potential incumbents such as NEC and Samsung. In addition, we are working across a range of countries, in particular the D10, to ensure that we work together to improve standards in telecoms.

Iain Duncan Smith Portrait Sir Iain Duncan Smith (Chingford and Woodford Green) (Con)
- Hansard - - - Excerpts

I am grateful to my right hon. Friend, who is being customarily generous in giving way, but can I just make a point to him and hear his answer? This situation has constantly been wrongly described as a market failure. It was not a market failure; the failure was in the reality of one country abusing and breaking World Trade Organisation rules on subsidies. The key problem has been that China has subsidised its providers dramatically, even over 100% on contract, which has killed this market over the last 10 years. Once we release the market by stopping that, the private sector will come back into this industry because competition will be real competition, not broken competition. That is the key point.

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

My right hon. Friend highlights one of a range of different market distortions that have been going on. To a certain extent, there will be some market correction, but the Government also need to intervene, and our diversification strategy addresses that. If we are to get existing vendors who are not currently in the UK market back in, or to create a new open RAN solution, we need to provide financial incentives, and the diversification strategy touches on many of the steps that we propose to take.

We are taking concrete steps towards a solution, but diversification is not just a problem to be solved. It is also an opportunity to be seized. As part of our strategy, we will invest in homegrown solutions that will put us at the forefront of developing 5G technology and all the transformative benefits it brings. The next phase of this work will be taken forward by the Telecoms Diversification Task Force, chaired by Lord Livingston, formerly of BT, and others. I am grateful for the work that he, industry and academic experts have done in developing the strategy and in taking it forward.

The Bill has not been designed around one company, one country or one threat. Its strength is that it creates an enduring, flexible and far-reaching telecoms regime, one that keeps pace with changing technology and changing threats, that supports billions of phone calls, email exchanges and file transfers in this country every day, and that is essential to the UK’s economy and its future prosperity.

I listened carefully to the concerns of Members on both sides of the House in designing the legislation, and I have sought to address those concerns head on in the Bill as it stands before the House. I genuinely hope that the Bill will command cross-party support and that we will be able to work together in the national interest to ensure the security of our telecoms networks. I commend the Bill to the House.

18:45
Jo Stevens Portrait Jo Stevens (Cardiff Central) (Lab)
- Hansard - - - Excerpts

It is a pleasure to speak in this Second Reading debate on the Telecommunications (Security) Bill on behalf of the official Opposition. Labour will always put national security first, so we are pleased to finally see this Bill brought forward by the Government. All sides of the House agree that the first duty of any Government is to protect their citizens, and we have confidence in our national security services, which go to such lengths to keep us all safe.

I say I am pleased to finally see this Bill brought forward because it has been clear for a long time that there were serious questions over whether high-risk vendors, specifically Huawei, should be allowed to control large sections of our country’s telecoms networks. But let us be frank: until this year, the Government had failed to face reality. I agree with the shadow digital Minister, my hon. Friend the Member for Newcastle upon Tyne Central (Chi Onwurah), who said here in July that the Government’s

“approach to our 5G capability, Huawei and our national security has been incomprehensibly negligent.”—[Official Report, 14 July 2020; Vol. 678, c. 1378.]

As long ago as June 2013, the Intelligence and Security Committee report on “Foreign involvement in the Critical National Infrastructure” made it absolutely clear that risks had to be properly identified, assessed and managed, and that processes and procedures had to be put in place to achieve this, and those needed to be completely robust.

I am sure that Conservative Members will be keen to mention that Huawei first entered the UK network in 2006 under a Labour Government, but as is very clear from the ISC report, that decision was one taken by officers, and Ministers were not told about it at the time. In fact, they were not even told that a contract had been signed until a year later, seemingly because those officials felt that to invest in Huawei brought significant trade, financial and diplomatic consequences. Since that decision, much has changed with the situation of the UK’s relationship with China. The Conservative party have had ample time not only to begin that removal process, should it have wished to, but to invest in the diversification that could have meant we had a homegrown alternative ready to use. It is only today, after 10 and a half years in government, that this diversification strategy has finally been published.

We know that the political background to this Bill has much to do with the power of many Conservative Back Benchers—many are here today, and I am looking forward to hearing all the contributions to the debate in due course—but it is as much to do with what had been a desire to satisfy the now outgoing President of the United States as it is with the safety of our critical national infrastructure, and this political soap opera has been an unnecessary distraction.

Tom Tugendhat Portrait Tom Tugendhat
- Hansard - - - Excerpts

The hon. Lady will forgive me for picking just a very small hole in her argument. One of the very few policies on which President-elect Biden and President Trump, and indeed even Speaker Pelosi, do absolutely agree is the challenge of China and digital infrastructure, and particularly Huawei, so I am not entirely sure this can be put down to satisfying the Trump Administration. Indeed, it is something on which we agree with Australia, Japan, South Korea, Germany, the Czech Republic—I can keep going—while France banned it in 2009. This is not just an American issue.

Jo Stevens Portrait Jo Stevens
- Hansard - - - Excerpts

I accept that it is not just an American issue, but it was the right thing for the wrong reasons, essentially. As I say, this political soap opera has been an unnecessary distraction when it comes to the serious matter of extracting high-risk vendors from the network, which has been slow and fragmented.

Mark Pritchard Portrait Mark Pritchard (The Wrekin) (Con)
- Hansard - - - Excerpts

On a point of fact and detail, I recall in 2009 the Chinese Premier being with the then Prime Minister Gordon Brown in Downing Street, welcoming the strategic partnership—with an all-singing, all-dancing party in Downing Street—between Vodafone and Huawei. It is therefore a little party political to suggest that it is only the Conservatives who have perhaps taken their eyes off the ball, something which we are correcting today.

Jo Stevens Portrait Jo Stevens
- Hansard - - - Excerpts

The hon. Gentleman seems to have forgotten about the former Prime Minister David Cameron and the former Chancellor of the Exchequer George Osborne, who also gave such a welcome.

It is worth outlining for the record the meandering journey that we have been on towards the publication of the Bill. The House will recall that in May 2019 the current Secretary of State for Education, the right hon. Member for South Staffordshire (Gavin Williamson) was sacked as Secretary of State for Defence following an inquiry into a leak from a National Security Council meeting at which it was reported that the Government had been advised in May 2019 to remove Huawei from the network. It was not until January this year—eight months later—that the Government decided that Huawei equipment should be excluded from the sensitive core parts of the 5G and gigabit-capable networks and from sensitive and safety-critical locations such as critical national infrastructure, and that its access to the non-sensitive parts of the network described as the “edge” would be capped at 35%.

In May, the United States imposed sanctions on Huawei through changes to their foreign direct product rules that restricted Huawei’s ability to produce important products using US technology or software. The NCSC advised that the UK could no longer be confident that it would be able to guarantee the security of future Huawei 5G equipment affected by the change in those US rules so, as the Secretary of State outlined, the Government changed their position again in July, announcing a ban on the buying of new 5G Huawei equipment after December this year and the removal of all equipment from our 5G networks by the end of 2027.

The UK has been slower to take action than our Five Eyes allies. In August 2018, the Australian Government blacklisted Huawei from the country’s 5G network in response to security advice, and New Zealand took the same decision in that same year. Our Intelligence and Security Committee made it clear 18 months ago that the debate on high-risk vendors had been “unnecessarily protracted” and damaging.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

It is worse than that. I know we had the panda-hugging days of Osborne and Cameron, but an ISC report in 2013 raised the issue of critical national infrastructure, with particular reference to Huawei, and nothing was done.

Jo Stevens Portrait Jo Stevens
- Hansard - - - Excerpts

My right hon. Friend is absolutely right. For the benefit of anyone who has not read that report, it is pretty damning. We now find ourselves in a situation in which drastic action is necessary to safeguard national security and our critical national infrastructure, while at the very same time the economic imperative of the roll-out of 5G for the country has never been more urgent—and that has obviously been added to by the impact of the covid pandemic.

It is worth putting on the record that there are reasons other than national security in respect of Huawei that concern many Members from all parties in this House. The telecoms company has provided surveillance technology to the Xinjiang public security bureau, facilitating the construction of the world’s most invasive surveillance state. Last November, an Australian Strategic Policy Institute report detailed how Huawei has developed the Xinjiang public security cloud, which makes possible the total control and repression of Uyghur Muslims. As my hon. Friend the Member for Leeds North West (Alex Sobel) set out in a Westminster Hall debate on 4 March this year, the company has a shameful record on workers’ rights, operating

“a ‘wolf’ work culture of long hours and brutal workplace norms.”—[Official Report, 4 March 2020; Vol. 672, c. 282WH.]

Tobias Ellwood Portrait Mr Ellwood
- Hansard - - - Excerpts

The hon. Lady is setting out a long list of concerns with which many in the House would absolutely agree. Does she agree that for the reasons she is outlining it is perhaps now time for us to review the overseas aid that we give to China?

Jo Stevens Portrait Jo Stevens
- Hansard - - - Excerpts

I do not want to step beyond my brief and interfere in that of my shadow Cabinet colleague, but we certainly should not be doing business with any companies that breach both human rights and workers’ rights. We have international labour standards in place and these are not companies with which to do business.

Turning now to broadband and 5G roll-out, and the delays and the costs layering on top of them, we have already seen delays in the roll-out of second and third generation fixed broadband, and we are now at the bottom of the OECD tables. In fact, only last week the Government sneaked out in the Chancellor’s spending review plans to water down their broadband promises. Instead of keeping to their manifesto promise to roll out gigabit-speed broadband to every home in Britain by 2025, the Chancellor revealed that the Government are now aiming to have a minimum of 85% coverage by that date. The budget for that plan remains the same, but now only £1.2 billion of the £5 billion will be made available up until 2024, so this will impact on the so-called levelling-up agenda.

The Government’s delay in dealing with the issue of high-risk vendors until now has also meant that there will be added delays and costs to the roll-out of 5G. The Secretary of State accepted that in July, when he said that the cumulative delay would be two to three years. However, the Government’s impact assessment for the Bill does not establish the effect of removing Huawei from the core network on the timescale for the 5G roll-out, so has the Secretary of State’s position, set out in July, of a two to three-year delay changed at all, and why does the impact assessment fail to address that issue? Also in July, the Secretary of State predicted that removing Huawei would cost operators up to £2 billion, but that could be a huge underestimate, because BT alone is saying that it will cost it £500 million, and the costs could be far greater, including the knock-on effects in terms of lost revenue and wider economic benefits.

As well as those economic consequences, there is another impact, because the provision of 5G for most of the UK will increase the digital divide without significant measures to tackle it. The three central problems at the heart of this divide are lack of internet connection, lack of technological devices, and lack of the skills to use new technology in a meaningful way. The Government have promised, and so far failed, to solve the lack of connection, which is a particular problem for under-served communities. There is nothing about 5G that will make it a better option for those communities, who are already lacking affordable access to fast internet. In addition, there is the distinct possibility that in order to access mobile 5G internet, users will need newer and more expensive devices built for those increased speeds. The pandemic has highlighted these divides and thrown into stark relief the need for help and support for those whose lack of connection, skills and equipment is a real barrier both in terms of employment and other meaningful connections.

There is one other significant consequence to the Government’s delay, and that is the new 4G-based emergency services network. That is now unlikely to completely take over from the existing platform until 2024-25. This delay is costing taxpayers millions. If the Government are forced to keep airwaves going beyond 2022, every year of delay adds an extra cost of about £550 million. The core of the ESM network does feature Huawei equipment, but EE has said that it is already working to strip this out and hopes to complete that by 2023. However, can the Secretary of State reassure the House that the presence of Huawei kit in the 4G ESM network will not have any impact on its lifespan, financial implications or security status and safety concerns?

I turn now to the removal of high-risk vendors’ equipment from the 5G networks. For the purposes of this debate, it is probably easier to refer to it as the removal of Huawei equipment, because that is where everybody’s current focus is. This must all be removed from networks by 2027. There is the “no new purchasing” rule from the end of this month, and the Secretary of State has announced today that existing stocks cannot be used after September 2021. However, there are questions for the Government around the implementation of this that I hope the Minister will be able to answer.

I have five specific questions. First, given that the Bill is based on a distinction between the core and the edge of the networks, how confident are the Government of the durability of the barrier between the core and the edge? Secondly, what steps are the Government taking to prioritise the removal of any existing Huawei equipment from the more sensitive core part of the network, and how much equipment does Huawei have in it? Thirdly, are the Government proposing to provide help to businesses who have invested in Huawei equipment ahead of this decision, and will there be legal support, as many operators may have to honour contracts that they cannot actually use or possibly afford? Fourthly, what steps will the Government be taking to work with local authorities and others to minimise disruption to businesses and individuals when removing the equipment? Fifthly and finally, what steps are being taken to minimise the costs to business?

I have one other point, from a different policy angle. When Australia banned Huawei from participating in its 5G network in 2018, China imposed retaliatory measures on Australian goods. The Government’s impact assessment does not address the economic consequences of potential retaliatory measures, so can they explain what steps are being taken to plan for that possibility?

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

The hon. Lady makes reference to what the Chinese Government have been doing with regards to the Australians, which is appalling and breaches WTO rules. In a way, her request for the Government to formulate plans against such a breach is really a request of the WTO to act in this case, as it should have done earlier against China’s abuses and breaking of the WTO rules.

Jo Stevens Portrait Jo Stevens
- Hansard - - - Excerpts

The right hon. Gentleman makes a valid point.

This Bill gives huge powers to the Secretary of State under the auspices of national security, but it does not define what that means. The Secretary of State will be responsible for making national security judgments and decisions in relation to potential high-risk vendors. The impact assessment suggests that he will not do so unilaterally and that he will consult with the NCSC, but it is incumbent on the Government to explain why they consider that the Secretary of State for Digital, Culture, Media and Sport—I mean nothing personal to the right hon. Gentleman in saying this—is the appropriate decision maker on issues of national security. Would it not be better for the Secretary of State to conduct a multi-agency review prior to using these national security powers, as my right hon. Friend the Member for Doncaster North (Edward Miliband) has suggested in relation to the National Security and Investment Bill, which hands similar powers to the Secretary of State for Business, Energy and Industrial Strategy?

The lack of a definition of national security in this Bill raises particular concerns about the significant level of discretion afforded to the Secretary of State, the transparency with which such decisions will be made and the ability of Parliament to scrutinise those decisions. On another issue relating to scrutiny, Parliament is being asked to vote on this primary legislation before significant elements of how it will operate have been published, because secondary legislation will set out specific security requirements that providers must meet and the codes of practice that have been mentioned. Those will only be available after the Bill has received Royal Assent.

We have concerns about the role and the scope of the powers given to Ofcom in this legislation. These are new powers, which are pretty onerous. With Ofcom also expected to be named as the regulator in the promised online harms Bill—when that finally arrives—we are concerned about the resourcing of and the expertise within Ofcom to be able to deliver its statutory duties and responsibilities. We are concerned not so much about the volume of work, but that the administering of this new security regime may require skills that Ofcom, and potentially DCMS, are unlikely currently to possess. The impact assessment with the Bill suggests a combined monitoring cost for DCMS and Ofcom of £7 million to £12 million over a 10-year period. Do the Government really think that this resourcing budget will be sufficient?

Finally, I turn to the issue of diversification of the telecoms sector. In the ’80s and ’90s, as BT was privatised, our telecoms supply chain was allowed to fall mainly into foreign hands, although they were the hands of our allies. Conservative Governments over the last decade squandered the world-leading position that our broadband infrastructure had been left in by the last Labour Government. Successive Conservative Governments have lost, given away or under-invested in our sovereign telecoms capability as that supply chain has become dominated by high-risk vendors. There are of course added benefits to reducing reliance on a small number of global vendors, including increasing competition, driving innovation and improving resilience, but, as BT and others have warned, it will take time to move at scale towards new approaches. Network operators need to be confident in the maturity, performance, integration and security credentials of new vendors and technologies before they are deployed in their main networks. We agree that the Government can and should help to accelerate that progress, because in doing so, there is the potential to create opportunities for the UK to take the lead, as well as to create much-needed jobs. The strategy published today will need significant scrutiny. The £250 million announced in the spending review last week is obviously welcome, but it lacks sufficient detail, and we look forward to hearing more about how it will be spent.

The Secretary of State claims that this Bill will give the UK one of the toughest telecoms security regimes in the world and allow us to take the action necessary to protect our networks, and I hope he is right. We will not oppose the Bill’s Second Reading, but we have many concerns that will need to be considered and addressed in Committee. The Bill that the House eventually passes must take steps to ensure that our telecoms supply chain is resilient in the future, or we will be forced to return here in a short time to deal with the next Huawei.

We must be mindful, as with all legislation, that we seek to anticipate the problems of the future rather than just deal with the issues that we face today. We of course fully support steps to remove high-risk vendors from the network, but they must go hand in hand with credible measures to diversify the supply chain. We are in this situation because there are no viable alternatives to Huawei, homegrown or otherwise, and that is, in part, a result of the chronic under-investment and lack of leadership from the Government on digital infrastructure. We have to ensure that this does not happen again.

19:06
Julian Lewis Portrait Dr Julian Lewis (New Forest East) (Ind)
- Hansard - - - Excerpts

It is an absolute pleasure to follow such sensible speeches from those on both Front Benches. There is a history to today’s legislation which I shall set out and against which my Committee colleagues can develop the Intelligence and Security Committee’s current perspectives. As the hon. Member for Cardiff Central (Jo Stevens) mentioned, it was in June 2013 that the Intelligence and Security Committee, on which I served under Sir Malcolm Rifkind’s chairmanship, published a no-holds-barred report on foreign involvement in the critical national infrastructure. It focused on the casual and cavalier way in which contracts were signed between British Telecom and Huawei prior to any ministerial involvement, and it insisted that:

“The National Security Council should ensure that there are effective procedures and powers in place…when it comes to investment in the CNI.”

We demanded an effective process by which Government are alerted to potential foreign investment in the CNI; an established procedure for assessing the risks; a process for developing a strategy to manage these risks throughout the lifetime of the contract and beyond; clarity as to what powers the Government have or need to have; and clear lines of responsibility and accountability. The Committee was

“shocked that officials chose not to inform, let alone consult, Ministers on such an issue.”

That, we concluded, must never again be allowed to happen.

The Government’s July 2013 response to the report bordered on complacency. They conceded that

“with hindsight, we agree that Ministers should have been informed”

and put their faith in the relatively new National Security Council, in conjunction with “cross industry-government groups”, to provide better protection in future. Replying to our main finding that their

“duty to protect the safety and security of its citizens should not be compromised by fears of financial consequences”,

the Government observed that

“HMG’s approach balances economic prosperity…with national security…Boosting trade and investment is a key part of the Government’s plan for growth and we are working hard to develop our economic relationships with key trading partners, including China.”

As Huawei’s chief executive officer had been given the full red-carpet treatment at 10 Downing Street only the previous September, that response was all too predictable, and thus the courtship continued, despite growing anxiety among our Five Eyes partners, such as Australia and the United States.

There can be no doubt of the sincerity of the technical advice given by our experts at GCHQ and, more recently, in the National Cyber Security Centre, its public-facing arm. They recognise—as does the Bill—that the lack of diverse suppliers is a critical future vulnerability. For telecommunications to be resilient, their networks need more than two providers on which to depend. Otherwise, the collapse of one provider means total reliance on the other. Yet should that really override the danger of ever-closer involvement with a company legally in thrall to potentially hostile Chinese intelligence services?

In a statement in July last year, the ISC acknowledged the National Cyber Security Centre’s paradoxical point that three providers might be safer than two, even when the third comes from an adversarial state. Yet it rightly pointed out that

“the issue cannot be viewed solely through a technical lens—because it is not simply about telecommunications equipment. This is a geostrategic decision, the ramifications of which may be felt for decades to come… It is about perception as much as anything: our Five Eyes partners need to be able to trust the UK and we must not do anything which puts that at risk… And there is the question as to whether other countries might follow the UK’s decision”

when they are not as capable of protecting their networks as we are of protecting our own.

Some say that the Government’s perseverance with Huawei was justified on the basis of the technical advice they were given—right up to the point earlier this year when the United States brought in its fierce further sanctions. Yet the fact that the US would take such a step should have been anticipated. Our belated U-turn in July shows what happens when multifaceted problems are examined in a one-dimensional way.

Seven long years after our Huawei report, the Government have—in the space of a fortnight—introduced two important Bills: this one and the National Security and Investment Bill. Taken together, according to the National Cyber Security Centre, they should help to establish an

“appropriately secure and resilient telecoms infrastructure”

and

“effect the security transformation we”—

the NCSC—

“believe to be necessary”.

We are assured that

“operators adhering in totality to the new security regime will be among the most secure in the world”.

Hopefully, our US partners—currently promoting an international clean network initiative—will agree and Five Eyes harmony on those vital matters can now be reinstated.

Having waited so long for two such necessary Bills, the ISC must sadly record our concern that, in both cases, their Second Reading debates were held within just four working days of their introduction on First Reading. Normally, adequate notice of about two weeks would enable our hard-working staff to obtain relevant confidential material and advance sight of such legislation to allow proper prior consideration. The tiny window of opportunity afforded by the parliamentary timetabling has prevented this from happening, and our staff had to fall back purely on publicly available sources.

Proposals such as those in this Bill, which the Committee first recommended in 2013, are therefore to be welcomed, but the public rely on the ISC to assure them that we have asked those questions in private that cannot be discussed more openly. As that has not yet happened, our support for the Bill in principle cannot be as unqualified at this stage, as we should like it to be, though I welcome the Minister’s offer to speak to the Committee later this week.

Here are a few of the questions that can be asked on the Floor of the House. First, as the Department for Digital, Culture, Media and Sport has not traditionally specialised in national security, on whom will the Secretary of State rely for advice when deciding whether to issue restrictions against high-risk vendors, or directions to telecoms providers?

Secondly, if the answer is the National Cyber Security Centre and our wider intelligence community, will there be procedures to guarantee that they will be consulted with adequate notice, and who will ensure that their advice is given sufficient weight? Thirdly, in view of the revolving door, via which too many businessmen and ex-civil servants effortlessly glide between their former roles and the Huawei boardroom, what assurance can we have that the Government will be immune from lobbying campaigns by those on the payroll of high-risk vendors?

Finally, I have a question that I was pleased, I think, to hear the Secretary of State answer 15 minutes into his opening speech, but it would be nice to have the Minister reiterate that answer: unlike in 2013, do the Government now fully accept that national security must always be their overriding consideration where critical national infrastructure is concerned?

19:15
Richard Thomson Portrait Richard Thomson (Gordon) (SNP)
- Hansard - - - Excerpts

It is a pleasure to speak in this Second Reading debate and to follow the Chair of the Intelligence and Security Committee, the right hon. Member for New Forest East (Dr Lewis), who has given us some very important historical context to how we have arrived at the point we have arrived at today. He posed some pointed and pertinent questions, which we look forward to seeing addressed as the Bill progresses.

The Bill provides a very much stronger security framework for telecommunications infrastructure and gives the Government the ability to manage the risk posed by high-risk vendors. I speak on behalf of my group when I say that we support it in all that it is trying to achieve. 5G technology offers great opportunities for connectivity and for commerce, through the internet of things, including the greater use of telemedicine, automated threat detection and even autonomous vehicles, but anything that compromises the access to or proper use of telecommunications networks or the security and integrity of the information that flows through them is a cause for concern. Whether in terms of intercepting information, interfering with information or stopping it from being transmitted or received, it represents a commercial and security threat to be very much guarded against.

Clearly, the infrastructure that the suppliers use to provide us with that communications bandwidth is of crucial importance in maintaining the security and integrity of that information. Therefore, it is something of a surprise that the UK Government appear to have come to the realisation only comparatively recently that having too much of the critical national infrastructure in too few hands might be a problem.

The Scottish National party is clear: the UK Government need to learn the lessons of how we have got to where we have got to on security in awarding the 5G contracts and to provide assurances going forward that the replacement strategy will be a safe and secure one. My party very much wishes us to be among the forward-looking nations at the forefront of the 5G age. However, given that these new opportunities carry new risks, security and resilience need to be built into it from the outset. We also wish to be assured that this legislation and the impacts that it may go on to have will not adversely impact network roll-out or consumer costs in the longer term, and we also want to make sure that the opportunities for building our domestic capabilities in manufacturing, in open RAN and in the broader supply chain will be fully seized.

Inevitably, in this debate so far there has been a focus on Huawei and China, and for all that Huawei has previously been regarded as a reliable partner, that focus is entirely understandable. The point needs to be made that Huawei did not suddenly become a potentially high-risk vendor overnight. This has not just crept up on us; it has been allowed to creep up on us. The Chinese Government’s involvement in recent state-sponsored cyber-attacks ought to have been enough to set the alarm bells ringing, if they were not already ringing, and to give proper cause for refection over the possible security concerns in that well before now. It is right that we use this opportunity to pause for reflection on the relationship we have with China.

Clearly, it is important to have a strong relationship, one on which we would seek to exert a positive influence, especially when it comes to human rights. However, international relationships need to be founded on self-respect as well as on mutual respect, and if this Government wish to be able to deal with other Governments on as close to equal or favourable terms as is possible, it is important to ensure that they do not leave us in a position where we are too reliant on any other single state for technology or investment.

Make no mistake: a rapid de-engagement of this kind with Huawei technology is not helpful to maintaining constructive relationships. In our relationship with China, there will now inevitably be a price to pay in terms of loss of influence, as well as an economic price to pay at home if this holds up our roll-out of the technology. To be absolutely clear, we are glad that the decision was taken, but although that U-turn was necessary, there needs to be a clearer commitment to domestic manufacturing than in previous years—decades, even—and better visibility on emerging threats from Governments. This situation was avoidable.

Hybrid threats are growing, as are the capabilities of states and non-state bad actors to enact them, and the UK very much likes to see itself as a country that punches above its weight in the world. In our military and intelligence services, that is almost certainly the case, but I believe there needs to be a realisation and an embracing of the concept of total defence and resilience. At this point in time, our Scandinavian and, particularly, Baltic neighbours seem to have a much better grasp of the significance of that concept than the UK Government do. It is to be very much hoped that with this legislation and recent announcements on defence spending, the UK might now be beginning to come to terms with the many ways in which our economic activities, our public space, and even our political space can be undermined in asymmetric and unconventional ways and finally taking steps to properly address that.

To get into some of the detail of the Bill, the Government have made it clear that vendors who they consider to be high risk should not have access to the core 5G infrastructure. Obviously, we agree, but this needs to be a formal part of any requirements for infrastructure of this kind, and there should be assurances from the Government that any replacement vendors for Huawei or, indeed, others meet the very highest standards that we would expect with that objective in mind.

The Government also need to ensure that there is a proper dialogue with our international allies, to ensure conformity—as far as possible—with high standards of protection. Like many western countries, we are an importer of technology, and as such we need to be seeking unity, as far as possible, in the standards we are willing to allow for this infrastructure that we will ultimately be sharing with our allies and neighbours.

For all that technology is a matter that is reserved to Westminster under the Scotland Act 1998, there are clear implications in how the Bill may operate for devolved nations. We would very much like to see in it a duty on the part of Ministers to consult with devolved nations before taking any ministerial actions under the Bill, as well as a duty on the Minister to consult with devolved nations when it comes to the five-yearly review of the effectiveness of clauses 1 to 13. Given the reserved nature of telecommunications, if there are any additional costs that accrue to businesses or Governments—by businesses, I do not necessarily mean the telecoms companies themselves—the UK Government may be willing to at least contemplate assuming some of the costs that might otherwise fall on tiers of government or the non-telecoms businesses.

I wish to spend some time dwelling on the impact of the roll-out. As a Member of Parliament for rural Scotland, I know that this problem is not unique to rural Scotland—other parts of the UK are affected as well—but there is a recurring theme. From the original Vodafone and Cellnet networks through 3G and to 4G, the coverage maps for mobile phones inevitably roll out in exactly the same way and cover pretty much exactly the same pattern, with the same notspots being missed out.

It is my earnest hope that the same thing does not happen with 5G. It is also important to point out that the roll-out of 4G, and even 3G, across Scotland has not been as complete as we would like, and it would be naive in the extreme to think that 5G roll-out will be any different unless there are some significant changes. It would also be naive not to recognise some of the potential problems that the Bill might present in that light, in terms of the rate of build-out that would otherwise have occurred.

To put the issue into perspective, just 42% of Scotland’s land mass has 4G coverage from all four main UK operators, and 80% from at least one mobile operator. Almost 1 million people living in rural areas currently have no reliable mobile service at that speed of connectivity. That is unacceptable, and has to be an early part of any levelling up agenda.

Owing to the lack of hardware interoperability that the mobile network has been built with, mobile network operators will have to rip out and replace a large amount of high-risk vendor equipment from existing 4G mobile masts before they can even be upgraded to 5G using equipment from an alternative supplier, as well as writing off and replacing that equipment from high-risk vendors already deployed. It is inevitable that the resulting reduced competition will drive prices higher.

From discussions with and briefings from the industry, it is clear to me that while operators can absorb the costs of the decision to remove Huawei equipment, BT estimates that the cost will be as much as half a billion pounds for it alone. It will not be possible to move any faster than the 2027 deadline that the Minister mentioned without creating a significant risk of network blackouts, as well the loss of economic benefits that would otherwise accrue to all parts of the UK. It is a huge challenge for the network operators, and we should not underestimate it. I would like to hear the Minister give a clear assurance that the Government will stick to the 2027 deadline and will not make what is already a difficult job for the mobile network operators even harder.

I would also like the Government to look at ways of trying to counteract the negative effect on the speed of the roll-out. Governments of all political stripes have been rewarded handsomely from selling off electromagnetic spectrum portions for mobile roll-out. Looking again at some of the licence fees might allow some of the telecommunications companies to save that money to invest in new infrastructure from non-high-risk vendors, which would compensate for that level of roll-out and give consumers and business the coverage that we all hope they can get from 5G.

On diversification of the marketplace, we very much welcome the Government’s 5G supply chain diversification strategy, which has been announced alongside the Bill. Reducing the reliance on a comparatively small number of big-player vendors will be hugely important in increasing competition, driving innovation and improving resilience. It will take time to move at scale towards new approaches such as open RAN, and to be successful, network operators need to be confident in the maturity of the performance and the integration and the security credentials of new vendors and technologies before they are deployed on the main networks. The Government can help to accelerate that process and create real opportunities for leadership and job creation with an ambitious commitment to research and development and trials. The funding of £250 million for that activity in the spending review and the Government’s national infrastructure strategy are very much to be welcomed.

This is an important and necessary Bill. It is one that we very much look forward to getting into the detail of and scrutinising further as it makes progress.

19:28
Mark Pritchard Portrait Mark Pritchard (The Wrekin) (Con)
- Hansard - - - Excerpts

I welcome the introduction of the Bill. It is long overdue. Over the past two years, the Government have attributed a range of significant cyber-attacks to Russia, China, North Korea and Iran. Such attacks are unlikely to reduce any time soon, but our legislative and technological resilience can increase in the meantime. The UK needs to be proactive in staying ahead of its adversaries, rather than just reactive. The Bill and the National Security and Investment Bill will help in that regard.

The attacks, often through arm’s length third parties, include dangerous espionage attacks, often on the networks of companies that deliver equipment to telecom providers but whose security is currently inadequate. That can no longer be acceptable, and the Bill will go a long way to making the UK’s networks more secure.

I would like to pay tribute, as has already been done, to my predecessors on the ISC, who, in the Committee’s 2013 report “Foreign involvement in the Critical National Infrastructure”, noted that

“there is no general requirement on companies that own CNI assets to inform or consult Government prior to awarding a contract, whether that be to a UK company or a foreign company. Instead, the Government relies on informal processes or the private company taking the initiative themselves. This is far too haphazard an approach given what is at stake.”

The same Committee also stated:

“Government must have a proper procedure for assessing the risks…and also for developing a strategy for managing those risks. Crucially, this should be an integral part of the process, both before and after contracts are awarded, and not merely an afterthought.”

I hope that the Bill marks a national security turning point, where key infrastructure decisions are based on fact-based risk assessments, not on trust, commercial convenience, political convenience or naivety.

Of course, the Bill is also a recognition—I differ from some colleagues—of market failure. The dominance of major telecoms companies, driving out or buying out the competition, has led to companies such as Huawei positioning themselves as perhaps too big to fail or, in the context of the telecoms market, too big not to buy from, or too big not to supply to. In my view, that is down to political and commercial failure, and I am glad that the Government are putting wrong—putting right that wrong. [Interruption.] I was just making sure that the Minister is on his toes—not literally, but I am glad he is paying attention. I am glad that the Government are putting that right; it is long overdue, as I said.

I hope that the new diversification strategy that has been alluded to today will include enough commercial incentives to attract new vendors and suppliers into the market for the first time, or for existing providers to seek new capital raises in order to maximise new markets, many of them in the public sector—the public sector is a good customer in most cases—and global in nature.

I hope that there might be a new global collaboration in joint development of 6G, 7G and beyond. Five Eyes-based companies might be a good place to start, but trusted EU partners can play a key part too. I think about Airbus and the collaboration on civilian airframes across the world; I think about Typhoon and, prior to that, Tornado—large collaboration, R&D developmental projects that brought together trusted partners around the world to look after our national security, albeit on a different platform and in a different context.

As it stands, as we have already heard, there are only three potential suppliers of mobile access network equipment in the UK: Nokia, Ericsson and Huawei. The lack of diversity across the telecoms supply chain has invariably led—that is why we are here today—to a national dependence on limited suppliers.

Jamie Stone Portrait Jamie Stone (Caithness, Sutherland and Easter Ross) (LD)
- Hansard - - - Excerpts

The point the hon. Member makes about international co-operation is a very good one. In buying into joint efforts with allies, we have a share of the intellectual knowledge. Does he agree that that is something we would not have had with Huawei?

Mark Pritchard Portrait Mark Pritchard
- Hansard - - - Excerpts

The hon. Gentleman is absolutely right, and I am delighted that the Secretary of State has set out that there is going to be a new national telecoms lab. I am not sure whether he has decided on the location, but I commend the telecoms expertise of Shropshire and the west midlands to the Minister.

The Government’s own telecoms supply chain review, published by DCMS in July 2019, found that

“the telecoms market is not working in a way that incentivises good cyber security”—

perhaps another example of British understatement. This Bill will end that, and rightly so.

In its October 2020 report, the Defence Committee, ably led by my right hon. and gallant Friend the Member for Bournemouth East (Mr Ellwood), concluded that the current 5G

“regulatory situation for network security is outdated and unsatisfactory.”

I thank all the members of that Committee for the work that they have done in highlighting that.

I welcome the fact that the Bill will strengthen the security framework for technology used in 5G and full-fibre networks, including electronic equipment and the hardware and software at phone mast sites and telephone exchanges, and that it will give the Government new powers to issue directions to public telecoms providers to manage the risk of perceived high-risk vendors. It is right that the Bill will allow the Government to impose controls on telecom providers’ use of any goods, services or facilities supplied by high-risk vendors.

I very much welcome the Government’s new powers to limit and remove high-risk vendors, such as Huawei, about which we have heard so much already, from the UK telecoms network. I also very much welcome the new and revised timetable that the Government have announced today for doing this. In saying that, I hope that the Government are not being overly ambitious, as we heard from other hon. Members, but it is right to establish the principle today and move more swiftly on this key issue of national security and diversity in the marketplace.

I welcome the Bill incentivising better security by financially penalising providers that operate below minimum security standards, but I hope—the Minister is here—that a carrot-and-stick approach will be the default DCMS and Ofcom approach, rather than just a stick, as it is the private sector’s co-operation that will help us to move forward on this. It is very much key to the market diversification that the Government want and, more widely, to the partnership in cyber-security resilience in both the private and public sectors. We do not want to have enmity with the very people that the Government need to work more closely with in dealing with these issues.

The Bill makes Ofcom responsible for monitoring and enforcing telecoms providers’ compliance with their security duties where providers do not meet their obligations. I gently ask the Government whether they feel that Ofcom has the necessary teeth. Will Ofcom outsource or buy in any additional and required expertise?

The Bill, rightly, does not allow vendors to have access to the UK telecoms network denied, removed or limited for any reasons other than the protection of the UK’s national security, again making sure that we are not putting up new barriers to new entrants to the marketplace. It is also welcome that the Bill does not give the Secretary of State the right to limit or remove vendors to protect or improve the commercial interests of other vendors in the marketplace. I hope that the Minister will elucidate this important point so that there can be, from today, investor, shareholder and commercial safeguards that will allow any of those reading Hansard in the private sector to be reassured.

I would like to ask the Minister some questions. How will the Government ensure that Ofcom has sufficient staff with the necessary skills to undertake this work before it assumes its new responsibilities, which are separate from the point of buying in or outsourcing? Even if someone is buying in or outsourcing, they need to have the skills to know what they are outsourcing to and for, and so it is with buying it in, making sure that they are getting the right people in.

How will the Minister’s Department ensure that Ofcom is provided with the necessary information and relevant data on what is a new area of expertise and work for it, particularly in this detail? I welcome the fact that the Bill requires the Secretary of State to lay before Parliament a copy of all designated vendor directions and designation notices, except where doing so would be contrary to the interests of national security. However, when such information cannot be laid before Parliament, as was alluded to by my right hon. Friend the Member for New Forest East (Dr Lewis), the Chair of the Intelligence and Security Committee, will the Minister undertake to provide that information to the Intelligence and Security Committee so that Parliament and the public know that there is sufficient and adequate oversight?

Finally, as the shadow Secretary of State asked, given the recent experience of the Australian Government, what can the Minister say today on the record to deter any temptation by the Chinese Government to take any similar retaliatory measures against the UK? Does he agree that if they were so tempted—I hope they would not be—perhaps the £20 billion trade surplus for China might focus calmer and more reasonable heads in Beijing today?

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

I hear my hon. Friend’s point, but does he not agree that one of the greatest bastions against this behaviour by the Chinese Government would be for all members of the free world, particularly the Five Eyes, to come together both to condemn their behaviour and to themselves talk about introducing sanctions against China if it carries on behaving like this?

Mark Pritchard Portrait Mark Pritchard
- Hansard - - - Excerpts

Colleagues will be pleased to hear that I am reaching my concluding comments and I will address that question then. While I have huge respect for my right hon. Friend—he is absolutely right and has been leading the way on this and I pay tribute to him on that—there is a lot we can do with China. In fact, I will put my notes down and jump to my conclusion now.

This is not an anti-China Bill; this is not an anti-Huawei Bill. This is about ensuring the greater resilience of our national security through our telecoms infrastructure. It is not about putting up barriers to entry for existing or new companies coming into the marketplace. I agree that we have to be robust against China when that is right, but we also need to recognise that there is a lot of co-operation and collaboration with China on trade and on climate change, so we agree on many things and we disagree on many things, but I do not think talk of sanctions is necessarily right at this stage.

I support this Bill. It is long overdue; I commend the Government for bringing it forward.

None Portrait Several hon. Members rose—
- Hansard -

Rosie Winterton Portrait Madam Deputy Speaker (Dame Rosie Winterton)
- Hansard - - - Excerpts

Order. There is now less than two hours until the wind-ups are likely to start. By my calculation, that means that if everybody is going to have equal time, contributions ought to take about eight minutes. I do not want to set a time limit, but that is a rough guide for the debate.

19:42
Kevan Jones Portrait Mr Kevan Jones (North Durham) (Lab)
- Hansard - - - Excerpts

I join the right hon. Member for New Forest East (Dr Lewis) in welcoming this Bill in principle but giving it a qualified welcome. It amends the Communications Act 2003, and in terms of technology 2003 is light years away.

When I was at school computers were not as common as today and even having a telephone at home was a rarity, so great changes have taken place in these types of technologies—as I have seen even in my short lifetime—and the pace of change is only going to increase. That is why this Bill is welcome in updating our laws, and it will not be the last Bill we require, because as technology advances, further updating will be needed. However, as the right hon. Gentleman said, the Intelligence and Security Committee warned about all this in 2013. It was the same with the National Security and Investment Bill last week; the warnings have been there. Yes, there has been a change of direction in the Conservative party from panda hugging to panda bashing now as the flavour of the day, but the question of security should always be central to all this.

To be fair to the Government, they have not stood still. We have been ahead of other nations in terms of Huawei and security and having the Huawei cyber security evaluation centre, which has helped us protect our networks. But a balance must be struck between open competition and being able to interact with other nations, and also protecting our security.

I want to touch briefly on the issue of security, as that is what the Bill is about. I think some people are getting carried away in thinking that the Bill will be used in a protectionist way to protect our own suppliers or as a way of cutting off altogether any trade with regimes that we might have huge reservations about, such as China. We are never going to be able to do that. The powers in the Bill are clearly around security, and my only problem is with the definition of the word. I would argue that the way in which the Government approached the matter of the Huawei security centre had security its centre in order to protect our networks. As the Minister knows, I was one of those who agreed with the Government’s decision in July to allow Huawei to have 35% of the market as long as the security was there. The National Cyber Security Centre was clear in its evidence that that could be maintained. It was the American sanctions that changed that.

When a Secretary of State makes his or her decision on whether to take a vendor out, the important thing is that it is made on the ground of security. It is not clear from the Bill how that will be looked at. I would not want to see lobbying for a certain company, for example, or a situation such as we are currently seeing on the Conservative Back Benches where anything with “China” on it has to be resisted. I should point out that many people in the Chamber tonight will have mobile phones in their pockets that contain Chinese components. Even Ericsson and Nokia, which we are going to allow into our system, use components that are made in China. We cannot just close our minds to China altogether, so these decisions must have security at their centre.

Any decisions made by the Secretary of State have to be around security, and I have some concerns about DCMS having control over this. I raised a similar point on the National Security and Investment Bill. I am not sure that the Department has the necessary expertise. Personally, I would sooner see the Secretary of State taking such decisions alongside the National Security Council, or a sub-committee of the NSC, for example, to ensure that security could be at the heart of those decisions. Likewise, I have reservations about Ofcom. As a regulator, it has been around for quite a while now, but I wonder whether it has the expertise to look at the security sector.

A specific practical point about DCMS and Ofcom is that if a decision were taken by the Secretary of State on security grounds, a lot of the relevant information would be highly classified and would not be available to people without the necessary security clearance. I presume that the Secretary of State has the highest security clearance, but I doubt whether anyone in Ofcom would do so. I would like to hear more about how that will work in practice when they are dealing with highly classified information, because the Bill makes it clear that that is the only way in which a vendor can be struck from the marketplace.

Another issue, which has already been raised, is whether Ofcom will have the necessary budget and focus to undertake this work. The right hon. Member for New Forest East made the point about a revolving door, and that is an issue that concerns many people. There is a revolving door between industry, the various regulatory bodies and the Government.

There is also an issue around oversight. I do not see anything in the Bill that will allow parliamentary oversight of these decisions. Clause 17 refers to the Secretary of State being required to lay a copy of their decisions before Parliament, but there is also a get-out clause in that the requirement

“does not apply if the Secretary of State considers that laying a copy of the direction or notice (as the case may be) before Parliament would be contrary to the interests of national security.”

Anyone who has been in the House for any length of time and who has worked in this field will know that that is the usual way for civil servants to get out of any kind of question whatsoever. There is a need for oversight in this regard. I am not trying to make work for the Intelligence and Security Committee, which I am a member of, but it is the only Committee of Parliament that has a high enough security clearance to be able to see the information that will inform these decisions. Without that, there is an issue in the Bill in terms of how Parliament will scrutinise the Secretary of State’s decisions effectively.

Anthony Mangnall Portrait Anthony Mangnall (Totnes) (Con)
- Hansard - - - Excerpts

I am sorry to interrupt the right hon. Gentleman while he is making such good progress. If a decision were not to be laid before Parliament, would he accept the idea of it going before the Intelligence and Security Committee?

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Yes. If we were able to see it, at least we would be able to get access to the intelligence that informed it. The DCMS has its own Select Committee, but that Committee does not have the clearance, so I would suggest taking the approach the hon. Gentleman describes. There is a way of doing that. Under the Justice and Security Act 2013, the DCMS does not come under the Intelligence and Security Committee’s remit, but we could change the memorandum of understanding to include this issue. I think that is needed, and I said the same thing on the National Security and Investment Bill.

On diversity, we would love to have a large number of vendors, but there is a clear issue we have to recognise. People talk about market failure. There has been a market failure because, in terms of Huawei and the Chinese state, there has been a deliberate decision to buy in to a sector. There has also been a tendency among us all, as consumers of telecoms services, to make sure that the rates go down as low as possible. That has led the prices down, so there is no money in the infrastructure at all, which is why companies have got out of the sector.

There is an area where diversity can come in, and that is open RAN. If the investment goes into that, we could be a world leader, but let us not make the mistakes we have in the past, where we have been a world leader—for example, in fibre technology in the early 1990s—and then gave that lead away.

On the removal of Huawei from the 5G network, the 2027 deadline needs to be maintained. I am sorry, but I think the Secretary of State is wrong in what he is suggesting. If he does what he suggests, that will add further costs and slow our progress. The equipment that is there now has been through the cyber security centre. We are satisfied that there is no security risk from that equipment, so why rip it out before we have to do so? All that that will do is slow our system down and slow the economic advantages that can come from 5G.

We have concentrated a lot in the debate on the hardware. Will the Bill somehow make us completely immune from cyber-attack? No, it will not. The other side to this, which is just as important, is to ensure that we educate companies to ensure that they use their systems safely and that upgrades are done on security networks and other things. That is about the basic education of the people who use a mobile phone or any type of computer network.

With those concerns, I welcome the Bill as a step forward. Let us see it not just as a way for us to somehow solve all our cyber-problems, because we will not. We still have to be vigilant, and we still have to make sure that our security services have the finance, ability and expertise to respond to the enemies who are attacking us.

00:04
Bob Stewart Portrait Bob Stewart (Beckenham) (Con)
- Hansard - - - Excerpts

This Bill makes sense. I agree with the right hon. Member for North Durham (Mr Jones) that it is primarily about security. It is a top priority for us to ensure the security of all telecommunications networks, particularly those that might carry classified information and that is what this Bill is all about. I particularly endorse those clauses in the Bill that give the Government robust powers to manage high-risk vendors based, of course, on National Cyber Security Centre advice. That may well also include direct guidance from other intelligence agencies as well. It is also absolutely right that the Government have placed a ban on purchasing new equipment from high-risk vendors from September 2021 and ordered the removal of high-risk vendor equipment from our networks by 2027, but, as I will go on to say, it will have implications. I wish we could achieve that earlier, but, obviously, industry needs time to manage the transition required.

The NCSC is at the forefront in developing telecommunications security requirements. It has done this in collaboration with industry and these requirements are detailed and effectively designed to establish a layered defence against cyber-attacks and infiltration. Codes of practice will devolve from these requirements and they will form a method of operation as well as being a way of calculating risks for operators Ofcom, DCMS, and NCSC. I endorse the view that these requirements and codes of practice will definitely increase the difficulty, the cost and the risks faced by a hostile player attempting to infiltrate or to compromise a UK telecommunications network, but, as the right hon. Gentleman has said, that does not mean that we are invulnerable—oh, no, it does not. There are still risks.

Next year, I gather that we will need to pass secondary legislation to endorse codes of practice that will, thereafter, be used to instruct operators on how to meet their security obligations. Such codes of practice will be policed by Ofcom—we have talked about that a little. Most certainly, it will require training on how to do this. Here there needs to be a serious interchange with the NCSC where a working relationship between the two bodies is crucial—and at cost. Of course there are penalties for this decision. Not only will this change delay the roll-out of the 5G network, but significant consequent costs will be incurred by industry. I know that industry may need the Government to support it in consequence of this decision. On the other hand, a recent report has also suggested that upgrading the UK’s 5G infrastructure could be worth about £158 billion to the economy over a 10-year period.

We have already mentioned that there are three significant vendors who provide large-scale telecommunications equipment in the UK. These are Ericsson, Nokia and Huawei. With the significant removal of Huawei as a result of this Bill, choice of vendors is of course reduced by a third, which is most certainly not ideal. It would be far better if we had more choice and competition, but we do not—that is the fact of it. However, Ericsson and Nokia are very good, trusted and long-standing companies whose security credentials are tried and trusted. I am very pleased by the idea of the open radio access network—open RAN—being developed. It is crucial to develop the UK as a world leader in 5G. Essentially, open RAN allows interconnectivity between different telecommunications mobile networks, and avoids the necessity of all components coming from just one supplier. For instance, Ericsson equipment can be interfaced with that of Nokia, or perhaps another new supplier—let’s hope so. That aids the drive towards competition andthus has cost benefits.

 

I have been an extremely good boy, Madam Deputy Speaker. I hope I am going to get a thumbs up for finishing in six minutes. I commend this Bill to the House.

Bob Stewart Portrait Bob Stewart
- Hansard - - - Excerpts

I got a thumbs up from Madam Deputy Speaker; I sit down with a big glow on my face.

20:00
Jamie Stone Portrait Jamie Stone (Caithness, Sutherland and Easter Ross) (LD)
- Hansard - - - Excerpts

Follow that if you can.

The hon. Member for Beckenham (Bob Stewart) and the right hon. Member for North Durham (Mr Jones) make the point: it is about security, absolutely. Anyone who thinks that there are not states out there, which have been named here today, that are not about the UK’s good health, is kidding themselves; it is as simple as that. We have come a long way since the Westminster Hall debate earlier this year, if my memory serves me rightly, but I always think that a late convert is the best convert of all, and we are where we are today. My party and I support the Bill at this stage.

It is an incredibly complex situation, which gets more complex almost by the month and the year. Frankly, the whole subject of cyber-security terrifies me. When I first came down here three years ago, a humble—no, I will not say a humble crofter, because that nomenclature belongs to another Member on this side of the House. When I came down here from the highlands, the situation was forcibly brought home to me when I went to Estonia with the Armed Forces Parliamentary Scheme. I was firmly instructed by a Sergeant Major from the 3rd Battalion the Yorkshire Regiment on no account whatever to turn on my mobile, otherwise a state not terribly keen on our good health would simply triangulate in on me, and would probably try to hack in; that brought it home to me in no uncertain terms.

In the short time available—I will try to be as good as the hon. Member for Beckenham—I want to make two points. The first was touched on, correctly, by the shadow Secretary of State: there is, alas, an unsavoury side to the way in which China does some things. We are all aware of the reports coming out of that country of the horrendous abuse of the Uyghur people in Xinjiang province; it is an ugly scene. A recent report suggests that some 82 foreign and Chinese companies benefit from the forced labour programme by the Chinese Government. Of course, the Chinese Government would say, “No, no, no. That’s not right at all. It’s not forced labour; it’s not like that.” They have described it as “detention centres”, “re-education” facilities and—this is quite sinister—“de-extremification” camps. They have contorted their language quite deliberately to cover this stuff up. I make no apologies for saying these things. I had hoped that a state being able to behave in that way had been left behind in 1945 or the end of Stalin’s Russia, but, alas, all is not as it should be.

I welcome this Bill as being a bit like the Government discovering their moral compass. Coming away from Huawei has the benefit that we are helping, in our small way, to bring an end to this sort of behaviour by China. It is only a first step. We are going to have to co-operate with other nations. There is a great benefit to what the right hon. Member for New Forest East (Dr Lewis) said, about an alliance with Five Eyes, but that is for another day. The road ahead is beyond our borders. As a good Liberal Democrat, I would make this point: not only should we co-operate as much as we can with Five Eyes, who are crucial to our security and defence, but we should also try to maintain the best possible relationship with our friends in the European Community.

Let me turn to my second point. The hon. Member for Gordon (Richard Thomson) made an excellent speech, and said that 4G and 3G are, at best, patchy. I am afraid that my constituents might be afforded a hollow laugh if I talk about the roll-out of 5G, because in so many parts of Caithness, Sutherland and Easter Ross, there are not a lot of Gs at all—it is not particularly good.

My appeal to Her Majesty’s Government is that they try to address the inequality of provision as they roll out 5G. It is wrong that people should be disadvantaged simply because of where they live. All United Kingdom citizens have a right to these services, and it is fundamental to the way we think of ourselves as a nation—we believe in fairness and fairness of provision. As we come out of this dreadful pandemic, we will have to punch above our weight economically, and access to 5G means that we can mobilise our bright innovators and entrepreneurs all over the United Kingdom, whether they live in the glens and straths of Sutherland, the central belt of Scotland or down here in England.

I will conclude with two points. First, I agree that the 5G diversification strategy brings great opportunities. There will be a financial injection into the UK economy, which will be incredibly useful. Secondly, the right hon. Member for North Durham (Mr Jones) was spot on: it is not just about the hardware. It is about the software and the clever things we do to safeguard ourselves from cyber-attacks, because as I described with the example of the iPhone in Estonia, there are people and states out there who are not for the good of our health.

20:06
Iain Duncan Smith Portrait Sir Iain Duncan Smith (Chingford and Woodford Green) (Con)
- Hansard - - - Excerpts

I welcome the Government bringing forward this Bill now, and I congratulate them on having listened, which is not always something that Governments can be accused of. The Secretary of State and his Minister, whom I welcome—the Under-Secretary of State for Digital, Culture, Media and Sport, my hon. Friend the Member for Boston and Skegness (Matt Warman) —have listened to many concerns, and measures to address them are now embedded in the Bill.

China recently said that if there was any further interference, it would poke the eyes out of the Five Eyes. This Bill puts the missing fifth eye back into the Five Eyes, because we have been laggard, lazy and late on this, and I think this would probably be the case across the board, so perhaps that is a positive. The right hon. Member for North Durham (Mr Jones) made a very good speech. He was right to say that this is not about China. There are plenty of security risks, as my right hon. Friend the Member for New Forest East (Dr Lewis), the Chair of the Intelligence and Security Committee, said. Russia is a massive security risk to us and has probably carried out more cyber-attacks on us than anybody else. That is debatable, but it has a very big criminal network that attacks us the whole time.

I accept that. However, the difference is that China is now the driving force for our introducing this Bill, because it poses a very different kind of threat. The fact is that China has juxtaposed the ability to dominate in a market sense, which sucks us in—I will come to project kowtow and the mistakes that were made—while at the same time forcing us to often turn a blind eye to some of the work it did, which we do not do with Russia and some of the more immediate threats. It is a peculiar and different challenge, which is now embedded in the Bill.

My right hon. Friend the Member for New Forest East made the important point that the nature of our exposure has been known about for some considerable time, and we should not have ignored it. I thank my colleagues who joined the Huawei interest group early on, in winter last year, and who have campaigned to try to tighten up these security measures. Following that, the Inter-Parliamentary Alliance on China was set up, which is now made up of politicians on the left and right from 38 countries, and they are asking us to tighten up our security co-operation and ensure that we get this right.

This Bill is long overdue, and it is welcome, but I want to highlight three issues in it. First, although it is not in the text of the Bill, the Government have now announced that they accept 2027 as the end point for Huawei as a provider that may be high-risk and that no new Huawei equipment may be installed from September 2021. That is very welcome. In fact, the September 2021 date is better than I would have expected at this point, so I congratulate the Government on being very clear about that. That is a more important date than 2027, in effect, because it opens the market and allows others to recognise now that they have a possibility of re-entering a market that was closed to them by one company in particular—there are other companies in China—that has manipulated the normal rules of market adherence and subsidy. It has been a disaster for us not to recognise that on that basis alone, forgetting the security risks as well.

I am, however, concerned by another point about the process, which leaves the Secretary of State to make these decisions going forward, against criteria that are laid out, and I will come back to that. I think my right hon. Friend the Member for New Forest East said, “Who will be the advisers? Who will advise?” That is absolutely right, and the Secretary of State should listen to the Chair of the Committee on that point. It is important to structure who will advise the Secretary of State and how that will happen. Perhaps the Committee can have a very strong look at that and advise the Government on how to structure that.

There should be a more formal structure embedded in the Bill, otherwise it will be too easy for a Secretary of State, under pressure from the Business Secretary or a Chancellor, such as one we once had, who was very keen on a golden era, to be leant on and told, “Do you really need to go down this road?” That will happen. I sat as a Secretary of State, and I can tell the House that all that stuff happens, and anyone else will say that, too. A more structured approach would not allow the Secretary of State to miss the right people on advice. That will be very important.

The descriptions in the proposed new sections of the Communications Act 2003 under clause 16 of the Bill are important, and I will come back to those, because the list gives the Secretary of State plenty of scope. Tightening up the advice means that that scope will not therefore be wasted.

We are here because of the mistakes of the golden era—the great kowtow, as I would rather call it—where we too often ignored the realities of what was going on in security terms for the sake of this great drive that we would benefit massively from the opening up of trade with China. There was also a mistaken belief: too often, liberal democracies and all of us who believe in freedom of speech and the general freedoms believe, rather arrogantly, that all we have to do is open up markets and everyone else will realise that their system must be wrong and therefore they will change it.

That was the great belief. I was told it endlessly in government, “Don’t worry about this sort of stuff. China will change once they realise exactly how wonderful it is to trade with the west.” Well, they did not. They do not want to change, because they think that their form of government is a better form of government. They will say, “We are opened up to the markets. We are getting the benefits of the marketplace.” China was invited to join the World Trade Organisation back in 2001. There have been real problems since then with market forces, but I want to come back to the security elements.

The worry is that others of the Five Eyes spotted what was going on long before us, and we ignored a lot of the evidence that we should have been tightening up much, much earlier. We should have been concerned. I cannot remember which Member said that security should be the No. 1 consideration, over everything else. We lost that—I hate to say that—and considered it just one of the things we might look at.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

I am not one for doing the Government’s job or supporting them, but I do not think we did that actually, in terms of the Huawei cyber-security evaluation centre. We were ahead of other countries that did not do that, including the United States, and let Huawei into their country networks without any checks whatever. But the issue has to be security. I know that the right hon. Gentleman has strong views about China trade, but security has to be at the heart of things, which I think is where we have been up to now.

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

I have to say that I do not agree with the right hon. Gentleman on this. Although the Huawei cyber-security evaluation centre was installed, when I sat and listened to people from it making a presentation to us earlier in the year, it was almost as though we were watching people who were kind of squeezing their own genuine, real opinion, which would have been coming via GCHQ, about how the real threat was formed. Their arguments did not stand up, even in the face of people who were not every day working on security.

The truth is we need to be careful, and it should have been a tighter position from the word go. The very fact that the Government are bringing this measure forward now suggests that that was not the case. [Interruption.] Listen, I am critical of my own Government. I resigned from the damn thing at one point. I have to say that I therefore do believe it is possible for great Governments, like mine, to get things wrong.

Julian Lewis Portrait Dr Julian Lewis
- Hansard - - - Excerpts

In defence of the Huawei cyber-security evaluation centre, its sixth annual report, from September this year, is absolutely devastating in its criticisms of Huawei’s failures to be secure or to make improvements when insecurities have been highlighted.

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

I agree completely. The point is that when we were talking about this earlier on, it was clear that that was, underneath it all, the centre’s real opinion, but it was kind of moving and modifying. It was also used in a political way, by the way, which I did not think was right. An opinion is either there or it is not; do not get people in to brief Back Benchers about what they should be thinking. I thought that was wrong.

We are absolutely in the right place at this point and the Bill goes a long way towards achieving that. However, we need to do some other things that could be in the Bill. For example, the Bill is about security but it does say on the front that it goes slightly wider than security: the Under-Secretary of State for Digital, Culture, Media and Sport, my hon. Friend the Member for Boston and Skegness (Matt Warman) signed the bit that says:

“In my view the provisions of the Telecommunications (Security) Bill are compatible with the Convention rights.”

That convention is the European convention on human rights. We need to ask ourselves whether that idea applies to many regimes—not just China—and companies that come from those regimes that may be guilty of human rights abuses.

I asked the Minister previously, in a private context, whether he would consider including in proposed new section 105Z8 of the Communications Act 2003, on designation notices, the inclusion of the ability, where it may arise, to do something in the area of genocide and the involvement of companies in that process. There is very strong evidence in a couple of cases—particularly in the Uyghur case—of the use of slave labour, which should result in those companies being outlawed. The Minister may argue that this Bill might not be the appropriate vehicle for that because it is specifically about security, but every Bill has on its face that we abide by human rights laws. I am not trying to widen the Bill’s scope; I am giving the Minister the opportunity to have that extra element as part of his possible designations. After all, we are dealing with countries and nations that have, particularly in China’s case, torn up much of the book on co-operation and diplomacy.

Let me raise a final point before I conclude. My hon. Friend the Member for The Wrekin (Mark Pritchard) has gone, but he mentioned Australia. One of our Five Eyes partners, Australia, had the temerity to ask for an inquiry into the covid outbreak. Since then, the Chinese have attempted, in essence, massively to beat up Australia in a very undiplomatic and aggressive manner. It started with abuse of the individuals who asked for an inquiry and then went further into abuse of the Government. Subsequently, it has gone on to sanctions: the Chinese has now broken WTO rules, with sanctions of more than 200% on Australian wine.

In the past couple of days, the Chinese have produced what I think is called a meme—which is a mocked-up instrument on the internet—that shows something about an Australian soldier trying to kill a child. This is appalling behaviour and I want my Government, at some point, to be very clear that such behaviour is simply not to be borne. Although we have said that we stand with China, the key thing about this sort of thing and our co-operation with our Five Eyes partners is to do more than stand with China: we should condemn behaviour like that that deliberately targets and demeans a democratic nation that goes by the rule of law and human rights, which is something that China does not do. I do hope that the Minister will pass on to his colleagues that no matter what we do with this Bill, we need to make sure that we stand up with our Five Eyes partners, now that we have the National Security and Investment Bill and are moving in that direction, and never allow any one of them to be isolated and picked off one at a time. I commend the Bill to the House.

Rosie Winterton Portrait Madam Deputy Speaker (Dame Rosie Winterton)
- Hansard - - - Excerpts

The next listed speaker has withdrawn, so we go straight to the Chair of the Defence Committee, Tobias Ellwood.

20:18
Tobias Ellwood Portrait Mr Tobias Ellwood (Bournemouth East) (Con)
- Hansard - - - Excerpts

Thank you, Madam Deputy Speaker—does that mean that I get 16 minutes to speak? That is fantastic. [Interruption.] That is my first intervention, so it is now 17 minutes. It is good to catch your eye in this important debate, Madam Deputy Speaker, and to see present so many colleagues who were there at the start of the journey—I referred to this in the first intervention I made—when we first discussed Huawei in the Chamber.

The Defence Committee looked at this subject because the security of 5G is now critical, given our ever-growing reliance on data movement. To establish a new security framework for the UK telecoms sector and to ensure that telecoms providers operate a secure network and resilient services and manage their supply chains is absolutely fundamental to our new way of life. The completion of 5G over the next decade will be nothing short of revolutionary. Every aspect of our lives as we know them, including how we communicate, socialise, work, travel and manufacture things, will become increasingly dependent on lightning movements of wireless data. The advantages of such scope and scale in our growing online world have very much been appreciated during this pandemic, but, equally, we must recognise how our reliance leaves us very much exposed to those who might choose to cause us harm.

The backdrop of this was of course the lively debate, which I have referred to, over Huawei. Perhaps that was a wake-up call on just how powerful and tech savvy China has become. The Minister and the Secretary of State have made it very clear that this is not just about China—other non-state and state actors are now developing capabilities to interfere with our online world—but I make it very clear indeed that what we are discussing today exposes the wider uncomfortable reality of the gradual geopolitical shift in global power from west to east.

In our lifetimes, China is on course to become more powerful economically, technologically and militarily than the United States of America, and how we handle this so-called Thucydides trap is yet to be reckoned with. This is a usually disruptive transition of influence from one ruling power base to a rising power with eventually more dominance—a transition that history suggests is rarely peaceful. The only example of a peaceful transition is that from the British empire to the American superpower. If we are honest, this Bill is about exactly that. This is the starting point of a bigger conversation about how we manage such a transition. We are placing protections on our country against China, which we privately no longer trust, but I have to say that, publicly, we may be in denial about what we need to discuss.

We should finally come to terms with the fact that China has not matured into the responsible global citizen that, a decade ago, we hoped it would be. Instead, China offers a competing authoritarian ideology, leveraging its colossal economic growth to undercut western competition and ensnare dozens of countries into infrastructure projects and high-tech plans on terms that they can ill afford. Our growing dependence on the online world has created a new virtual theatre of war. The actual character of conflict has been changing in front of us: it is less about terrain, and now more about data. We are becoming increasingly vulnerable, with cyber-attacks, disinformation campaigns, interference in elections, manipulation of social media, data theft, online espionage and sabotage. These are the new battlegrounds that we must prepare for and defend against. Our international rules-based order was crafted in the pre-digital age. A major cyber-attack, for example, could cause more damage than a dirty bomb, but would not technically trip a NATO article 5 response. International law must catch up, and this legislation is a small line of defence in a far wider geopolitical battle that we need to embrace.

Britain is rightly seeking to remain on the cutting edge of this fast-developing digital world, but this can only be achieved with greater protection and, indeed, investment in our critical national infrastructure. Our 5G capability must leave no virtual backdoors left open. Consequently, phasing out high-risk vendors, such as Huawei, from our 5G programme is the right call. However, we have to ask the question: why is it that a decade ago there were 12 vendors that can provide this support, yet today there are only six? There are two in Europe, with Ericsson and Nokia, two in the far east, with NEC and Samsung, and then of course two in China—Huawei and ZTE—and there the question lies. What we need to do about it is to make sure we have that capability to move forward in a secure environment.

We must accept that Huawei has grafted its way into our telecoms network partly because the UK vendor market is not diverse enough. Regaining the secure technological capability on which our new digital world will depend requires more than just legislation to block high-risk vendors from entry; it needs the advancement of our own technological capabilities. Open RAN has been mentioned, but it is still a long way off. OneWeb has been purchased as a possible capability for communications. We have yet to hear what the Government plan to do with that.

Ultimately, we must recognise that Huawei, ZTE and others are so powerful because they are state funded. Perhaps it is time for an Apollo moment: when the United States knew it was losing the space race, a combination of state aid and the commercial sector allowed it not only to catch up with but to overtake the Soviet Union. We need the same penny to drop here and to recognise what China is all about.

It is good to hear growing talk of the D5 trusted alliance of nations. It has been mentioned as an advancement of the Five Eyes community and I very much welcome that. We need to provide an alternative to the cheap solutions that the Chinese are rolling out, which continue to be peddled across the road. They are high-tech versions of the one belt, one road programme. Only with greater western resolve can we design and build the secure foundations for the profound new technological world we are about to experience.

I will underline the elephant in the room: what do we do about China? Unless we in the UK and collectively in the west address China’s conduct, there will be a geopolitical clash. That is inevitable and will slide us towards another cold war.

We should make it clear that the UK has huge respect for the Chinese people. Our histories are intertwined, perhaps more than many of us appreciate. The opium wars, the ceding of Hong Kong, the Boxer rebellion, the century of humiliation—perhaps Britain glosses over many of those historical footnotes, but for those in China, they influence their thinking and their attitude towards the west today.

However, today, the west is recalibrating its view of China. China’s conduct in the pandemic, from its initial efforts to hide the outbreak to rejecting any independent investigation, has exposed a dangerous agenda that we can no longer ignore. During China’s incredible economic ascent, western policy focused on deepening engagement in the hope that China would evolve into a responsible global citizen that embraced hard-fought principles of liberty, democracy and open trade. It is clear that the Chinese Communist party has something very different in mind. As it has increased its economic power, Beijing has deliberately shunned international accountability and rules. It may be gaining superpower status, but it avoids any sense of duty to uphold core values of freedom and the rule of law. Knowing that its conduct repudiates those values, it now pursues a geopolitical authoritarian agenda, as illustrated in the crackdown in Hong Kong, the terrible treatment of the Uyghur minority and its manipulation of the digital world, which mimics its one belt, one road initiative.

With countries becoming locked into long-term commitments with reduced autonomy and little prospect of withdrawal, more and more countries are becoming ensnared in China’s authoritarian sphere of influence. The US now publicly confirms that China is a strategic and geopolitical threat to the west, while here in the UK we have yet to say so, though I am pleased that the Secretary of State pointed out concerns about China.

I hope that the full publication of the Government’s integrated review will confirm that China now is a geopolitical threat. We require a turning point—another Sputnik moment, where we no longer pretend and we do not just legislate on high-risk vendors, but hold the regime behind the state-owned companies to account.

I hope that, with the changing of the guard in Washington, there will be a rejuvenation of the west’s collective resolve about what we stand for, what we believe in and what we are willing to defend. The next decade will be very bumpy indeed. If we are to avoid another cold war, protecting our telecoms infrastructure must be the first step of many.

20:28
Jim Shannon Portrait Jim Shannon (Strangford) (DUP)
- Hansard - - - Excerpts

It is a pleasure to follow the right hon. Member for Bournemouth East (Mr Ellwood), with his vast knowledge, and other right hon. and hon. Members who have spoken. I thank them for their speeches. I am pleased to have the opportunity to speak on this issue. I spoke about it back in March, when I stated my fear of reliance on Huawei.

Let me quote what I said at that time:

“I am only one of 650 Members of this House, and I absolutely believe in the tenets of democracy, but I will not stay silent. I do not believe that what the Government are doing is in the best security interests of this nation, and if steps can be taken to pare it back, those steps must be taken. We have been known as security giants, and I do not like the idea that we are now standing on the shoulders of Chinese giants. We have stood alone, and can do so again, but it is always best that we stand with our allies. The Chinese may hopefully be strong trading partners post Brexit”—

we will wait to see whether or not that will be the case—

“but by no stretch of the imagination can they ever be considered our allies; their human rights abuses cannot be ignored. This issue is concerning, and we must not leave it here.”—[Official Report, 4 March 2020; Vol. 672, c. 288WH.]

The right hon. Member for Chingford and Woodford Green (Sir Iain Duncan Smith) referred to the Uyghur Muslims and the human rights abuses they are going through—the fact that their right to worship has been abused and that they are subjected to violence, both physical and psychological. As others have mentioned, there is also the question as to whether they are involved in some of the slave labour in Huawei and what it does. We have heard and read the stories in the press about Volkswagen, which refused even to acknowledge the fact that perhaps some Uyghur Muslims had been being used as slave labour. I chair the all-party group on international freedom of religion or belief, and I feel strongly about this issue. It is close to my heart, so I wanted to speak out. I know it is not directly what this Bill is about, but we have those concerns on human rights issues for the Uyghur Muslims, the Christians and the Falun Gong. We know all about the issue of the forced organ harnessing that takes place, and all those three religious groups are part of that.

So I am thankful for the steps taken by the Prime Minister. We all knew that when these steps were taken, there would be the detrimental knock-on effect of narrowing the UK telecommunications market and possibly driving up infrastructure costs, but I still believe this to have been the right decision. I am thankful for the steps that the Minister announced today, and for the support there seems to be across this Chamber for them. This is about building supply chain resilience, with support available for supporting incumbent suppliers. The security of this nation is undoubtedly a red-line issue, and we must protect it at all costs. Everyone has said that, and we mean it, and we want to see that being delivered though this Bill.

Clauses 1 to 14 introduce a stronger telecoms security framework. The Bill amends the Communications Act 2003 by placing strengthened telecoms security duties on public telecoms providers. I am thankful that the Bill purports to enable more specific security requirements to be set out in secondary legislation, underpinned by the codes of practice providing guidance on the security measures to be taken to meet those requirements. I am given to understand that the Bill gives the telecoms regulator, Ofcom, powers to monitor and enforce industry compliance with the duties and specific security requirements. placing new obligations on public telecoms providers to share information with Ofcom that is necessary to assess the security of their networks.

The UK is part of the Five Eyes, along with Canada, Australia, New Zealand and the USA. We cannot ignore that influence, and the sanctions that the US imposed on Huawei. The US first placed it on the entity list on 16 May 2019, citing national security concerns. This sanctioned the company’s access to important US technology for design and production use. While acknowledging the potential impacts this might have on the reliability of Huawei’s products, the Government, on advice of the National Cyber Security Centre, determined this to be a manageable risk. The restrictions to network access imposed on high-risk vendors in January 2020, alongside pre-existing oversight measures, were considered sufficient mitigation strategies.

So the USA clearly saw what the problems and risks were, and took a stand early on, and I am pleased that we are now doing the same. Chinese influence, across the whole of the world, always has a condition, as we see in many countries in Africa and further afield where it is trying to increase its influence. It has an insatiable demand for every country’s resources, but along with that come the conditions and the influence they have on digital and cyber-security. I am deeply concerned about that, as are others.

It is my belief that while not perfect, this Bill puts in place an emphasis on our nation’s cyber-security that is essential.

During the lockdown, our increasing reliance on the internet has been made abundantly clear. It is phenomenal that where we have been precluded from meeting to worship, our pastors and praise teams have been able to livestream church services, it has been wonderful to carry out certain MP duties online where applicable, and it has been a life-saver for some businesses to carry on their work at home. This has highlighted the reach of the internet into our lives and the absolutely essential nature of its being secure from cyber warfare and attacks. The Government have said that such an attack is highly likely and would have a high impact. I had a discussion with a gentleman from Northern Ireland who is involved in the Royal Air Force, and he said that the greatest threat that it felt was cyber warfare. This Bill will be a very strong way of addressing that.

We can all sit in this place and say that something needs greater funding. Every aspect of our budget could do with enhanced funding. My grandchildren—indeed, probably my great-grandchildren—will be paying off the coronavirus outgoings their entire lives. We need to take what we have and do the best we can with it. My belief is that on this one, the Government have taken the steps to address my grave security concerns, and while the Bill is not all I would like to see, as others have said, I find myself much more content today than I was in this place in March of this year.

00:05
Alun Cairns Portrait Alun Cairns (Vale of Glamorgan) (Con)
- Hansard - - - Excerpts

It is a privilege to speak in support of this Bill and to have the opportunity to support many of the calls that colleagues have made.

Only just over a week ago, the Minister and I were in Westminster Hall debating an allied subject to this Bill when we discussed the challenges and opportunities that came from excluding Huawei from our 5G network. I do not want to repeat all the points that were made in that debate, but in the short time since then, the Government have taken significant, welcome steps—something the Minister hinted at—in developing policies associated with the Bill. Today’s publication of the 5G supply chain diversification strategy sees a welcome plan that contributes to the solution that Huawei brought about, as does the neutrORAN pilot that was announced earlier today.

As a backdrop, it is worth recalling that it was the lack of diversity in the supply chain of this specialised area of technology that created a tension between the desire to roll out 5G as quickly as possible and the potential exposure of our national security to high-risk vendors. Among a whole range of factors, we were being forced to weigh up, or were tempted by, the economic and social benefits that 5G could bring within a relatively short timescale against the risks of being exposed to largely one company with its umbilical cord attached to one nation and the potential security risks associated with that country—obviously, China.

The Government ultimately, and rightly, decided that the concern for the latter outweighed the former, and this Bill is the result. That is welcome, but simply passing the Bill will not necessarily reduce the risks if we continue to be exposed to a limited number of vendors. That is why the diversification strategy and the neutrORAN pilot are also important. It is worth highlighting that in any vital supply chain, diversity is key, but a few organisations in the commercial world allow supply chains to become too constrained. The commercial risks, let alone the security risks, are far too great.

It is worth recognising that the reach and influence of 5G will be far greater than any previous generation of communications. Its capacity to carry much larger volumes of data at very high speeds well beyond 400 Gbps capacity means that our connected lives will be taken to a whole new level. Some have mentioned the internet of things, connected vehicles, smart cities and even smart energy networks, and many more areas that we have not even thought of will become connected in an ever greater, independent way, highlighting the risks that we could have faced if this Bill had not been brought forward. However, all these innovations lead to an exponential growth in connectivity and pressures on spectrum that has its natural limits, which also need to be overcome. Smart cell technology is likely to be part of the solution, meaning that more apparatus than ever before will need to be adopted, along with a greater dependence on the fibre networks that will take it from the small cells. However, this also highlights the need for quantum encryption—something I will come to later, because it is not included in the strategy plan that the Minister published earlier today.

It is therefore obvious that alternative suppliers need to be developed, not only because of the risks we are considering but because of the unprecedented demand for equipment needed to deliver the connectivity that will be called for. There is significant value in this—in the research and development, in the intellectual property and in the manufacturing opportunities, all of which need to be exploited. A fundamental turning point for me was during the summer, when the Government announced their intention to adopt open standards such as open RAN. This signalled that the Government understand the challenges, and the need to encourage more investment and innovation in this space. This was a hugely welcome step, and will be pivotal to diversification in the marketplace. Furthermore, today’s neutrORAN pilot project shows that the Government are determined to be at the forefront of the technological advances.

I would add that we need to ensure these pilots are particularly open—very open—to UK businesses. In last week’s debate, I went into detail to highlight the many individual companies that show the UK has exceptional expertise in specific areas, such as radio frequency and satellite communications, base station capability, backhaul and cyber-resilience. I went through a whole list of organisations in last week’s Westminster Hall debate; I will not go through them again, but I will just highlight a few.

Many right hon. and hon. Members have referred to cyber risk, but south-east Wales and the western gateway have among the greatest cyber-resilience expertise anywhere, certainly in Europe: Thales, Airbus, and quantum technology at the University of Bristol, along with GCHQ. It also happens to coincide with the disproportionate strength that south-east Wales has in compound semiconductors, which I will come on to in a moment, and the satellite and radio frequency expertise that exists in north-east England, highlighting that this coincides with the levelling-up agenda that the Government also want to pursue. Today’s Bill will lead to new economic opportunities in different parts of the country.

Enabling the technology through all these elements is a great economic opportunity. 5G will only work with the compound semiconductor technology that I mentioned earlier—high-capacity chips that enable more data to be managed effectively. I said last week that if a silicon chip is a country lane, compound semi-conductors are great big highways: that is the volume of data that will be carried by the 5G network. The world’s largest cluster for compound semiconductor technology is in south-east Wales, part of the western gateway economic region. Companies such as IQE, SPTS Technologies, Newport Wafer Fab and others work with the Compound Semiconductor Applications Catapult, as well as universities from Cardiff and Swansea to Cambridge and Bristol.

It is worth noting that the UK has great expertise in silicon chip design, but we do not manufacture such chips any longer. In contrast, we design and fabricate compound semi-conductor chips, so supporting and encouraging further investment in this sector can maintain manufacturing capacity as well. Their energy efficiency is also a key benefit, particularly with technology consuming 2% to 3% of global energy demand.

Finally, I mentioned quantum encryption earlier. So much more use will be made of fibre technology as part of the small cell element of the 5G roll-out. Quantum encryption is vital if we are going to maintain our defences against the cyber threat that so many colleagues have talked about.

It is a privilege to support this Bill. There are so many elements that must coincide and go along with it, and I am glad that the Minister is taking large leaps in the right direction.

20:45
Tom Tugendhat Portrait Tom Tugendhat (Tonbridge and Malling) (Con)
- Hansard - - - Excerpts

This is one of those unusual moments when almost everything I wanted to say has been said, so I will be exceptionally brief.

The Minister has done a very good job in listening. There was a time earlier this year when many of us thought that this could become a very difficult issue for the Government. I have to say that the Minister and his entire Department have done a fantastic job in listening, not just to those of us on the Government side of the House but to those on the Opposition side, and making sure that the points we have raised have been addressed—and, if I may say so after the statement today, much sooner than I think many of us expected.

I would also like to say thank you to the Minister for the effort he has put into reaching out not just to companies around the world—Nokia, Ericsson, Fujitsu, Samsung and a few others—to replace Huawei, but to UK companies to make sure that, at some point, we will be talking not about foreign companies supplying UK markets but about UK companies supplying foreign markets. On that, I will merely say thank you and sit down.

20:46
Chris Loder Portrait Chris Loder (West Dorset) (Con)
- Hansard - - - Excerpts

It is a privilege to follow my hon. Friend the Member for Tonbridge and Malling (Tom Tugendhat). Like him, I will keep my comments short because of the many contributions we have had this evening so far.

I welcome this Bill very much. I truly believe it has security at its heart. Many of us in this Chamber this evening were here debating this matter and related matters, if memory serves me correctly, on 10 March. We had very heated exchanges and very important points were made. It was a great concern of ours that high-risk vendors and others could access our infrastructure systems. I think it is clear—crystal clear, in fact—that the Government have listened to our concerns, both mine and those of many of my hon. Friends and colleagues from across the House.

The critical national infrastructure that we have should be, and I think increasingly is, a national priority, and I believe that this Bill will ensure this. Indeed, the Act that it seeks to amend, the Communications Act 2003, I am sure will do so too. These powers protect us from threats both now and in the future. As hon. Friends have pointed out in this debate, it is clear that the speed of digital infrastructure, digital services and so on is progressing so fast that we need the powers that we are debating this evening to keep up the pace.

I would like particularly to commend my colleagues here this evening—my hon. Friend the Member for Tonbridge and Malling, my right hon. Friend the Member for Bournemouth East (Mr Ellwood) and my hon. Friends the Members for Isle of Wight (Bob Seely) and for Totnes (Anthony Mangnall)—for their very informed and helpful, insightful contributions to this debate. I would like to say an enormous thank you to all of them for what they have contributed in increasing my own understanding of this matter.

We see in many fields, though, that in the future of the market, particularly in this area, it is key that the private sector is involved. We see that where there are foreign powers at play, they can disrupt this market, and we must make sure that that does not continue to happen. The new technology also of course has a vital role to play in dealing with some of the many connectivity issues that we experience here in the UK today. As the Member for West Dorset, I like to speak sometimes for wider Dorset and my neighbouring colleagues who also experience the many difficulties that are associated with lack of connectivity, both in terms of broadband and mobiles. It is not only my mission to make sure that we make that better, but—I believe, after the debate this evening—it is also the mission of this Government to make sure that that is done better and safer, and that the digital security not just of individuals but of the nation and the Government is absolutely at its priority.

Finally, I thank very much the Minister for all the work that he has done, both on this Bill and others. I look forward to working with him still further to make sure we deal with some of those connectivity issues closer to home in West Dorset. I thank him very much indeed.

20:50
Anthony Mangnall Portrait Anthony Mangnall (Totnes) (Con)
- Hansard - - - Excerpts

It is a pleasure to be able to speak in this debate and to follow my hon. Friend the Member for West Dorset (Chris Loder), who was so kind about me it almost makes me think he has set me up for a fall. It is also very good to be able to follow my right hon. Friend the Member for Vale of Glamorgan (Alun Cairns) who we might think, having listened to his speech, has every single high-tech industry in his constituency. If that is the case, I am sure he will be willing to share some of it with the south-west.

My maiden speech was made during consideration of the Telecommunications Infrastructure (Leasehold Property) Bill, and the shadow Minister was good enough to attend. After that, I have taken a keen interest in this topic and the issues of national security that surround it. The Minister has consistently met me, members of the inter-parliamentary alliance on China and those who had concerns about Huawei, and I thank him for doing so. The result that we have got today is a real progression and benefit to our national security network, and also an example of what we can do when the House works together in a consensual way.

We know that the international landscape is now far more varied and dangerous, and that it seeks to exploit domestic networks. A recent example of this was highlighted in a Bloomberg article that cited Nortel, a Canadian company that was so badly hacked—reportedly—by Huawei in 2000 that it led to the collapse of the company over a period of 10 years. Some 5,000 employees were working in my constituency in the early 2000s. That shows that a company supported by the Chinese state can have a dangerous impact on companies around the world, as well as on our own state infrastructure.

The steps in the Bill are very welcome. Not only will they check the dominance of international companies such as Huawei, but they will identify potential future threats. As right hon. and hon. Members have said, this is not an anti-China Bill or an anti-Huawei Bill; it is about national security and identifying future threats that we may face. It is also an opportunity to focus on our domestic market and what we can do to create new businesses and opportunities and use our homegrown talent. As the Secretary of State mentioned, the £250 million national telecommunications lab will be a perfect opportunity to cultivate and innovate new technologies and encourage new people to go into the sector. My hon. Friend the Member for The Wrekin (Mark Pritchard) was kind enough to suggest that it should be based in his constituency, but I might also suggest that it comes down to the south-west and Paignton in my constituency, which has the high-tech EPIC centre focused on photonics. I will put that in there, and I hope to meet the Minister to discuss how we might make that happen.

As we know, how far we can go with this depends on how our willpower is positioned and our determination to cultivate British talent, skills and innovation. The diversification point has been made several times, and much has been said, but we also have to be conscious of the need to create the environment that will see new entrants into the marketplace. Relying on Ericsson and Nokia is all very well, but we can and will be able to develop new companies with our Five Eyes colleagues—the same point was made by the US Secretary of State earlier this year, looking at opportunities to build new companies together. Where diversification is limited, there are correct measures to guide and limit high-risk vendors in our telecommunications network, and those are contained in the Bill, notably in clauses 15 and 23.

I also take the point that the right hon. Member for North Durham (Mr Jones) made about parliamentary oversight. I hope the Chair of the Intelligence and Security Committee, my right hon. Friend the Member for New Forest East (Dr Lewis), will forgive me for suggesting that if the Government are unwilling to bring forward proposals for parliamentary oversight, they could go to that Committee so that it could scrutinise them. I apologise for adding to his workload, and I hope he does not think that that is a poor suggestion.

My right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith) mentioned convention rights, including human rights. One of the biggest grievances many of us have had in terms of Huawei’s role in our telecommunications infrastructure network relates to China’s violations of human rights. The Minister might say that this is not the right time or the right Bill to look at human rights, and if it is not the right Bill, I hope he will say in his closing remarks when the right time to address this point is. I know there are other opportunities, alongside the National Security and Investment Bill, but I would be keen to hear at which point we might address human rights.

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

I am listening carefully to my hon. Friend’s excellent speech. The Minister will note, as I pointed out to him, that this Bill is signed off on the basis of the application of rights, including human rights. Every Bill has the right to be amended.

Anthony Mangnall Portrait Anthony Mangnall
- Hansard - - - Excerpts

I thank my right hon. Friend for his experience and knowledge in guiding me on that point. Of course, I accept that he is right on that matter. In that case, how might we address the issue I have raised?

We have righted a wrong. We have addressed an issue on which we have been seen as out of kilter with our international allies. Now, we have the opportunity to go further and to pass this fantastic piece of legislation. We can harness the international community and, as with the Augean stables, clear up the mess. We can make sure that, in future, we have a robust and secure telecommunications infrastructure network that is the pride of Britain.

20:56
James Sunderland Portrait James Sunderland (Bracknell) (Con)
- Hansard - - - Excerpts

It is a great pleasure to follow my hon. Friend the Member for Totnes (Anthony Mangnall). I am delighted to speak in the debate, for two key reasons. First, it shows that the Government do listen to Back Benchers. We have provided feedback all the way through this process, and some of us have some background on this topic. I am therefore greatly reassured that the Minister is here and is listening to what we are saying.

I also commend the Bill for what it is. I am very reassured that the conclusions of the telecoms supply chain review in 2019 are being met. As the world recovers and recalibrates after covid, the UK has a great opportunity to take the initiative and to become a world leader on another piece of vital technology, and I will be firmly supporting the Government on the Bill.

As our defence and national security move ever more online, it has never been more important to secure our lines of communication. With £16.5 billion extra in the Ministry of Defence budget alone, it is really important that the defence sector takes advantage of that, not least in the cyber-sphere. We have heard today of the strategic independence imperative, and I firmly welcome that.

The Bill will do three things. It will allow for better security, which is absolutely important. It will placate our allies, notably in the Five Eyes community, and why not Japan as well? There is a neat link there with the NEC trial that is coming up in Wales. It will also open the door for other 5G providers. I therefore support the UK’s diversification strategy.

As we have heard, clauses 1 to 14 introduce a more robust telecoms security framework. The Bill enables more specific security prerequisites to be set out in secondary legislation. It also gives the telecoms operators’ regulator Ofcom more power to monitor and enforce industry compliance. Clauses 15 to 23 give new national security powers for the Government to manage the risks posed by high-risk vendors, and we have heard much about that today. The Bill therefore gives the Government new powers, and rightly so.

On 14 July, the Secretary of State announced that, from the end of this year, telecoms operators must not buy any 5G equipment from Huawei, with a timetable for removing all Huawei equipment from our 5G network by 2027. September 2021 has also been announced as the new cut-off date for new Huawei equipment in the UK.

What about the wider requirements of the Bill? This is really important, so I urge the Minister to take note. Industry must be given sufficient time to comply with telecoms security requirements, and deadlines must be realistic. The Government, as we have heard, have settled on 2027 as the date by which high-risk vendor equipment is to be removed and this timeframe must be left as it is. It reflects the complexity of the task and slippage will not be welcomed.

I also support the Government’s initial commitment to promote diversification and resilience in the supply chain backed by the initial £250 million from the spending review. That is probably just the start and it may need more funding. I welcome, as I mentioned, the forthcoming trial in Wales with NEC and our Japanese friends.

I will mention Vodafone very quickly. Vodafone has called for greater investment in Open RAN and, of course, Vodafone has been a key contributor to Open RAN. This would reduce UK reliance on mobile network vendors and allow the UK to develop domestic vendors at scale and benefit consumers through greater price competition. That is to be welcomed. Again, it is clear that the more 5G providers there are, the better it is for everyone. As we have heard, the most sensitive core parts of our 5G network must be free of Huawei equipment and must remain so.

Lastly, upgrading the UK’s mobile infrastructure to 5G could be worth as much as £158 billion over the next 10 years. It will also keep us safe. Surely this is worth investing in, so the telecoms bill is absolutely a step in the right direction and I support it.

00:06
John Hayes Portrait Sir John Hayes (South Holland and The Deepings) (Con)
- Hansard - - - Excerpts

The Government have acknowledged the need to protect critical communication infrastructure and that is welcome, particularly so as it comes on the heels of the National Security and Investment Bill. Telecoms provision is more important than ever. We have always lived in a data-rich world, but what has changed is how readily we access that data as the way in which we gather, exchange and distribute information has changed. I am left wondering whether T.S. Eliot was not right that wisdom is lost in information. Nevertheless, it is the world in which we live and that world means that the way in which we control or, if necessary, prohibit provision of that data, by which I mean the technology, the networks and those that supply and manage them, is critical to our security. To that end, this Bill is indeed, as the Intelligence and Security Committee was told, an important first step, but only that. We do need to look at other factors, to which I will draw the House’s attention in my brief contribution this evening.

Of course the main purpose of the Bill is to raise telecommunications security standards across the board by means of a new and more rigorous telecoms security framework, but the Bill also gives the Secretary of State particular powers to designate vendors of telecommunications equipment as a risk to national security. All dependence is, by definition, a risk, for dependence creates risk. Over-dependence means unsustainable risks and, in terms of national security and national interest, there are three kinds of risks: monopoly or near-monopoly provision; malevolence; and corporate failure.

Eleanor Laing Portrait Madam Deputy Speaker (Dame Eleanor Laing)
- Hansard - - - Excerpts

Order. I hesitate to interrupt the right hon. Gentleman, and it is for a very unusual reason. I just feel that I ought to point out to the House that, having exhorted the right hon. Member for Vale of Glamorgan (Alun Cairns) to be rather more brief than he was going to be—though I have to say that he took only one minute longer than the eight minutes that Madam Deputy Speaker (Dame Rosie Winterton) had previously asked people to take—I should point out most unusually to the right hon. Gentleman who currently has the Floor that, as four of his colleagues who have immediately preceded him have spoken incredibly —I mean incredibly—briefly, the exhortation to take only eight minutes no longer applies, though I would not recommend taking no more than about 12 minutes.

John Hayes Portrait Sir John Hayes
- Hansard - - - Excerpts

Not only is that typical of your generosity, Madam Deputy Speaker, but for me it is what amounts to nirvana, and for the House, something similar I hope.

All of those aspects of risk are mitigated by market diversification, but as we have heard from many speakers during this debate, this market is anything but diversified. The concentration of provision has exacerbated the very risk that this Bill seeks to deal with. It is vital that, as well as the taskforce, which we have heard the Minister has established, a strategy emerges on exactly how we are going to diversify this market, because competition not only counters dependence, but competitive pressure drives up innovation and quality. The telecoms supply chain review judged that, should the UK become dependent on a single vendor of telecoms equipment—particularly a high-risk vendor—it would pose a range of risks to the security and resilience of UK telecoms networks.

The issue of national dependence goes beyond high-risk vendors, however. The number of suppliers in the UK telecoms market—as we have heard repeatedly, currently Huawei, Ericsson and Nokia—is already critically low. While the security of the network can be improved by removing Huawei equipment, the wider problem of potential dependence will be exacerbated by the power to designate vendors and introduce directions unless there are new entrants to the market. We really need to hear from the Minister either in his wind-up or later, if he does not have time tonight, precisely when the diversification strategy will be brought to the House for consideration and what legislation will be necessary. I understand that a Bill may be forthcoming, following this one, to give life to that strategy.

My right hon. Friend the Member for New Forest East (Dr Lewis) emphasised that diversification is by far the best way to secure UK telecoms. The Government judged in their assessment that there is a global market failure in the telecoms market. While the Government will intervene to take the measures necessary and facilitated by the Bill, unless we grapple with that global failure, we will, I fear, come back to this House time and again and need to do more. As I said when we spoke a week or a two ago about the Bill that I just mentioned, I suspect that security considerations will increasingly feature in Government strategy and policy and that this House will need to debate security issues with much greater regularity than it has historically, given the dynamism that we now face.

I have spoken about market failure and the need for diversification. Let us speak about malevolence, because much has been said, of China in particular, and Russia has been mentioned too. There is no doubt that, as the Government have acknowledged, there are malevolent powers who seek by a variety of means to disrupt the lawful activities of this country and so endanger its citizenry by whatever method they deem most appropriate. We should not be naive about this and, frankly, for too long successive Governments were. This Bill is welcome but again, as my right hon. Friend mentioned, it has been a long time coming, given the warnings that were issued from the ISC and others.

Let me re-emphasise to the Government that we certainly need a diversification strategy urgently. We need the legislation that supports it but there are other matters, too, that I want to conclude with, Madam Deputy Speaker, despite your invitation to speak at appropriate—I will not say “excessive”— length. These questions are critical but not, in my judgment, designed in any way not to recognise the achievement of the Minister and the progress made by the Government.

When will the strategy come forward? I would like to hear about that as soon as possible. Given that the ISC raised this matter 18 months ago, I think we need a firm timeline and an assurance that there will be no more prevarication. My right hon. Friend the Member for New Forest East is right that national security must be an overriding consideration in this field of work. In being deployed, the powers conferred by the Bill must, at heart, always gauge national security as predominant. How will that be determined? Threats are subtle and dynamic, and yet the means and methods by which the Department will both define national security and apply that definition through the provisions of the Bill to differing circumstances have not been made crystal clear. I am mindful that this is a Department for sport and culture without a security role apart from this one— perhaps more skiing than spying, and more existentialism than espionage. What specific processes, structures and procedures will the Department use to access the expertise of the National Cyber Security Centre and the wider intelligence community in designating vendors?

We heard earlier about the expertise, skills and resources of Ofcom, but given that the Bill gives new powers to Ofcom, how will it be held to account? I know that my right hon. Friend the Member for New Forest East would share my view—I have not discussed this with him so I am making that assumption—that Ofcom ought to be scrutinised by the Intelligence and Security Committee, given the particular nature of its new responsibilities: to proactively assess the security practices of larger telecoms providers; to take action where security is, or is at risk of, being compromised; and to make information available to and provide annual security reports to the Government.

Finally, will the Minister say more about related telecommunications challenges such as Russian involvement with undersea cables that carry comms data and the future security and resilience of satellite technology? The covid crisis emphasises the need to build resilience to risk. It can be done by making more of what we consume, and by recognising that in the fragility and imperfectability of our socioeconomic order, the market is no guarantor of wellbeing, so it must be shaped, guided and, where necessary, constrained by people with power for whom communal interest is the defining purpose. Those people with power are the Minister and others who govern and we here in this House who hold them to account.

21:11
David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - - - Excerpts

It is always a pleasure to follow my right hon. Friend the Member for South Holland and The Deepings (Sir John Hayes). I welcome the Bill and congratulate the Government on it. It is a good Bill, and credit should go to the ministerial team for that. Credit should also go to my Back-Bench colleagues who have made important contributions this year. There are plenty of them, but in particular, my hon. Friend the Member for Tonbridge and Malling (Tom Tugendhat), my right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith) and my hon. Friend the Member for Isle of Wight (Bob Seely) have helped us to get to a better Bill.

This comes a couple of weeks after Second Reading of the National Security and Investment Bill, which I also spoke in support of. As with that Bill, it is right that we devise a new regime for the risks that we think we face at this time, and we should not be too prescriptive. Our focus in 2020 is Huawei, but we have to leave this open to new threats that we might encounter, so I am comfortable with Huawei’s name not being on the face of the Bill.

I support Ofcom being given the powers to ensure that providers adhere to the new security measures that we want them to take. I also support the Government bringing forward the deadline for buying new equipment from Huawei to September 2021 and the removal of all its equipment by 2027. Of course, I would like that date to be earlier, and I maintain that there is a distinction between what the providers want to do and what is genuinely impossible for them to do, but I accept the Government’s judgment. I accept that, like any businesses making an investment decision, providers require certainty. They need to know that that is the year it is happening, and we need to stick to that. I also accept—perhaps the Minister could comment on this—that providers have an understandable concern that the decisions made by local authorities about masts and so on may further delay the roll-out, and perhaps we can support them in those decisions.



As this debate went on in 2020, I found some of the contributions—not necessarily from this House but from outside it—frustrating. One in particular was the suggestion that there are no risk-free vendors. I accept that, but when we are dealing with companies such as Nokia and Ericsson, we know that we are dealing with fundamentally different entities from companies such as Huawei. We are not concerned that Nokia and Ericsson will collaborate with intelligence agencies on spurious national security grounds, and we are not concerned that there might be back-door vulnerabilities in the equipment, as Vodafone found a decade ago; even though it was assured that they had been taken out, that was not the case. It is also fair to say that we are not concerned about malicious cyber-attacks being directed at us from the Governments of Finland and Sweden. I accept that no provider can be without any risk at all, on the basis that I accept that no system is completely foolproof, but we are dealing with very different companies in those respects, compared with those where we have concerns about the world view of the country they are headquartered in.

Yet we need more competition and more diversity of providers. We would need that, by the way, even if there were no security considerations whatsoever, because competition improves quality, choice and price. I therefore very much support the Government’s investment of £250 million. I represent a largely rural constituency, so I entirely understand the importance of connectivity generally, and of 5G for the country as a whole and for my constituency. It has been suggested that it will be worth £170 billion to our GDP in the next decade. I know that the decisions being made through the Bill will delay the roll-out and increase the cost, yet they are entirely the right decisions to take because they are about our national security. In July 2019, the Government’s own supply chain review found that successive policy decisions had meant that, although we might have achieved good commercial outcomes, we had poor cyber-security. It is therefore entirely right that the Government should now reverse that order of priority, even if it is going to cost more and take more time, and I wholly support their aspiration to have one of the toughest security regimes in the world.

21:17
Bob Seely Portrait Bob Seely (Isle of Wight) (Con)
- Hansard - - - Excerpts

It is a pleasure to follow my hon. Friend the Member for Wantage (David Johnston). I noticed that he was speaking without notes, which was very impressive. Sadly, I still rely on mine. I thank the Minister for bringing forward the Bill, and I thank the ministerial team for talking to us and engaging with so many colleagues. It would be great if other Departments could do that. What can I say? Hint, hint!

When the Henry Jackson Society and I produced our “Defending our Data” document back in May 2019, many Members had yet to form an opinion on Huawei. I am therefore grateful to the 60-odd members of the Huawei interest group who took an interest in this subject, and to the 36 people who voted to show their concern to the Government back in early March on the Telecommunications Infrastructure (Leasehold Property) Bill. I am aware that that Bill was not necessarily the right place to express those concerns, but with hindsight I think it sent an important message to the Government from those 36 Members—plus two tellers, of whom I was one. The United States moving its position in subsequent months was also important. I think the change would have happened anyway, regardless of whether there was a Republican or a Democrat Administration. A combination of Back-Bench concern, quite rightly, and the United States’ understanding of the geopolitics being perhaps a little ahead of that of the United Kingdom and on a par with that of Australia helped to shape Ministers’ understanding of the problems.

I am slightly concerned that the situation came to this in the first place, because there were so many warning lights about Huawei’s deepening relationship with BT. My hon. Friend the Member for Totnes (Anthony Mangnall) spoke about Nortel. We must remember that Huawei had a supply contract with Nortel, during which time it hacked its way into Nortel’s systems and stole everything, like a parasite within a body. Nortel was one of the great, spectacular Canadian bankruptcies of the early 21st century. Why? Because it went into partnership with a business that deliberately collapsed it after stealing its IP. If that is not a lesson for us, it is difficult to know what is. Huawei never was and never will be a private firm. It is 99% owned by the Chinese state via trade unions. When I heard Ministers—not this Minister, but others—using the line about Huawei being a private company, I felt that it was a deeply naive thing for the Department to say.

Julian Lewis Portrait Dr Julian Lewis
- Hansard - - - Excerpts

Just for the record, a former Prime Minister said that as well, repeatedly.

Bob Seely Portrait Bob Seely
- Hansard - - - Excerpts

It was very concerning that those who govern us were calling a part and parcel of the Chinese state a private firm, which it clearly was not.

The Government claimed that Huawei could be safely limited to the periphery of the network. That is a dubious argument that is still being debated and is not believed by many experts in many other countries. Were there espionage issues with Huawei? Well, as my hon. Friend the Member for Wantage said, we do not expect a state threat to come from Sweden or Finland. But we do expect a potential threat to come from one-party totalitarian states such as China, Russia, Iran and North Korea. China is clearly one of those. So the Nortel example was a good one.

As we know, China has a dreadful reputation for intellectual property theft and cyber-attacks, so there were many reasons to be deeply concerned about what was happening in our relationship with Huawei. Yet at the same time it became incredibly powerful in this country. Why? Because it had a very aggressive lobbying network. It was throwing money at lobbyists and senior people who used to be at the heart of Government, at very senior levels. This really concerns me about the state of our democracy, and it is one reason that I would like to bring in a foreign lobbying Act. We need to have a much clearer idea of what those companies or oligarchs—those who act on behalf of other people and states—are up to in this country. We did not really know the extent of the Huawei lobbying operation.

John Hayes Portrait Sir John Hayes
- Hansard - - - Excerpts

My hon. Friend is painting a picture of a strategic view of China and other powers that has prevailed under successive Governments. It is born of a kind of determinism: “We can’t stop them, so we’ll have to live with them”. There is a predetermined inevitability about the domination of these states, and that is a misconception that needs to be challenged fundamentally, in the way in which he is doing so tonight.

Bob Seely Portrait Bob Seely
- Hansard - - - Excerpts

I look forward to being as eloquent and well dressed as my right hon. Friend one day. Before I come to the point that he mentioned on the need for a consistent approach and better understanding, let me say one more thing about Huawei.

A few other Members have touched on this matter: China’s human rights issues. The excellent Australian Strategic Policy Institute has presented credible evidence of significant human rights forced labour issues, with people from Xinjiang province being used not only by Huawei, but by other significant Chinese firms, or by firms producing goods for western consumer markets and western branded goods. This point brings us to the National Security and Investment Bill—although I know that we are not talking about that at the moment—and the need for a definition not only of national security, but of national interest as well. Do we really think it is in our national interest for us to be accepting slave labour products in this country, whether through Huawei—allegedly—or other firms, including well-known branded names? That human rights aspect is well worth playing up.

It seems clear that the China that we had all hoped for —indeed, the golden era that we were meant to welcome under David Cameron and George Osborne—is not the China that we are getting. We need to be realistic. When it comes to international relations, in the west we are effectively liberal internationalists. We take a positive view of humanity—maybe a liberal, rather than a conservative one, if one is being philosophical about these things, but a benign view of humanity. That is not necessarily shared by the hard-nosed realism school of thought that we see in Russia and China, which is much more of a zero-sum game: we win, you lose. China plays that more subtly than Russia, but there are enough similarities between the two that it should be of concern to us. We need a clearer understand that some people out there with whom we do business do not necessarily wish us well and do not wish our values well. Finally on that, we are stumbling towards that understanding, but we need a more consistent approach to how we deal with China, along the same lines of how we deal with Russia.  They are not the same—they are very different—but we have been forced to take a more consistent understanding of the Russian threat, and we need to do the same with China.

I congratulate the Minister on his work on the Bill. The “no new install” date is the key now, and that is why everyone is on side with the Bill. We need that September date, because it shuts down any alternatives for Huawei in the short term. We need a consistent approach, whether it is the Huawei Bill or the National Security and Investment Bill, across Government. This is one of the very small number of truly significant policy packages that we will have to get right in this country for the 21st century.

There are two choices for humanity this century. We can go down our route of open, broadly tolerant societies where people control their Governments—that free open model—or there is the closed model of totalitarian or one-party states, which are building up, with Huawei’s help, this Orwellian state, where the state knows what you are thinking before you do. That is not a good avenue for humanity to go down and, without being antagonistic and too hostile to other people, we need to defend our version of the future of humanity with a little more resolve.

21:26
Chi Onwurah Portrait Chi Onwurah (Newcastle upon Tyne Central) (Lab)
- Hansard - - - Excerpts

I start by thanking Members from all parts of the House for a well-informed debate with many impressive contributions. My first job as a hardware engineer was with Nortel, which has been mentioned by a number of Members. Having spent 23 years in the sector before entering the Commons, I am thrilled that the main debating chamber of our parliamentary democracy should spend so many hours dedicated to our telecommunications infrastructure. I regret that Members who wanted to take part in this debate, particularly from the Opposition Benches, and who could have done so remotely, were not able to do so because of an arbitrary decision by the Leader of the House.

However good the debate is, it cannot make up for the wasted decade under this Government. Successive Tory Governments have squandered the world-leading legacy position on broadband infrastructure left by the last Labour Government. Since then, we have seen delays in the roll-out of networks and the development of a dependency on high-risk vendors. The UK’s sovereign telecoms capabilities and our national security have been neglected, resulting in the Huawei debacle and ultimately this Bill.

My hon. Friend the Member for Cardiff Central (Jo Stevens) put it so eloquently: national security is the first duty of any Government, and Labour will always put that first. The point was made strongly by a number of Members, including the right hon. Members for New Forest East (Dr Lewis) and for Chingford and Woodford Green (Sir Iain Duncan Smith).

Given where we are, we support the aims of the Bill. National security should be the priority of any Government, and our telecommunications infrastructure is clearly critical to our defence, our security and our economic prosperity. That point was made by a number of Members, including the hon. Member for The Wrekin (Mark Pritchard).

We must make sure that we do not find ourselves in a similar position again and that our telecoms network and supply chain are resilient and protected in future, even, critically, as the geopolitical environment evolves. Our telecoms infrastructure lacks security and resilience. We have taken no steps to maintain or develop a sovereign communications capability, and the Government’s broadband strategy, if we can call it that, has far more U-turns, dither and delay than meaningful policies. We want to work with the Government to get issues of national security right, but the Bill is far from perfect.

Members have raised many issues, and I will focus on just three: cost, resource and diversification. I have found telecoms operators to be extremely responsive to the need to take action on the issue of, and in the cause of, national security and to replace high-risk vendors, but six months since the decision to strip out Huawei was finally made, we still do not know how the Government plan to achieve this. They seem to have decided that that is for the private sector to sort out.

The impact assessments, of which there are two, admit that the Government cannot figure out what the impact will be. They have chosen not to give operators any legal protection on existing contracts, but have again not quantified that impact. The Government are apparently happy to pass on the costs of their mistakes, indecision and poor planning to the operators, stating that the costs of removing Huawei are

“commercial decisions that are for the mobile operators to make.”

Yet clearly there was a failure Government here, as 5G security was not sufficiently safeguarded, in the ways that the right hon. Member for South Holland and The Deepings (Sir John Hayes) set out so clearly. Will there be a delay in 5G roll-out? Again, we are not clear, and depending on what is factored in, various research projects have found the costs to be anything from £6 billion to £18 billion. If the Government plan to leave this entirely to the mercy of the market, I would say that all the information-gathering skills Ofcom has will not give us an accurate integrated view of progress and effectiveness. There is no mention of working with local authorities to ease this or to make it quicker, cheaper or more effective.

I joined Ofcom in 2004, just a few weeks after it was born, when it was to be a light-touch regulator, small and nimble. Over the years, it has acquired responsibility for critical national infrastructure; the BBC; the Post Office; soon, we understand, the entirety of online harms; and now, it would appear, national security as well. As Members have pointed out, this Bill refers only to the Secretary of State and Ofcom when it comes to making these key decisions. Of the two, I have to say that I would have more confidence in Ofcom, but the Bill says very little about the resources or the skills that will be provided. This is a huge job, an issue that my right hon. Friend the Member for North Durham (Mr Jones) set out so clearly in what was a truly excellent contribution. One still has to ask: is it sufficiently well scoped? It is a huge job, but is it actually scoped? Is it the role of Ofcom to consider the security of our current networks, or should it be forward-looking? Members have set out what kind of a challenge that would be. Members also touched on the importance of human rights with regard to China’s record. How is that to play on national security decisions?

John Hayes Portrait Sir John Hayes
- Hansard - - - Excerpts

The real point about Ofcom is whether it acquires those skills or what the processes will be for it to access them from the intelligence community and the National Cyber Security Centre, which would seem to be a much more straightforward way of quickly tooling up to do the job the hon. Member describes.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

I thank the right hon. Member for that intervention, and indeed for his contribution to the debate. I agree with him, although I think that is something we need to work out and probe in Committee, because currently there is no reference to that, or no plan to do that. I think we should certainly be taking into account and using our existing resources, and we all know that these kinds of resources and skills are both expensive and hard to find at the moment. The right hon. Member makes an important point.

On 14 July, the Secretary of State, who is not in his place, said in this House that he had

“set out a clear and ambitious diversification strategy.”—[Official Report, 14 July 2020; Vol. 678, c. 1377.]

I asked him repeatedly over the summer when he would publish this clear strategy that he had already set out. Answer came there none, and I could only conclude that he had misspoken. However, I did think that today we would get that strategy, but unfortunately not. Yes, there is actually a diversification strategy, which has been published, but it is neither clear nor ambitious. It is far more concerned with bringing new vendors into the UK than with developing our sovereign technological capability. Indeed, as it diversifies opportunities for Nokia and Ericsson, we could call it an effective Scandinavian industrial strategy. Apart from a vague commitment to link the scale of home-grown suppliers to the Government’s broader growth and productivity agenda, there is no clear plan—no plan at all—to build UK sovereign capabilities, which the right hon. Members for Vale of Glamorgan (Alun Cairns) and for Bournemouth East (Mr Ellwood) emphasised as being important.

Just today, Mobile UK, the mobile operators industrial body, emphasised that the Bill and the 5G diversification strategy are intrinsically linked but not, it would appear, by the Government. The diversification strategy also does not refer to fibre, although the Bill applies to our fibre networks too and may impact the Government’s constantly shifting roll-out targets.

Network operators need to be confident in the maturity, performance, integration and security credentials of new vendors and technologies before they are deployed in their main networks. We agree with the Secretary of State that the Government can help accelerate that process, and in doing so there is potential to create opportunities for the UK to take the lead, as well as much-needed high-skilled jobs. The hon. Members for Totnes (Anthony Mangnall), for Strangford (Jim Shannon) and for Bracknell (James Sunderland) all agreed about the importance of diversification, but all the diversification strategy says about developing UK technology, jobs and capability is that it will be part of the industrial strategy, which we have yet to see. Clearly, we do not have a diversification strategy.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

Does my hon. Friend agree the Bill will have to dovetail closely with the National Security and Investment Bill? If new developments were taken over by foreign entities, that could be a security risk as well. However, as we were told last week, the responsibility for that lies with the Department for Business, Energy and Industrial Strategy, not DCMS.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

My right hon. Friend makes an excellent point. He is absolutely right. The question of how the diversification strategy delivers home-grown capability and protects that as it grows and strengthens has been avoided.

As the shadow Secretary of State said, it is important that everyone can benefit from 5G, both in our technological capability and in using it. There is a digital divide in this country: 11 million adults lack one or more basic digital skills and 10% of households do not have internet access. 5G has the potential to increase digital inclusion, providing greater access to broadband. As the hon. Members for West Dorset (Chris Loder) and for Caithness, Sutherland and Easter Ross (Jamie Stone) highlighted, digital technology can be a great leveller, but we need to ensure that the infrastructure and skills base exist for everyone to take advantage of the opportunities it provides. Digital inclusion requires political will, urgent action and a Government who understand the importance of universal digital suffrage. Government interventions on that have been brief—not quite as brief as the intervention of the hon. Member for Tonbridge and Malling (Tom Tugendhat) in the debate, but far less eloquent.

As a chartered engineer, I want to finish by celebrating the potential of 5G, which can truly transform our businesses, our industries and our daily lives. It will not only vastly improve our connectivity and browsing experience but support new enabling technologies, from the internet of things to artificial intelligence. If the first industrial revolution was powered by engines, the fourth will be powered by data. As hon. Members have observed, 5G is essential for innovations from driverless cars to smart cities, and to addressing the climate emergency through monitoring and improving our energy efficiency. Some estimates predict that 5G could mean productivity savings for the UK of up to £6 billion a year on top of energy and waste reductions that internet of things devices could enable.

We must get this right. As we all agree, our national security is priceless, but until we see a detailed plan, a proper impact assessment and an industrial strategy, the Opposition will remain deeply concerned that the Government are not prepared to make the interventions necessary to ensure that our national security is safeguarded.

21:39
Matt Warman Portrait The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport (Matt Warman)
- Hansard - - - Excerpts

I thank all Members for a well-informed and important debate. We have heard across the House that all Members believe that this Government should be putting national security at the very top of our agenda. That is what we are doing tonight. We are also putting forward a strategy that will allow the UK to derive all the benefits that we possibly can from all the enhanced digital reliance that we have seen across the country over the course of this pandemic and, of course, before it.

We have all heard this evening just how much connectivity matters and just how much our national security matters. We heard upwards of 20 speeches, which clearly demonstrated the critical importance of the security of our telecoms networks, especially as we move into the next phase of digital connectivity. As the Secretary of State has said, this Bill will raise the security bar across the board. It will provide us with the capabilities that we need to protect ourselves from a range of threats, both now and in the future. I am pleased that the Bill has support across the House. It is clear that we are all keen to put the UK’s national security interests first.

I hope that Members are reassured that the Government are taking these issues seriously. A number of Members referred to the Huawei interest group. Much as I have enjoyed being the subject of the Huawei interest group’s interest, I am glad that we have come to a position that has been welcomed across the House. The Government have taken steps today both to lay out our diversification strategy—an important £250 million commitment that is detailed and has real potential to see British companies grow in the way that my right hon. Friend the Member for Vale of Glamorgan (Alun Cairns) identified—and to publish illustrative designations and directions demonstrating the transparency that many Members across the House have asked for. Through that, I think we have demonstrated our commitment to dealing with the risks to our networks and the national security threats that come from high-risk vendors.

I turn to some of the points that have been raised in the course of the debate. The first, which was raised across the House, is the important matter of human rights. We want respect for human rights to be at the centre of all business that takes place in this country. These are vital issues that go much wider than telecoms. A number of Members rightly pointed out that the Telecommunications (Security) Bill will be focused on matters related to telecommunications and security, but of course we have serious concerns about the human rights situation in Xinjiang, including the extrajudicial detention of over 1 million Uyghur Muslims and other minorities in political re-education camps, systematic restrictions on Uyghur culture and the practice of Islam, and extensive invasive surveillance targeting minorities.

Where China is not meeting its obligations under international law, the UK Government will continue to speak out publicly. Indeed, the 30 June formal statement that the UK read out on behalf of 28 countries at the UN Human Rights Council highlighted arbitrary detention, widespread surveillance and restrictions targeting ethnic minorities. The Government published their response to the consultation on transparency in supply chains in September, and we are committed to taking forward an ambitious package of changes to strengthen and future-proof the transparency provisions in the Modern Slavery Act 2015. While, as many have said, issues of human rights are not matters directly for this Bill, they are acutely important, and Britain will continue to take that leading role.

Iain Duncan Smith Portrait Sir Iain Duncan Smith
- Hansard - - - Excerpts

I hear what my hon. Friend says, but surely he would concede that, as this Bill deals specifically with vendors and the vendors are themselves located, originally, in countries that may have been guilty of these abuses of whatever nature, should those companies be found to be using slave labour—such as some that are already referenced in this Bill—that would be a reason not to have them. Would he not think that they were high-risk vendors for the very simple reason that they abused those human rights?

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

As I said earlier, we would want to apply those standards not just to telecoms companies but to the garment industry and in a host of other areas where we know that there is the potential for similar abuses. I absolutely hear what my right hon. Friend says, but Britain can do better than focus simply on the relatively narrow aspect of telecoms.

Bob Seely Portrait Bob Seely
- Hansard - - - Excerpts

I hear what the Minister is saying, but I wish to follow up the point made by my right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith). If the debate on this Bill is not the place to discuss human rights, I get that, but we are also told that the debates on the National Security and Investment Bill are not the place to discuss human rights. I may get that as well, but the Government need to say where significant national interest concerns that are outside national security can be addressed. We talk the talk on human rights an awful lot in this country and this Parliament, but we have to put some trousers on that, I think.

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

I am not going to engage too heavily with my hon. Friend’s trousers, but I will say to him that, as I said a minute ago, we are committed to taking forward an ambitious package of changes to strengthen and future-proof the Modern Slavery Act 2015, and that is one of several significant avenues that are open to him.

On the important matter of diversification, the telecoms supply chain review asked how we can create sustainable diversity in our telecoms supply chain. That question is addressed by the new diversification strategy that we published today, which is crucial to ensuring that we are never again in a situation in which we are dependent on just a handful of vendors who supply the networks on which so many of us have come to depend. I wish to spend a little time on this issue. The Government have been working at pace to develop the 5G supply chain diversification strategy, which sets out a clear vision for a healthy, competitive and diverse supply market for telecoms and the set of principles that we want operators and suppliers to follow.

The strategy is built around three key strands: first, securing incumbents; secondly, attracting new suppliers; and thirdly, accelerating the development and adoption of open and interoperable technologies across the market. That is why, in the diversification strategy that we published today, we commit to exploring commercial incentives for new market entrants as we level the playing field; to setting out a road map to end the provision of older legacy technologies that create obstacles for new suppliers; and to investing in R&D to grow a vibrant and thriving telecoms ecosystem here in the UK.

I say gently to the hon. Member for Newcastle upon Tyne Central (Chi Onwurah) that we have directly addressed a number of the issues that she raised in Westminster Hall last week. I look forward to engaging with her more on the strategy because it is important that we should work together to try to make sure that we all derive the benefits of a serious £250 million Government commitment that will drive early progress and ensure that our 5G diversification strategy not only bolsters the resilience and security of our digital infrastructure but creates opportunities for competition, innovation and prosperity.

John Hayes Portrait Sir John Hayes
- Hansard - - - Excerpts

It is wonderful that the strategy has emerged, but will my hon. Friend be just as clear about legislative change associated with that strategy? I understand that a further Bill may come forward; given the urgency of this issue and the concentration that his Department is applying to the strategy, when can we expect that legislation?

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

We do not anticipate legislation as a direct result of the diversification strategy, but of course there are other important avenues to explore as part of the broader industrial strategy. A lot of what is in the diversification strategy does not need to be delayed by the legislative programme, and I think my right hon. Friend would welcome that.

A number of Members raised the role of Ofcom. Ofcom will monitor, assess and enforce compliance with the new telecoms security framework that will be established by the Bill. It will report on compliance to the Secretary of State alongside publishing the annual reports that he mentioned on the state of the telecoms security sector. I want to be absolutely clear: we have had productive conversations with Ofcom already. Ofcom will continue to have the resources it needs. We appreciate that those needs will be affected by the changes that we are bringing in today, and we will agree their precise nature with Ofcom. We will make sure that Ofcom has all the security clearance that it needs to do the job, and all the resources, external or otherwise, to do the job, because this is an important new power.

Ofcom may also play a role in gathering and providing information relevant to the Secretary of State’s assessment of a provider’s compliance with a designated vendor direction, and it may also be directed to gather further information to comply with the requirements specified in a direction. The Bill already enables Ofcom to require information from providers and, in some circumstances, to carry out inspection of the provider’s premises or to view relevant documents. Ofcom’s annual budget, as I say, will be adjusted to take account of the increased costs it will incur due to its enhanced security role.

Let me turn to a couple of issues raised by the hon. Member for Newcastle upon Tyne Central. We will of course be working with local authorities and with networks to minimise any disruption, but we do not anticipate that the decisions that we have made over the past few months will have a direct impact on existing commercial decisions. As the Secretary of State said, we do not expect the two to three-year delay to be extended by what we have said today, but we will keep in close contact with the networks and continue to make sure that we do everything we can to remove the barriers to the roll-out of the networks as far as we possibly can. I do, however, expect companies to do as much as they can to minimise the effects. These are commercial decisions that have been made by companies over a number of years. We have already seen, as a result of the Government’s approach over the past few months, significant changes to decisions. I welcome the neutrORAN project that my right hon. Friend the Member for Vale of Glamorgan mentioned, as well as a number of others that have been taken by networks that already see important changes to how they procure their networks.

Kevan Jones Portrait Mr Kevan Jones
- Hansard - - - Excerpts

The Minister has introduced the September 2021 date after which no new Huawei or high- risk vendor equipment can go into the networks. What will happen to those companies that perhaps have stock of Huawei equipment or entered into contracts thinking that they could implement them before September 2021 and will now have to be told that they cannot? Would they actually lose a lot of money?

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

Those decisions, as I said, were taken in the context of the environment that people were already well aware of, and they are taken at a degree of commercial risk. However, we have worked closely with the networks to ensure that there will be no additional delays as a result of this decision. I think it is the right thing that puts national security at the absolute heart of our programme, but it also does that in the context of not jeopardising the clear economic benefits and the clear practical benefits of improving connectivity across the country that we would all like to see.

On the emergency services network, we anticipate that these announcements concerning Huawei will have a very low impact on the emergency services network. We do not anticipate any impact on the programme schedules. There is some Huawei equipment in the EE part of the emergency services dedicated core network that EE is already working towards removing.

Let me cover one other aspect raised by the Chair of the Intelligence and Security Committee, my right hon. Friend the Member for New Forest East (Dr Lewis). I look forward—maybe that is not quite the right phrase—to appearing before the ISC in the next few days. We will always co-operate with it, and I am very happy to work with it on the best way to balance the obvious requirement between transparency and national security, although we would always seek to be as transparent as we possibly can be within those important bounds.

Julian Lewis Portrait Dr Julian Lewis
- Hansard - - - Excerpts

I did ask a few questions. If the Minister cannot answer them now, by all means he should write to me. However, I am concerned about a situation where, for example, a former leader of the Conservative party and former Prime Minister has a major role in the China belt and road funding operation. How secure will Government be against lobbying of people with that sort of connection and prominence?

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

I will simply say that the Government will always put our national security interests first, and of course we are always alive to the commercial interests of the companies that seek to engage with us in this matter or any other. I look forward to further engaging with my right hon. Friend and his Committee.

To conclude, this Bill does not simply produce a framework that will address one particular company or even one particular country. It sets up the futureproof regime that will allow us to deal with the company that we have spoken about so much this evening and also its successors in successor networks. The intention of this legislation is to persist well beyond the current challenges that we face. I am glad that it commands the support we have seen across the House. I am immensely grateful for what has been a genuinely well-informed debate and one that I look forward to carrying on in Committee. The Telecommunications (Security) Bill will create one of the toughest telecoms security regimes in the world. It will enable us to protect our national telecoms infrastructure, and it is also a chance for the UK to become the world leader in the development of new 5G technology that we all know we can be.

Question put and agreed to.

Bill accordingly read a Second time.

Telecommunications (Security) Bill (Programme)

Motion made, and Question put forthwith (Standing Order No. 83A(7)),

That the following provisions shall apply to the Telecommunications (Security) Bill:

Committal

(1) The Bill shall be committed to a Public Bill Committee.

Proceedings in Public Bill Committee

(2) Proceedings in the Public Bill Committee shall (so far as not previously concluded) be brought to a conclusion on Tuesday 19 January 2021.

(3) The Public Bill Committee shall have leave to sit twice on the first day on which it meets.

Proceedings on Consideration and up to and including Third Reading

(4) Proceedings on Consideration and any proceedings in legislative grand committee shall (so far as not previously concluded) be brought to a conclusion one hour before the moment of interruption on the day on which proceedings on Consideration are commenced.

(5) Proceedings on Third Reading shall (so far as not previously concluded) be brought to a conclusion at the moment of interruption on that day.

(6) Standing Order No. 83B (Programming committees) shall not apply to proceedings on Consideration and up to and including Third Reading.

Other proceedings

(7) Any other proceedings on the Bill may be programmed.—(David T. C. Davies.)

Question agreed to.

Telecommunications (Security) Bill (Money)

Queen’s recommendation signified.

Motion made, and Question put forthwith (Standing Order No. 52(1)(a)),

That, for the purposes of any Act resulting from the Telecommunications (Security) Bill, it is expedient to authorise any increase attributable to the Act in the sums payable under any other Act out of money so provided.—(David T. C. Davies.)

Question agreed to.

Telecommunications (Security) Bill (Ways and Means)

Motion made, and Question put forthwith (Standing Order No. 52(1)(a)),

That, for the purposes of any Act resulting from the Telecommunications (Security) Bill, it is expedient to authorise provision requiring public communications providers to pay certain costs incurred by the Office of Communications.—(David T. C. Davies.)

Question agreed to.

Telecommunications (Security) Bill (Carry-over)

Motion made, and Question put forthwith (Standing Order No. 80A(1)(a)),

That if, at the conclusion of this Session of Parliament, proceedings on the Telecommunications (Security) Bill have not been completed, they shall be resumed in the next Session.—(David T. C. Davies.)

Question agreed to.

Telecommunications (Security) Bill (First sitting)

Committee stage & Committee Debate: 1st sitting: House of Commons
Thursday 14th January 2021

(3 years, 2 months ago)

Public Bill Committees
Read Full debate Telecommunications (Security) Act 2021 Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 14 January 2021 - (14 Jan 2021)
The Committee consisted of the following Members:
Chairs: † Mr Philip Hollobone, Steve McCabe
† Britcliffe, Sara (Hyndburn) (Con)
† Cates, Miriam (Penistone and Stocksbridge) (Con)
† Caulfield, Maria (Lewes) (Con)
Clark, Feryal (Enfield North) (Lab)
Crawley, Angela (Lanark and Hamilton East) (SNP)
† Johnston, David (Wantage) (Con)
† Jones, Mr Kevan (North Durham) (Lab)
† Lamont, John (Berwickshire, Roxburgh and Selkirk) (Con)
† Matheson, Christian (City of Chester) (Lab)
† Onwurah, Chi (Newcastle upon Tyne Central) (Lab)
† Richardson, Angela (Guildford) (Con)
† Russell, Dean (Watford) (Con)
† Sunderland, James (Bracknell) (Con)
Thomson, Richard (Gordon) (SNP)
† Warman, Matt (Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport)
West, Catherine (Hornsey and Wood Green) (Lab)
† Wild, James (North West Norfolk) (Con)
Sarah Thatcher, Huw Yardley, Committee Clerks
† attended the Committee
Witnesses
Patrick Binchy, Technical Services Director, Three
Derek McManus, Chief Operating Officer, O2
Andrea Donà, UK Head of Networks, Vodafone
Howard Watson, Chief Technology Officer, BT Group
Alex Towers, Group Policy and Public Affairs Director, BT Group
Public Bill Committee
Thursday 14 January 2021
(Morning)
[Mr Philip Hollobone in the Chair]
Telecommunications (Security) Bill
11:30
None Portrait The Chair
- Hansard -

Before we begin, I have a few preliminary announcements. Please switch electronic devices to silent. Tea and coffee are not allowed during sittings of this Committee. I would also like to remind Members of the need to observe the rules on physical distancing, both in this room and when entering and leaving via the marked entrance and exit doors. It is important that Members find their seats and leave the room promptly in order to avoid delays for other Members and staff.

Today we will first consider the programme motion on the amendment paper. We will then consider a motion to enable the reporting of written evidence for publication, and then a motion to allow us to deliberate in private about our questions, before the oral evidence session. In view of the time available, I hope, but cannot insist, that we take those matters without debate. I call the Minister to move the programme motion standing in his name, which was discussed on Tuesday by the Programming Sub-Committee for this Bill.

Motion made, and Question proposed,

That—

(1) the Committee shall (in addition to its first meeting at 11.30am on Thursday 14 January) meet—

(a) at 2.00 pm on Thursday 14 January;

(b) at 9.25 am and 2.00 pm on Tuesday 19 January;

(c) at 11.30 am and 2.00 pm on Thursday 21 January;

(d) at 9.25 am and 2.00 pm on Tuesday 26 January;

(e) at 11.30 am and 2.00 pm on Thursday 28 January;

(2) the Committee shall hear oral evidence in accordance with the following table:

Table

Date

Time

Witness

Thursday 14 January

Until no later than 12.30 pm

Three; O2; Vodafone

Thursday 14 January

Until no later than 1.00 pm

British Telecommunications

Thursday 14 January

Until no later than 2.45 pm

Mobile UK; TechUK

Thursday 14 January

Until no later than 3.30 pm

Mavenir; NEC Europe Ltd

Thursday 14 January

Until no later than 4.15 pm

Small Cell Forum; Digital Policy Alliance

Thursday 14 January

Until no later than 4.45 pm

British Standards Institution; Royal United Services Institute

Tuesday 19 January

Until no later than 10.10 am

Webb Search; Oxford Information Labs

Tuesday 19 January

Until no later than 10.45 am

Dr Alexi Drew, the Centre for Science and Security Studies, King’s College London

Tuesday 19 January

Until no later than 11.25 am

The Office of Communications

Tuesday 19 January

Until no later than 2.45 pm

Catapult Compound Semiconductor Applications; Dr Nick Johnson; UtterBerry

Tuesday 19 January

Until no later than 3.30 pm

MWE Media Ltd; Lumenisity; Dr David Cleevely CBE

Tuesday 19 January

Until no later than 4.00 pm

Information Technology and Innovation Foundation



(3) the proceedings shall (so far as not previously concluded) be brought to a conclusion at 5.00 pm on Thursday 28 January.—(Matt Warman.)

Kevan Jones Portrait Mr Kevan Jones (North Durham) (Lab)
- Hansard - - - Excerpts

I have no problem with the programme motion, because it is sensible, but I want to put it on record that it is frankly nonsense for us to come in today and sit in a room to take evidence from virtual witnesses, as we will do next week as well. There is no reason why evidence sittings, particularly, could not happen remotely. I have attended two meetings this week, including a meeting on Tuesday of the Defence Committee, which took evidence from witnesses virtually.

I understand that things are being done in this way at the insistence of the Leader of the House. I think he is hiding behind the usual channels having sorted it out. I want to put it on the record that that is not true and that objections have been raised by the official Opposition, certainly about evidence sittings being done in this way. If we are to travel long distances, as many of those present have, to get here today and next week, that flies in the face of the advice of not only the Government but Public Health England about moving between areas.

I do not know whether, at this late stage, we could at least consider whether next week’s evidence could be taken virtually, because it is a bit ironic that we are sitting in a room here—I accept your rulings about social distancing and so on, Mr Hollobone—and that the evidence that we shall listen to from the witnesses today and next week will be given virtually.

None Portrait The Chair
- Hansard -

Mr Jones, I note your remarks and know that many others will share your view. As the Chair of the Committee I can operate only under the rules that I have been given by the House.

Question put and agreed to.

Resolved,

That, subject to the discretion of the Chair, any written evidence received by the Committee shall be reported to the House for publication.—(Matt Warman.)

None Portrait The Chair
- Hansard -

Copies of written evidence that the Committee receives will be circulated to Members by email and made available here in the Committee Room.

Resolved,

That, at this and any subsequent meeting at which oral evidence is to be heard, the Committee shall sit in private until the witnesses are admitted.—(Matt Warman.)

None Portrait The Chair
- Hansard -

We will now go into private sitting.

11:34
The Committee deliberated in private.
Examination of Witnesses
Patrick Binchy, Derek McManus and Andrea Donà gave evidence.
11:34
None Portrait The Chair
- Hansard -

All our witnesses today will be giving evidence by video link. Before calling the first panel of witnesses, I should first like to remind all hon. Members that questions should be limited to matters within the scope of the Bill and that we must stick to the timings in the programme order that the Committee has just agreed. For this first panel, we have until 12.30 pm. Secondly, may I ask whether any hon. Members on the Committee wish to declare now any relevant interests in connection with this Bill?

I now call the first panel of witnesses: Patrick Binchy, technical services director at Three, Derek McManus, chief operating officer at O2 and Andrea Donà, UK head of networks at Vodafone. Would the witnesses please be kind enough to introduce themselves for the record?

Patrick Binchy: Good morning. I am Patrick Binchy, and I work for Three, as you said, as the technical services director. I do not know what happened previously, but we lost some degree of ability to hear what you were saying. I think it was Chi Onwurah who was talking, but we could not hear what she was saying, and then it went completely silent for about two minutes.

None Portrait The Chair
- Hansard -

Patrick, I think that was because we were in private session, deciding how we were going to conduct our affairs. You were not cut off out of any rudeness; it was simply that we were going through some procedural matters. May I ask Derek McManus to introduce himself, please?

Derek McManus: Good morning. My name is Derek McManus; I am the chief operating officer of O2 in the UK, and part of my responsibility is therefore network.

None Portrait The Chair
- Hansard -

Thank you. Andrea Donà?

Andrea Donà: Good morning, everyone. I am Andrea Donà; I head up networks for Vodafone UK. I would like to thank you all for inviting us today; I appreciate the opportunity to give evidence to the Committee.

None Portrait The Chair
- Hansard -

Q May I ask our witnesses whether they would like to make a short opening statement? It is not compulsory. Then we will go on to questions.

Patrick Binchy: Other than thanking you for the ability to represent the industry here, I do not have anything to add, thank you.

Derek McManus: I will add my thanks too. As I have said, my name is Derek McManus, chief operating officer. My teams run the network and the roll-out of 5G and maintain the security and integrity of the network. I am here to answer questions on the Bill and the impact from a business and operational perspective. The security Bill and associated diversification strategy need to be viewed as part of wider powers and requirements being introduced via the Telecommunications (Security) Bill.

The telecoms sector faces considerable costs—resources and time, among other things—in introducing new security measures in the Bill while removing HRVs from networks and looking into diversifying. A balanced approach that gives the sector time to implement the new measures in a cost-effective manner is essential if the Government want the same individuals and companies to develop and roll out ORAN while maintaining and building a secure network.

Andrea Donà: Vodafone accepts the UK Government’s policy on high-risk vendors and continues to work actively with the NCSC and the Government on maintaining the highest security standards in our network. We want to ensure that the objectives of the Bill are fulfilled. We also welcomed the Government’s recently published 5G diversification strategy and the policy framework that comes with it. The strategy sets out ways in which the Government plan to work with industry, and we very much welcome that. We also support the Government’s drive for higher minimum security standards in the telecoms network, and we are continuing to work with DCMS, the NCSC and Ofcom to ensure that all those relevant measures to protect our customers are implemented.

None Portrait The Chair
- Hansard -

Thank you. We have three superb witnesses from Three, O2 and Vodafone. I am now in the hands of Members.

Chi Onwurah Portrait Chi Onwurah (Newcastle upon Tyne Central) (Lab)
- Hansard - - - Excerpts

Q It is a pleasure to serve under your chairship, Mr Hollobone. I want to start by thanking, as well as the witnesses, the members of the Committee, the officials and the staff of the House, who in coming into Parliament during a pandemic are also taking risks, which we very much regret.

I should have mentioned, as an interest, that I spent 20 years working in the telecoms industry within four network operators and vendors, as well as Ofcom, the regulator. I also may know personally some of the witnesses.

None Portrait The Chair
- Hansard -

It sounds like you might be dangerously over-qualified to take part in this Committee.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

You make a very good point, Mr Hollobone. I am going to try to keep my engineering and technical interest as much to the back as possible.

I am the shadow Minister for digital, and I am leading for Labour on this Bill. I will focus on the costs of removing Huawei and the diversification strategy, and Opposition colleagues will be focusing on different areas. I thank you for your presence and expertise. I want to ask two somewhat related questions.

First, some have given estimates of the costs of removing Huawei from your networks, and I want to verify whether those are the most up-to-date estimates. I also want to know whether they include opportunity costs, and the time and resources from your boards and others in your organisations. Are they the full costs, if you like, of the removal of Huawei? How can we minimise the economic impact, in your view? Are there other significant costs associated with the Bill and the implementation of a new security framework?

Secondly, your mobile network procurement is currently made through what I will call full-service providers, such as Huawei, Ericsson and Nokia. They basically design and make a network, and provide it to you—I know it is not quite as simple as that. Do you think the removal of Huawei or the develop of open RAN will change that? Critically, is the Government’s diversification strategy likely to lead to the emergence of significant full-service suppliers that will compete head on with the remaining suppliers, Ericsson and Nokia? If not, what other measures should the Government consider taking? How best can the Government work with partners around the world to achieve their goals? That is quite a lot in two questions.

Patrick Binchy: There was quite a lot in those questions. I guess the first thing is that the costs are obviously commercially sensitive, and we cannot disclose them in a public environment, but we would be very happy to respond to any of the Members or the Committee in private to give the detail behind that. At a more generic level, there will, of course, be cost to the industry and to Three. We had selected Huawei to build our 5G network, and we have now selected a second vendor, Ericsson. We have to go through the process of mobilising Ericsson and removing the Huawei equipment, which has a cost to it and will have an impact.

In terms of the diversification of the market, there are really only two players in the UK market now. As you rightly point out, there are service as well as equipment capabilities within those suppliers. As we look for diversification, we need to diversify across all those aspects of the market. We are working with the Government, NCSC and DCMS in terms of how to approach that and how to build that. We will continue to support that as we go forward.

Derek McManus: We have similar commercial sensitivities on cost. You may or may not be aware that we are not indebted to Huawei. For our network, the cost of removing from the radio network is relatively small compared to some of our competitors. So, I will focus more on your second question, if that is okay.

You are absolutely right that we tend to buy end-to-end service in the current mobile environment. ORAN today is set up with a quite separate and different supply chain, with different companies specialising in software, different companies specialising in hardware and specialists doing the integration. It is likely to change the nature and relationship that we will have with supplies. ORAN is relatively immature in its development. As it is technically and commercially ready for scale deployment, that may well change. But we see today that the leaders in ORAN tend to be smaller companies specialising in the hardware or, more specifically, the software.

Andrea Donà: Very much like my colleagues, I am more than happy to write to the Committee in the future, once we have completed our procurement process, with the details on the cost for replacing our high-risk vendor. More specifically, when it comes to the diversification strategy and the role that open RAN has, we at Vodafone believe that the UK should seek to be a leader in open RAN. We are, indeed, leading the way, and have committed to swapping out 2,600 of our base stations to an open RAN technology.

In order to fulfil that ambition, the current timescales for removing the high-risk vendor equipment must remain unchanged. We need the stability and the time, as Derek rightly points out, to allow industry and Government to develop a diverse supply chain and allow the technology to mature, both in its functionality and its capability, as well as the possibility of scaling industrially. The legacy vendors have had a lot of time in the market to develop their competence. We need to support any new entrants in the open RAN space with appropriate investment incentives and a policy framework that attracts and supports new entrants in the open RAN space.

None Portrait The Chair
- Hansard -

Three Members have indicated that they would like to ask questions. We will take them in the following order: James Sunderland, Miriam Cates and Kevan Jones.

James Sunderland Portrait James Sunderland (Bracknell) (Con)
- Hansard - - - Excerpts

Q Gentlemen, good morning. Thank you for coming in. As a military man, you will forgive me for asking a very simple question. Are you satisfied that the framework of this Bill, as it currently stands, satisfies the full requirement for national security, and if not, why not?

Patrick Binchy: I think, initially, it is not for the industry to comment on and define national security and risk. That is for the Government. However, we absolutely support whatever is put in place beyond that. I think that this Bill, in the way that it is structured, very much helps with that, because not giving a definition, and the way that it will be able to include additional vendors and additional technologies, gives it the flexibility to move forward and to adapt to threats, whether they are technical or through suppliers in the future. In that way, it is well constructed.

Irrespective of the Bill itself, we work with the security bodies on a regular basis—on a day-to-day basis—and we continue to do that, to protect the British public from any and all security threats. And I would add that the UK is actually very well advanced in terms of protecting itself and its security posture.

Derek McManus: Similarly, I am the COO of a commercial organisation; I am really not best placed to answer that point specifically. But what I will say is that we run our business by security by design—it is a key part of the evolution of our network and all of our services. I believe that as an industry we are actively engaged with the security forces to deliver a good track record in terms of national security from telecoms. It is important that we continue to do that. Everyone who is connected closely to security knows that it constantly evolves as technology evolves, and the continued collaboration between the industry, the Government and the security forces is essential beyond the completion of the Bill.

Andrea Donà: Similarly to my colleagues, I am not in a position to comment on national security. What I would say is that Vodafone worked very closely with Government on how the Bill best enables us to secure our networks in practice. I think it is very important that we maintain a very close collaboration as we work in implementing the Bill.

We believe the Bill is sufficiently flexible for the Secretary of State and Ofcom to interpret the security threats and issue notices to providers to deal with them. Reviewing the legislation at regular intervals to assess its efficacy in the face of new technological challenges, and also in the light of new strategic aims by Government and that constant review involving the industry, will be very welcome for us. Our continual engagement will enable us to ensure that the new regulations can be enforced in practice effectively to achieve the scope of the Bill.

None Portrait The Chair
- Hansard -

Thank you. We will come to Miriam Cates next. Then, after Miriam, the order will be Kevan Jones, David Johnston, Christian Matheson, Dean Russell and James Wild.

Miriam Cates Portrait Miriam Cates (Penistone and Stocksbridge) (Con)
- Hansard - - - Excerpts

Q May I, too, pass on my thanks to the witnesses for appearing before us today? You have all referred to the significant financial costs to your organisations of removing the equipment from the high-risk vendors, but obviously, given the potential security implications, some are calling for the 2027 deadline to be brought forward. What would be the financial and logistical impacts of bringing forward the deadline on your organisations and your ability to operate? Would that be just too impossible—too difficult?

Patrick Binchy: In line with the previous answer, I cannot go through the specific commercials—they are commercially and competitively sensitive. But I would be happy to take such questions offline if you want to follow up on that.

Regarding the 2027 deadline, I think there is a balance here between UK connectivity and UK security. First and foremost, I would say that we have a security regime in place today. We use the Huawei cyber-security evaluation centre to check all of the technology that comes through Huawei and goes into UK networks, and we work closely with the security authorities to make sure that we are protecting the UK public today. We also have full visibility of any traffic that is transiting our network, either incoming or outgoing, so we are confident that we have the security in place today that is necessary.

In terms of achieving the 2027 timeline, that is a challenge. It is not going to be easy, because we need to balance that national connectivity against security and do it in a way that ensures that we continue to provide good-quality connectivity to the public.

There are a number of timelines within the legislation. We do not think the timeline for 2021 in terms of using equipment is a major issue. The 2023 35% cap and the 2027 are challenging, but we have plans in place. We have put our second vendor in place. They are already rolling our 5G network out in Manchester, Glasgow and Reading, and we are confident that we can meet those timelines and supply good-quality connectivity to the UK public.

Derek McManus: I think everybody, particularly in this environment, understands the immediate value of connectivity in the situation that we as UK society face. In terms of the opportunity for that connectivity to be part of economic growth as we evolve 5G and help build the economy, those are two of the competing challenges that we have to balance, while also removing HRVs and delivering diversification.

Yes, it is a matter of balancing costs in terms of investment, but we also have to recognise the customer disruption caused by removal of equipment. It is important that we maintain those other two key criteria—that important connectivity and that support to economic growth. By working together and taking the right balance, the Bill’s timescales are appropriate. I cannot, obviously, talk about the plans of individual businesses to meet the deadlines, but as an industry, I think it is appropriate.

Andrea Donà: At Vodafone, we believe that the Government’s decision to set a timeframe of 2027 truly reflects the complexity of what we have been asked to do. It is important that the deadline of 2027 does not change further. We need certainty and a fixed time plan so that we can plan for the future. Any further changes will disrupt our investment plans and will also cause undesired further disruption, as we attempt to accelerate a swap out that is, in itself, very complex, and will deliver inevitable disruption to our customers—the businesses and the public services. We are actively working with all the involved parties—the Government, Ofcom, NCSC and DCMS—to ensure that we minimise disruption. It is a complicated and difficult effort from a technology perspective, but also from the perspective of the practical implementation on the ground.

If the Government truly share our ambition to be a leader in digital infrastructure, we need to ensure that we give the high-risk vendor enough time to carry out the plans, under a very well-defined timescale and, as I said earlier, in parallel, allow the diversification agenda to grow, as well as the stability, to allow new entrants to come in and be a viable alternative to the incumbent high-risk vendor that we are swapping out.

None Portrait The Chair
- Hansard -

We will come on to Kevan Jones. Now I am getting the hang of this now, I do not think it is fair to always ask Patrick to be the first out of the blocks to answer the questions, so I will try to rotate so that everyone has a chance of going first.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q What is very clear from the first report from the National Cyber Security Centre is that existing Huawei equipment is a manageable risk. The only things that changed the Government’s stance were US sanctions on semiconductors for future equipment  and, added to that, a layer of—I think—lobbying on behalf of certain anti-China parts of the Conservative party to remove the equipment from day one. Personally, I think there is no justification to do that. However, as you said, that leaves you with just two vendors for hardware, and any new entrant would have to meet the conditions in the Bill. What do you think the Government mean by a diversification strategy, and what are the timescales for that?

Having met many of you at a previous Committee and taken evidence from you, it is clear that there is little profit to be made on the hardware side because we all want cheaper phone calls, and you obviously react to customer demand to try to get costs down. What are the realistic prospects of any UK-based company or other vendor coming into the hardware side? On open RAN, I accept that it is for the future, but what timescales are we talking about for that having an impact on how our telecoms networks are organised?

Derek McManus: On timescales for ORAN, I think we are very early in the evolution of that technology. There are trials in the UK, as there are in various markets across the world. In our view, it will be at least a couple of years before you have a viable technical and commercial product, focused initially on rural. To have diversification in a meaningful way, you have to have scale, and scale will take a number of years beyond that—I would say five to eight years to get a real, viable-scale vendor to challenge the two incumbents.

On your previous question about the likelihood of there being UK players in that market, the UK used to have a very healthy telecoms supply industry, which sadly over time has faded away. I think it is more likely that the UK could play in the software part of the future of radio, and particularly ORAN, than in the hardware part. I cannot see today a viable UK hardware provider. Actually, there are not that many UK telecoms suppliers around. But software is a bigger opportunity. Part of the diversification work that is going on with the industry and Government is looking at ways to encourage the inclusion of UK business in that emerging opportunity.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q So, for the conceivable future, we will be reliant on those two vendors: Nokia and Ericsson.

Derek McManus: Yes, and if you look at the scale of mobile growth, the fact that there are only two remaining viable competitors is an indication of how difficult it is to have competition in today’s marketplace. That is technical and, to meet the economic challenges, that requires scale, too. There are other providers in the marketplace, but only two provide the 2G, 3G, 4G and 5G capability that the current UK markets require.

Andrea Donà: To answer the specific question on timescales, Vodafone UK is pioneering the development of open RAN. We were the first operator to achieve a commercial open RAN solution, in August last year, having delivered the first commercial open RAN unit on the ground radiating and carrying traffic at the Royal Welsh showground. We recently developed and announced plans to deploy open RAN across 2,600 sites. It is a promising innovation, but it is not yet mature enough to match the traditional vendors in terms of functionality and efficiency on an industrial scale.

However, if the UK wants to lead in this field and take advantage of the existing advantage that it has when it comes to design, it should continue putting its weight behind this promising technology and allow partnerships to be formed, where the incumbent vendors are asked to play a role in the architecture of this new technology. That will allow other parts of the technology chain—as Derek said, software, the baseband or the antennas—to attract and welcome new entrants through appropriate policy frameworks and the diversification strategy.

With new entrants, as we open this technology, we fuel innovation. If the UK keeps ahead of that, it will be able to be at the forefront of exciting new innovation. We welcome the steps that were outlined by Government to try to press this technology ahead. You could do that through trials or through incentives for the MNOs to use their technology. We can work together to create local research and development centres to fuel this new technology.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q In the near term, it is not going to replace the hardware that we need at the moment, which the two vendors are providing. Are you talking specifically about open RAN, or are you talking about diversification or any strategy to develop a UK hardware supplier?

Andrea Donà: There is an opportunity for British companies to play an active role in the open RAN ecosystem. As we open up the interfaces of the technology, it creates a golden opportunity for British companies, with British support and know-how, to come and contribute to the development of this new technology.

Patrick Binchy: My views are broadly aligned with the previous answers. The reality of the situation that we find ourselves in is that there are only two practical vendors for the next couple of years. As both my colleagues have said, beyond that there is opportunity for ORAN.

I am not sure if it came across in the previous answers, but I would stress strongly that the first thing we need is the R&D. We need to understand how we can move this technology forward. As Derek said, trials are primarily operating in rural capacity, but to be a true competitor to the incumbents we have to be able to use it in deep urban areas, under significant loads, which needs a lot of development.

The Government can support trials and help build the ecosystem around them, but the first thing that we need is to get the research and development that will feed the trials. In terms of the Government’s development of opportunities in ORAN, it is key that they look at working with international partners. This has to be scaleable; otherwise, it is never going to be commercially viable.  The UK market will not be big enough to drive that scale and commerciality.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - - - Excerpts

Q It was widely reported that between 2009 and 2011, Vodafone found back-door vulnerabilities in equipment in Italy, and that you were assured by Huawei that they were being removed. You subsequently found that, in fact, they had not been removed. Do you have any concerns about back-door vulnerabilities in the equipment between now and 2027, and can you give us a sense of your management of that risk and what you do to try to make sure that there are not any?

Andrea Donà: Specifically on the incident you are referring to, which was in April 2019, it was a Telnet protocol, which is used by many vendors in the industry to perform diagnostic functions. It is important to note that it would have not been accessible from the internet. Detailed analysis showed that it was simply a failure to remove a function that is used, as I said, for performing diagnostics after it had been developed.

On the broader question of security and our concerns, we have always maintained the very highest level of security policies, security processes and security procurement mechanisms and frameworks. We use a layered approach to our security needs, whereby we secure by design. All our systems and process put in place guarantee the highest security standards, end to end. The UK networks and standards are the highest in the world. We constantly work hand in glove with the NCSC, and abide by all the latest NCSC guidance and policies to keep those minimum standards high every time. We have worked very closely with the NCSC to set up HCSEC, an ad hoc centre where any new Huawei equipment or software goes through rigorous checks, audits and assurances, in line and in close collaboration with NCSC.

Patrick Binchy: I do not have much to add to that. We are similarly aligned in terms of our processes, from procurement to deployment. We have security checks throughout, and separate functions to make sure that we are adhering to those. We work very closely with the NSCS and HCSEC in terms of the technologies that are in the network. Going forward, we will continue to do so. We will be reviewing the software and hardware versions that we have in place and ensuring that those are fully checked and validated. As I said earlier, we also have a full, independent view of the traffic traversing our network, so if something untoward were to start happening, we would immediately have a view of it, and would be able to shut it down independently.

Derek McManus: As I said earlier, we do not have sufficient numbers in the UK. We have fewer than 10 Huawei base stations, so although we perform all the necessary checks, we are not exposed on the scale of others in the market.

None Portrait The Chair
- Hansard -

I propose drawing this part of our deliberations to a close at 12.30 pm. We have five Members seeking to ask questions. If our panellists keep each of their answers to one minute, we will get everybody in—and we will get all the answers as well. I call Christian Matheson.

Christian Matheson Portrait Christian Matheson (City of Chester) (Lab)
- Hansard - - - Excerpts

Q Thank you, Mr Hollobone. In that case, I might take liberties and squeeze two questions into one.

Gentlemen, can I assume that you have done an audit—an asset register, if you like—and that you know where all the at-risk equipment is in your networks, so that once the Government push through an order, you know exactly where to go to address the requirements of that order? How interconnected are your networks? Are you as confident as Mr McManus, who says that the integrity is fairly good? Do you all rely on each other to maintain an overall integrity? What if one is insecure ?

Patrick Binchy: Of course, the networks are interconnected. As I said, we have full visibility and control of what transverses between the networks, so we can maintain full control over that. I do not think there are any significant risks in this space, because of all the security checks that we do on the equipment that comes into the network. We maintain a regular relationship with NCSC in terms of any future threats or concerns that it has. We all have our asset registers, and an understanding of what we have in our networks. We maintain and update those on an ongoing basis as the technology changes and evolves.

Christian Matheson Portrait Christian Matheson
- Hansard - - - Excerpts

Q So you know where all the dodgy stuff would be, if you were asked to find it.

Patrick Binchy: We know where all the equipment is for our main supplier, yes.

Derek McManus: On the question on the asset register, absolutely. As for whether networks are interconnected, Patrick gave a good answer. The O2 and Vodafone networks are somewhat different, in that we work together on a network share; the O2 team manages and maintains a network in a certain geography, and the Vodafone team manages and maintains a physical network in another geography. In that sense, the O2 and Vodafone networks are very interconnected.

Andrea Donà: It is vital that the secondary legislation that accompanies the Bill clarifies assets in the telecoms network architecture that will be in scope of the security requirement, so that we can work knowing what we have audited, and knowing that the auditors always shared with NCSC. We need a clear understanding between Ofcom and us as providers before the legislation is enforced, so that we understand exactly the boundaries and the scope, and we all work together, having done the audits, to close any vulnerabilities that we might have. That is a clear aspect of our working together: ensuring that the assets in the telecoms network infrastructure that are in scope are very well defined.

Dean Russell Portrait Dean Russell (Watford) (Con)
- Hansard - - - Excerpts

Q Can you describe in layman’s terms the types of security threats that your organisations face, and how the security framework would address those?

Derek McManus: There are a number of different security threats. I will talk about network from a physical point of view, though there are obviously also scams and threats through direct human contact. It is mostly penetration of the physical network either from attack or from virus software. Attack is where foreign agencies or bodies look for vulnerabilities or holes in your defences. The role of the telecoms operator is to ensure that all its physical equipment and software are of the highest support and variation that defends from attack. We see quite a high volume of attack, either DDoS or penetration, on a regular basis. As I said, we do cyber-security by design. It is built into the fundamental processes of expanding and adding to our network, to protect us from those very things.

Andrea Donà: To add to what Derek says, it is also important that Government play a role in securing the additional security needs across the whole ecosystem of the supply chain, including the vendors. With the ever-changing nature of the threats we are exposed to, as Derek explained in layman’s terms, we have to change the protocols and the rules by which we and our vendors implement our defence mechanisms.

It is important that the Government do not leave providers such as us alone to reinforce these additional minimum security standards; they should play an active role in ensuring that vendors adapt their technology road map, so that things are done in a much more future-ready, cyber-security-compliant manner, because we face an ever-changing picture and ever-changing scenarios.

Patrick Binchy: In terms of the threats and penetration, as Derek said, the key things are that they get into the networks, either to bring the networks down and create chaos for the UK economy, or to extract information from the networks. All our security, as both my colleagues have said, is built into design, right from the very start of the procurement process. How do we protect against, and build networks that are able to detect, avoid and block, any of those risks and threats? We do that through our knowledge, the knowledge of NCSC and the authorities, and the knowledge of the wider industry on what is going on beyond the UK and in the international regime. We are constantly reviewing and updating our capability to protect against any of those threats.

None Portrait The Chair
- Hansard -

Gentlemen, we are right up against the clock. We have seven minutes left. Your answers are superb, but they need to be pithy, because we have three sets of questions coming and we need to get the answers in, and I am afraid that 12.30 pm is a hard cut-off; I am not allowed to extend beyond that.

James Wild Portrait James Wild (North West Norfolk) (Con)
- Hansard - - - Excerpts

Q Hopefully my question has a simple yes-or-no answer. The Bill enables the Secretary of State to issue directions to telcos not to use a designated vendor’s equipment. Does that provide the legal certainty that you need—a direction based on national security—to deal with any contractual issues you might have with those suppliers?

Patrick Binchy: I do not think it is quite as simple as yes or no; there are some challenges in how those rules and laws are articulated, and whether that allows us to move away from our commercial obligations. Of course we work with NCSC, and so far, what is in place is fully aligned with the direction taken by the Government and the Bill, so in this case, we believe it is sufficient.

Derek McManus: I refer you to Patrick’s answer. I have nothing specific to add.  It depends on the circumstances. We continue to collaborate, and to speak with the authorities to ensure that we align with current and future needs, from a security point of view.

Andrea Donà: We will abide by the requirements.

None Portrait The Chair
- Hansard -

Superb—textbook answers.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q I ask these questions on behalf of Catherine West. Vodafone runs networks across Europe, and so does Three, whose owner is headquartered in Hong Kong, and O2, which is owned by Telefónica. Does the Bill duplicate or reflect legislation that you have seen elsewhere in your operations? What international comparisons are you aware of? Also, we have talked about standards being a key part of international collaboration. How many people, or what presence, do you have on international standards bodies?

Derek McManus: Basically, we have not seen anything directly like the UK legislation, although various forms of it can be seen internationally. The second question was on standards. We operate in 23 countries, and as you can imagine, their standards are key to us. We hold a lot of expertise, from a Telefónica group point of view, that the UK team is able to rely on and work with to ensure that we are at the very edge of developing the right standard.

Andrea Donà: As the Government plan to take a lead in enhancing the minimum security requirements, and in diversifying their telecoms strategy, we as a global company are happy to support the standard setting, and to advise on the practical implementation of the additional security requirements.

Patrick Binchy: I refer to Derek’s answer. We have a very similar position with regard to the UK legislation: we have not seen quite the same in the other countries. On standards, we play an active role, and we have a number of UK staff who act actively in standards setting.

Matt Warman Portrait The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport (Matt Warman)
- Hansard - - - Excerpts

Q Thank you to all of you for your engagement today and with the Government up to this point. Given the time, I have one, simple question. The Bill is setting up a new telecoms security framework to enhance network security. How confident are you that you will be able to comply with that in full, and what else would you like to see from the Government to enable you to do that?

Andrea Donà: We need the clarification that I mentioned of what is, and what is not, in scope, so that we have absolute clarity from the word go. We all work together to understand the profile of that implementation. It cannot be a big bang—everything complying from day one. We obviously need to do a detailed risk assessment of the areas that we need to work on immediately on the Bill’s coming into force, and of what can afford to be done at a secondary stage, based on the risk assessment and the risk management analysis of the various assets in our network.

Derek McManus: As I said in my opening remarks, collaboration to date on getting the Bill to this stage has been positive. We should continue that. My request is for flexibility to help us execute effectively, while balancing the other demands on the industry.

None Portrait The Chair
- Hansard -

You have 30 seconds, I am afraid, Patrick Binchy.

Patrick Binchy: Again, very similarly, we have to balance good connectivity with security. We are confident that our plans will meet the needs, but we will continue to work with Government and security on how we achieve and deliver that. It will be challenging, but we are confident that we can do it.

None Portrait The Chair
- Hansard -

Order. I am afraid that brings us to the end of the time allotted for the Committee to ask questions. On behalf of the Committee, I thank all our witnesses very much indeed for their evidence this morning.

Examination of Witnesses

Howard Watson and Alex Towers gave evidence.

12:30
None Portrait The Chair
- Hansard -

Q We now move on to our second panel, which consists of Howard Watson, chief technology officer, and Alex Towers, group policy and public affairs director, both from BT Group. We have until 1 o’clock for this session. Would our two witnesses please kindly introduce themselves for the record and make a brief opening statement?

Howard Watson: Good afternoon, Mr Chairman. My name is Howard Watson, and I am BT Group’s chief technology officer.

We at BT support the principles of the Bill. We echo what the other operators have said—I have just listened in to the previous session—about the importance of having realistic timeframes, and we are pleased that the Government have listened on that. We have some outstanding questions, but they are pretty much about the detail of the implementation of the Bill. There is also need for some further reassurance about the proportionality across the rich landscape of operators that we have in the UK in how that regulation will be applied.

Alex Towers: Hello, my name is Alex Towers and I am director of policy and public affairs at BT Group. I have not really got anything to add to Howard’s opening statement. I think that covers it.

None Portrait The Chair
- Hansard -

Lovely. I am now in the hands of Members. I am very happy to give preference to Members who did not ask a question in the previous session. First out of the blocks is Sara Britcliffe.

Sara Britcliffe Portrait Sara Britcliffe (Hyndburn) (Con)
- Hansard - - - Excerpts

Q Thank you, Chair. It is just a quick one. What are the most pressing threats facing public telecoms networks, and how does this Bill address them?

Howard Watson: I note that some of this was answered by my colleagues earlier. Threats to the network include physical access. We all saw earlier this year a lot of attacks on our physical infrastructure, which were highly regrettable. I mean by that the setting alight of some of our infrastructure. We also faced logical threats, such as malware implants, DDoS attacks and what are called advanced persistent threats, which is an actor embedding themself into parts of the environment, staying hidden for a while and potentially collecting credentials—think of the SolarWinds hack that is in the news at the moment.

We take all those threats extremely seriously at BT. For as long as we have operated, we have worked very closely with all aspects of Government, and in particular with the National Cyber Security Centre. We take a sort of defence in depth approach. We have a red team who are ethically hacking us, and we are part of the TBEST scheme.

We think that the UK has a good track record here, but we also welcome the strengthening of that in the Bill. We think that some of the specific items about protecting even more against potential insider threat, looking hard at the vendors we use in the supply chain and having specific rigour about that, and the reporting mechanisms and requirements in the Bill, specifically around telecoms security requirements, will enhance that for all operators in the UK.

Alex Towers: I do not have much to add to that, except to say that, as Howard says, lots of the attention in the debate in the run-up to this Bill has been focused on a small number of very specific, clearly high-risk vendors. It is right that we take steps to protect ourselves around them, but just as important in the Bill will be the telecoms security requirements that stretch well beyond those specific vendors into all manner of aspects in which operators run their networks. Putting those two things together will be important.

None Portrait The Chair
- Hansard -

Thank you. The running order is Dean Russell, Miriam Cates, Kevan Jones, Christian Matheson and Chi Onwurah.

Dean Russell Portrait Dean Russell
- Hansard - - - Excerpts

Q Thank you, Chair. I would like to understand more how the diversification strategy that accompanies this Bill will benefit you as an organisation and the public.

Alex Towers: I think we see long term that diversification of vendors would be good for the operators in the marketplace if we can get to that point. It is important to say, I suppose, as the other operators were doing earlier on, that we are not at that point right now, so we are having to manage a situation where with the market as it stands we have a small number of very large-scale, important vendors and suppliers and we are having to remove one of them, clearly, from the 5G marketplace. That creates a degree of complexity and engineering difficulty that we need to just work our way through; so there is a lot of work to do just to manage within the current market framework to replace Huawei and to bring Nokia and Ericsson to the point we want. While we are doing that, if we can at the same time create the prospects of, in the longer term, a more open marketplace with a wider range of vendors—with other-scale vendors that do not quite work at the minute in the UK market, and Howard could probably explain exactly why that is, as well as with the potential for open RAN and other types of technology and software-based models to be developed—that is good for the whole industry and could be good for UK jobs and potential UK companies and therefore also for the citizen.

Howard Watson: I certainly welcome the Government’s supply chain diversification initiative here. It is concerning that we are moving from, essentially, three suppliers in the mobile supply chain down to only two. Our network going forward will use both of those. So widening that choice over time, for all the operators in the UK, is I think a critical opportunity. Please bear in mind that most operators quite like to have a primary source and a second source. It is unlikely that we will all start deploying equipment from four or five different vendors, because the operational challenge of the person in the van maintaining that tends to limit you to a choice of two; but being able to choose two from six is a lot better than choosing two from two, of course.

We welcome the three initiatives, which I will summarise. The first is whether we can we encourage Samsung, NEC and other large vendors who build mobile networks elsewhere to enter the UK market. The second is open RAN and it really just creates through more open standards the ability to have more players in that end-to-end solution. The third area really is to have a thriving research agenda for the UK. We really welcome the £250 million allocated in the recent spending review. We already have a thriving research capability in the UK and I think continuing to focus that on antenna design, optoelectronics and semiconductors will have a role to play in diversification going forward.

Miriam Cates Portrait Miriam Cates
- Hansard - - - Excerpts

Q You have said in your written evidence that you fully support the objectives of the Bill, to improve security in the networks, but 20 years ago we could not possibly have anticipated the kind of threats that we face today, so it is safe to assume that we cannot perceive the kind of threats that we will face in the future. Do you think that the Bill is wide-ranging and flexible enough for the Government to be able to respond to future threats and, if not, what could be done to make it more future-proof?

Howard Watson: I actually think the structure of the Bill accommodates that quite well. It allows secondary legislation and guidelines to be upgraded. We note the critical role of the National Cyber Security Centre working with Government in doing that. I think, actually, you have taken care of that well with the way the Bill is structured.

Alex Towers: Yes, I would completely agree with that. I suppose our concern, slightly, at the minute, is to see some of the detail that is going to sit underneath the Bill in terms of a code of practice, in particular, and secondary legislation, because that is where it will become clear exactly what the implications are for operators. The sooner we can see some of that detail and get into the teeth of that, that would be great; but the way the Bill is structured, to allow that sort of detail to be updated on a regular basis as the world changes around us, seems totally sensible.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q The debate to date has mainly been around hardware, but you raised the issue—the bigger threat, certainly that I see, is from hacking and the vulnerability there. In terms of diversification, to be honest, we will have two vendors for the next considerable time, so when we talk about the diversification strategy and getting new vendors into the market, what timescales are we looking at? Are we actually putting all our eggs into the open RAN basket? I agree that there is the possibility of advancing that sector in the UK. Realistically, we will have those two, one of which, we know, is financially vulnerable. What difference would having just one vendor make to you?

Howard Watson: Let me work through that. First, from our perspective, given that we do have quite a large amount of BT in our mobile network, which is with the high-risk vendor, we have a large swap-out programme already under way. Effectively, we already use Nokia to extend their reach, but also to introduce Ericsson. That essentially means that I will be replacing a significant amount of my network over the next seven years.

It is quite difficult for me to start introducing new opportunities and new options into that, certainly in the early part of that. For my network, I see the opportunities in the latter part of this decade, not the early part. That does not mean that there will not be opportunities to try open RAN in some of the rural areas or to conduct some trials with the other vendors that we have talked about. It is very much an industry approach that we are taking here. Some of my colleagues may be able to move a bit earlier. It is important that we collaborate and work as a UK set of operators with the Government to make sure that we have the right rich set of solutions.

We would not want to come down to just one vendor. That would certainly be a worry for many reasons, so we need to continue to ensure that, in the short term, we absolutely have the choice of two.

Alex Towers: Given the timeframes that Howard has described, it is a five to seven-year cycle of replacement for the vendor. That is why it makes sense, we think, to go big now on large-scale trials of things like open RAN. The important investment in R&D and the £250 million is a good step towards that, but we will probably need some more, because we need to be ready for the next cycle if it is going to be a workable solution in future.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q Thanks very much for joining us. We have heard that open RAN will not be mature for another eight years. Do you agree with that assessment? In that case, as you have outlined, we have two vendors and potential financial concerns about one. Can you say categorically whether it is possible to have network security with only one full-scale vendor to choose from and whether it is possible to have that with two?

Secondly, we heard from Sir Richard Dearlove, the previous head of MI5, that when Huawei was first used as a vendor or equipment supplier by BT, it was not considered worth informing Ministers of that fact, despite what he considered to be evident security concerns. Can you say what in the Bill changes that so that the Government of the day will be better aware of ongoing and future security concerns?

Thirdly, on behalf of Catherine West, on international collaboration, what presence do you have on standards bodies? Can you say what your budget is for research and development so that we can see how that compares with the £250 million on offer?



Alex Towers: I will defer to Howard on the questions about standards and technical details. On your point about the relationship with Government, I do not think that any of us were around in 2005, but I know that there is some sort of contested story about exactly who was told what about the introduction of Huawei. You would—[Inaudible.] We have moved a long way on that. We have a very close working relationship with the NCSC and with other parts of Government, and we would be very confident that we are constantly in contact with them about exactly the mix of suppliers that we are using. The introduction through the Bill of TSRs will take that even further, so we would be very confident that we have got a good enough structure there to ensure that any concerns that any part of Government had would be captured and dealt with, and Ofcom is also now in a position to regulate.

The question about relying on just the one supplier is less a concern about security and more one about the commercial resilience of that position. Howard can probably say a little bit more about the standards and the technical questions around that.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q Do you not think resilience is part of security? Is a network secure if it is not resilient?

Alex Towers: I think they overlap and that is one of our questions about the drafting of the Bill. There is clearly a relationship between those two things, and the concern about the timeframes for the removal of Huawei, for example, has been partly about ensuring that we have operational resilience during what is going to be a very complicated engineering programme to take out all its kit without losing resilience, in the sense of outages and blackouts for customers. Some of the Bill’s provisions talk about outages, but there is a difference between outages for operational maintenance and updating of kit and outages because of a security issue or attack. It is going to be quite important to pull those threads apart a little bit.

Howard Watson: On the vendor point, to summarise the approach that we are taking, we stopped purchase at the end of December, we will stop deployment in September of this year, we get down to 35% by two years hence from the end of next week, and then we have it removed from the mobile network by December 2027. I think that timeframe works well for us with introducing effectively a third supplier into our mobile network in terms of that 2027 point. It certainly helps mitigate any future steps in terms of a two-to-one.

I would not bank on it taking a full eight years to have an open RAN opportunity. As we heard from Andrea, colleagues at Vodafone have already started deployment . The real challenge there is about being able to use open RAN in dense urban areas where the technology works at its hardest, shall we say.

On your final question about research, we are in the top five investors in R&D in the UK—we invest in excess of £500 million a year across both research and development. In fact, the only companies that research more than us in the UK are the pharmaceuticals. I have 280 researchers based in the BT labs at Adastral Park near Ipswich and they, plus a standards organisation —we also draw in from engineers across my organisation—remain really actively involved in the standards bodies. I welcome what colleagues from the other operators say and think it is really important that we maintain that as a UK presence and as a European presence to ensure that we are not lost in the middle of any risk of divergence between the US and eastern and Asian countries and China. I would implore us all to work hard to ensure that that does not happen.

Matt Warman Portrait Matt Warman
- Hansard - - - Excerpts

Q Thank you to BT for your engagement thus far. I have two questions. The first is the same question I asked the other operators and is about the telecoms security framework. How confident are you that you will be able to comply with all the strictures in that? Secondly, to develop one of the questions that you have just answered, 2027 is very much a deadline and not a target. It is important that we hear more about your ability to meet that target. How taxing is that? How do you plan to make sure that everything you do can encourage the presence of a third—or more—vendor over the time we have between now and then?

Howard Watson: Let me take the final part of that question first, Minister. We are very much aware that that is a deadline, not a target, but we welcome the fact that the deadline is 2027. I have given evidence previously and have talked with Government significantly about the real risks to the availability of service if we pull that date forward.

We have a lot of infrastructure. That deadline allows us to plan carefully how we can switch off a site, if we have to, to replace it and swap it out, so that the spike has overlapping coverage from adjacent sites. Were we to be required to bring those timescales forward, we would be talking about mobile blackouts in the UK, which clearly we all want to avoid, given the increasing dependence of UK citizens on networks. We have a plan that gets us to that. The 35% by 28 January 2023, just two years away, is a little bit more challenging, but we have a plan to get us there. The pandemic is making that challenging, but right now we are on track for that too. I think that answers the second question.

In answer to your first question, the ambition that we have, and what will become requirements across the TSRs, will put the UK ahead of the pack, in being a safe place for people to work and run businesses, secure in the knowledge that we have a high level of protection against cyber-threats. We welcome that, particularly in the environment in which we are now operating.

We have remaining questions—we raised some of those in our written evidence—about the sequence by which the requirements will be applied. We think it is critically important that there is a strong baseline level of compliance that applies to everybody who operates a network in the UK. We do not want to have entry points through weak links across our environment.

Alex Towers: A large majority of what is in the TSRs reflects current best practice and we are already complying with it. There are some places where there is a stretch for us to do more, which is good. The key point, I suppose, concerns Howard’s point about making sure that the baseline for all operators is higher and strong enough, given that these are inter-connected network, as you have already heard this morning. The whole edifice is only as strong as its weakest point. We are concerned about the idea that the code of practice might not apply to some operators, for example. That is the sort of detail that we will begin to see debated further as the Bill goes through.

None Portrait The Chair
- Hansard -

Are there any further questions from Members?

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q I was interested in what you said about the weakest link for networks. I agree wholeheartedly with that. What are your thoughts on fixed networks? While the Government are consulting on fixed networks, apparently they are not minded to require the removal of high-risk vendors from existing fixed networks. You have Huawei in your fibre-to-the-cabinet network. Do you agree with that? Do you think that there is a reduced risk in the existing fixed network? Do you intend to remove high-risk vendors—that is, Huawei—from existing full-fibre build? Do you think that presents a security risk?

Howard Watson: We do believe that fixed networks, whether full-fibre or fibre-to-the-cabinet, have a different risk profile—a lower risk profile—from mobile networks. Please remember that it is only in the access part of the network, so the fibre—the device in the exchange that connects to that. In the core of the fixed network, we have no presence of high-risk vendors. So we do believe that is manageable. We worked really closely with DCMS and NCSC to arrive at the 35% threshold that was published a year ago, and we think maintaining that in the fixed network is proportionate and sufficient to ensure security there, combined with the oversight that, again, we continue to support from the HCSEC and NCSC to ensure that we are inspecting everything that goes into the network.

I will also say that it is essential that we do take that approach because, as you know, we have large ambitions to increase full-fibre coverage in the UK. Ofcom reported in December that that was now at 18%. We at BT have now built for 3.5 million homes. We have a plan, which we have talked about—this is with the right conditions—to get to 20 million. We do need that 35% to be part of that plan because, again, introducing alternative vendors is challenging.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q Can you say why the risk profile is different for fixed as opposed to mobile?

Howard Watson: Fundamentally, you are dealing with a customer that is a fixed end point, so you are not having to provide handover between different sites as you do in mobile. Essentially, we are taking an electrical signal, modulating it into optical and converting it back to electrical at the other end, in very standard ethernet-based protocols. It is therefore really easy to see if there is a problem, so if something was infiltrating the network, we would spot it very quickly. Also, it is a very segmented network. The FTTC network has a granularity of over 85,000 cabinets in the UK, and the FTTP network has splitters for every 32 homes. Any issues are very easy to spot and so it is much easier to keep secure.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q Finally, with regard to having only two vendors for the mobile network for a number of years, can I ask two questions? I think that there has been a little discussion about resilience versus security, but if you are dependent on two vendors, one goes down and you are dependent on the other, would you say that that network was still secure? And is an increase in prices for equipment likely to accompany the reduction in the number of vendors available?

None Portrait The Chair
- Hansard -

I am afraid you have only about a minute to respond. Which of you gentlemen would like to answer?

Howard Watson: I will take that. You are right. We want two vendors to be consistently in the market, so that we can continue to deploy. If one of them were to fail—well, we insist on commercial and physical measures being in place such that we could step in and run the equipment that was already in the network, so it would not be switched off in the short term or anything like that; there would be no immediate threat to the existing network. It is the ability to build forward that is important.

As I think Alex mentioned earlier, the primary reason, which relates to the second part of your question, is that we want competition on pricing. As we have looked to have the two remaining vendors compete with each other for replacement of our Huawei estate, that has actually worked quite well as we have put in place contracts for that replacement.

None Portrait The Chair
- Hansard -

Gentlemen, I am afraid we have reached the limit of our own bandwidth this morning. That brings us to the end of the time allotted for the Committee to ask questions. I thank both gentlemen for their evidence. The Committee will next meet in this room at 2 o’clock this afternoon to take further evidence. Members will be delighted to know that they will have a far more accomplished and competent Chairman present.

Ordered, That further consideration be now adjourned. —(Maria Caulfield.)

13:00
Adjourned till this day at Two o’clock.

Telecommunications (Security) Bill (Second sitting)

Committee stage & Committee Debate: 2nd sitting: House of Commons
Thursday 14th January 2021

(3 years, 2 months ago)

Public Bill Committees
Read Full debate Telecommunications (Security) Act 2021 Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 14 January 2021 - (14 Jan 2021)
The Committee consisted of the following Members:
Chairs: Mr Philip Hollobone, † Steve McCabe
† Britcliffe, Sara (Hyndburn) (Con)
† Cates, Miriam (Penistone and Stocksbridge) (Con)
† Caulfield, Maria (Lewes) (Con)
Clark, Feryal (Enfield North) (Lab)
Crawley, Angela (Lanark and Hamilton East) (SNP)
† Johnston, David (Wantage) (Con)
† Jones, Mr Kevan (North Durham) (Lab)
† Lamont, John (Berwickshire, Roxburgh and Selkirk) (Con)
† Matheson, Christian (City of Chester) (Lab)
† Onwurah, Chi (Newcastle upon Tyne Central) (Lab)
† Richardson, Angela (Guildford) (Con)
† Russell, Dean (Watford) (Con)
† Sunderland, James (Bracknell) (Con)
Thomson, Richard (Gordon) (SNP)
† Warman, Matt (Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport)
West, Catherine (Hornsey and Wood Green) (Lab)
† Wild, James (North West Norfolk) (Con)
Sarah Thatcher, Huw Yardley, Committee Clerks
† attended the Committee
Witnesses
Hamish MacLeod, Director, Mobile UK
Matthew Evans, Director, Market Programmes, TechUK
Stefano Cantarelli, Global Chief Marketing Officer, Mavenir
John Baker, Head of RAN Business Development, Mavenir
Pardeep Kohli, CEO, Mavenir
Chris Jackson, President and CEO, NEC Europe Ltd.
Julius Robson, Chief Strategy Officer, Small Cell Forum
Dr Louise Bennett, Director, Digital Policy Alliance
Dr Scott Steedman CBE, Director of Standards, British Standards Institute
Charles Parton, Royal United Services Institute
Public Bill Committee
Thursday 14 January 2021
(Afternoon)
[Steve McCabe in the Chair]
Telecommunications (Security) Bill
Examination of Witnesses
Hamish MacLeod and Matthew Evans gave evidence.
14:00
None Portrait The Chair
- Hansard -

Order. We will now hear from Hamish MacLeod, the director of Mobile UK, and Matthew Evans, the director of market programmes at techUK. We have until 2.45 pm for this session, and I will try to alternate as best I can. May I ask the witnesses in turn to introduce themselves for the record?

Hamish MacLeod: I am Hamish MacLeod, and I am the director of Mobile UK, which is the trade body for the UK’s four mobile network operators.

Matthew Evans: My name is Matthew Evans, and I am director of markets at techUK, the trade association for the wider technology sector, which has several telecom-related members.

None Portrait The Chair
- Hansard -

Who would like to have the first question?

James Sunderland Portrait James Sunderland (Bracknell) (Con)
- Hansard - - - Excerpts

Q26 Gentlemen, good afternoon to you and thank you for coming in. A very quick and easy question: how do the challenges of maintaining security in a mobile network differ perhaps from those of a fixed network?

Matthew Evans: I am happy to take that question. From the principle point of view, the principles of cyber-security are the same regardless of the network: having security built in by design, but also having a zero-trust principle and good assurance that your defences are looking inwards as well as outwards. On a principle basis, they are very similar.

Hamish MacLeod: I have nothing to add to what Matt said.

None Portrait The Chair
- Hansard -

Thank you. Who is next?

Dean Russell Portrait Dean Russell (Watford) (Con)
- Hansard - - - Excerpts

Q I would be interested to know whether you agree that strengthening the UK’s telecom security through this Bill is important as we continue to roll out the gigabit connectivity.

Matthew Evans: I am happy to take that as well. We completely agree with the overall objective of the Bill, which we think provides clarity to the sector and helps us to further enhance the security and resilience of the UK’s telecommunication networks. Obviously, as more and more services and applications are used over our fixed and mobile networks, ensuring their security and resilience is incredibly important. That is why we are pleased to welcome the Bill and the associated diversification strategy alongside it, which is obviously separate to the Bill but intrinsic to matters of resilience as we seek to broaden the supply chain.

Hamish MacLeod: I should perhaps reiterate what my colleague said this morning—that the mobile sector very much welcomes the Bill. Security has always been a top priority for mobile operators. We have always worked closed closely with the National Cyber Security Centre, but this is a great opportunity to formalise the arrangements and to make them more structured and transparent.

None Portrait The Chair
- Hansard -

Chi Onwurah, did I detect that you were going to ask questions on behalf of Catherine West?

Chi Onwurah Portrait Chi Onwurah (Newcastle upon Tyne Central) (Lab)
- Hansard - - - Excerpts

Q Thank you, Mr McCabe. I was going to ask on behalf of my colleague, Catherine West, who cannot be here because we have chosen to sit physically rather than remotely. [Interruption.] It has been decided that we will sit physically. Her question is about international comparisons. Are you aware of what is happening with other countries’ security frameworks in addressing Huawei and high-risk vendors? Are you aware of any international comparisons?

Matthew Evans: From techUK’s point of view, obviously our members—you heard from some of them this morning, and you have more this afternoon—operate across a number of different territories. We seem to be the furthest, or the most advanced, in bringing into place quite a holistic security regime. That is in the first half of the Bill. Obviously, the conversation about high-risk vendors is prevalent in other areas, but I would say that in terms of bringing in a regime that covers the entire telecoms sector, this seems to be a world-leading initiative.

Hamish MacLeod: Chi, I am certainly aware of what other countries are doing as regards high-risk vendors. The operators absolutely accept the Government’s policy and the 2027 timeline. The important thing now is to stick to that timeline, because it allows not only for an orderly removal of the HRV equipment, but for alternatives to develop and emerge as viable competitors to the remaining companies.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q So, what are other countries doing that you are aware of?

Hamish MacLeod: The States, New Zealand and Australia have all excluded Huawei, among others. We could supply you with a full list if that is needed.

Miriam Cates Portrait Miriam Cates (Penistone and Stocksbridge) (Con)
- Hansard - - - Excerpts

Q The Government’s diversification strategy goes alongside the Bill. Obviously, the principle driver of the diversification is security reasons, but it will also open up the networks to smaller operators—I imagine, Matthew, many of your members are much smaller companies. Do you think that it will have a positive effect on the sector, in that sense, and are there any other barriers to entry for the smaller tech companies that you can identify and that could be addressed in the Bill?

Matthew Evans: Thank you for that question. As I said at the start, we welcome the Government’s diversification strategy. It looks to tackle four issues, really, which are supporting incumbent suppliers to the UK market; attracting other global-scale suppliers; accelerating open interfaces and interoperability; and then the fourth area, which we could probably do with more detail on, which is really building on that domestic capability. I know that the taskforce that helped Government to frame the strategy is working on that aspect of it. As I say, I think we could do with some more detail.

However, we welcome the funding that has come alongside that strategy, and I think that we have a real opportunity in the UK in some of the areas where we have traditional strengths, in the software side in particular, to build some world-leading capability. As for the Bill itself, I do not think that it necessarily presents a barrier to that domestic capability; it is more in how we develop the strategy that sits alongside the Bill.

Hamish MacLeod: Just to add to what Matt said, yes, we very much welcome the diversification strategy. It is an absolutely necessary step to mitigate the risks of having to rely on two incumbents. It gives the UK an opportunity to have a leadership role in the development of exciting new technologies, such as open RAN, and, as Matt said, to grow the supplier base in the UK in the mobile sector.

Kevan Jones Portrait Mr Kevan Jones (North Durham) (Lab)
- Hansard - - - Excerpts

Q I think we have heard from the witnesses here now and from other operators that the 2027 deadline is important, in terms of not changing. We hear a lot about diversification, but let us be honest: we are going to have to have two vendors up until 2027 and possibly for a long time after. That is because, regarding the investment decisions taken by mobile phone operators, they are clearly not going to put kit in and then suddenly take it out post-2027. So, being realistic about the diversification strategy, which I support in terms of its ambitions, in practical terms—in terms of influencing what is in our telecoms—it is going to be a long way off yet, is it not?

Hamish MacLeod: Yes. As I just said, the 2027 deadline is very important, because that will give time for realistic competitive alternatives to develop. The open RAN is being deployed in the UK in sort of rural areas and in the less high-performance environments, and that will change over time. The investments that this diversification strategy talks about in research and development will help to develop open RAN, and also in the test bed programmes. All these things will help to build the capability of alternative vendors.

Matthew Evans: Just to add to Hamish’s answer, there is a reason that we have a relatively constricted number of scale providers for telecoms, and it is the level of R&D required—that is the risk associated with each generation of technology if it is not taken up on a global scale by operators. To be realistic, we are likely to be focused around two incumbent vendors in the short term.

I think that what the diversification strategy sets out, though, and in fairness it is a strategy and not a complete plan, is a path to open up the UK market to those scale providers who at the moment do not participate in it. That is through trying to reduce the commercial and regulatory barriers that we face, such as on spectrum defragmentation and on providing a single RAN solution —at the moment in the UK, there are obviously 2G, 3G, 4G and 5G. But it also then opens up the possibility of greater use of technologies such as open RAN, which really breaks away from that proprietary architecture, whereby we have both the hardware and the software from the same provider.

That will be a challenge in the short term, but in the medium to long term there are actions that can be taken both to attract the scale providers not in the UK market and to make the UK market attractive to people who work in the open RAN area as well. So I think a dual-track approach helps to bring diversification to the UK market.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q I do not disagree with you in terms of the ambition to invest in open RAN technology, but, realistically, we will have to rip out Huawei hardware and replace it with Nokia or Ericsson equipment. Operators ripping that out just to test something on open RAN is not going to happen, is it? So we are stuck with these two suppliers for a long time yet. There will have to be a business case for open RAN because, if we look back at the history of where we are at with the limited market that we have in hardware—we will not go back to the ancient history of Margaret Thatcher’s silly decision to privatise BT—and if we look at the profitability in terms of hardware, it is not there because we as consumers always want cheaper telecommunications and the companies want to get their costs down. Unless there is a very strong business case for open RAN in terms of deploying that technology, it is not going to happen, is it?

None Portrait The Chair
- Hansard -

Mr Evans, let us go to you first.

Matthew Evans: Is it going to be easy? No is the short answer. Is it possible to increase that diversification? Yes. We would like to see more commercial incentives for operators, who will have to change and adapt. This will be a change for operators as they diversify their vendor base. Part of the strategy has to be around the scales and the commercial incentives for operators to do so. We have certainly seen, as we heard from the witnesses this morning, UK operators really pushing the boundaries in terms of what open RAN trials can deliver. As I said, I suspect it will not be a short-term solution, but it is promising to see the trials that are already under way in the UK.

Hamish MacLeod: I would also like to highlight the Government’s commitment to taking a greater part in the process of international standard setting and driving scale across the global market. Although we expect the operators to do the technical heavy lifting, the Government can leverage our international relationships, and the actual resource makes the whole standardisation process move along more quickly.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q I do not disagree on that, but let us be honest. Telecommunications is a competitive market. If we want to move to open RAN or make real generational change, the Government will have to intervene quite heavily in the market to change minds. Operators will not do it unless they see a competitive advantage. That is possibly why we have had the situation with the hardware side of it, with China buying into the market by undercutting other people and providing state subsidies, for example. Without support for R&D and actual market intervention, that radical change will not happen quickly.

Matthew Evans: I think the £250 million is clearly initially focused on the R&D ecosystem. That is a big commercial barrier when you look at the testing environment and the time it often takes for operators, understandably, to feel confident in deploying equipment into their networks, because they are ultimately responsible for the integrity of them. If we can supercharge the testing environment in the UK, we should be able to shorten the time to market, but open RAN in particular is going to require a boost in funding to accelerate the maturity of that technology.

The other part of the diversification strategy is the scale vendors that may be operating in other parts of the world but are not present in the UK today. That is why it is also important to tackle some of the regulatory or commercial barriers that exist and prevent them from entering the market today.

Hamish MacLeod: I do not think I really have anything to add to what Matt just said.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - - - Excerpts

Q I think we all support diversification in principle, but what does success look like for the two of you? How many companies would it be? We have only two vendors that we can choose from at the moment, so how many do you think is acceptable? Is there an analogous comparison for you, whether in tech or elsewhere, of the much broader choice that we should be aiming for, and how long do you think it will take to get there?

Hamish MacLeod: One of the things about open RAN and more open architecture generally is that you generate competition in the hardware and in the software—it is not one package—so I think it is realistic to expect more competition, particularly in the software side of things.

None Portrait The Chair
- Hansard -

Do you have anything to add, Mr Evans?

Matthew Evans: Not too much. It is hard to put a number on it, but success would be where we clearly have a greater number of vendors than today, and that is a mix of open and proprietary technology. As Hamish says, the reason it is hard to put a number on it is that in that open stack, you could have competition within the stack, rather than between vendors that sell the consolidated package.

David Johnston Portrait David Johnston
- Hansard - - - Excerpts

Q So you do not want to put a number on it, but is there another sector that you would draw a comparison with that does not have this problem and is, in principle, the sort of thing we should be aiming for here?

Hamish MacLeod: The analogy that has sometimes been used with me is looking back 40 years to the computer market. We all used to buy IBM computers and you got the computer and all the software integrated, and then the two separated out. There was interoperability and you create a lot more competition and innovation. That is a potential analogy—a rough analogy, I would say.

None Portrait The Chair
- Hansard -

Anything to add, Mr Evans?

Matthew Evans: No, that is a good analogy.

Christian Matheson Portrait Christian Matheson (City of Chester) (Lab)
- Hansard - - - Excerpts

Q I want to follow up the point that Mr Jones and Mr Johnston made. The Government are requiring the industry to make these changes for all the reasons that we understand. We are hoping for diversification across the sector to provide innovation. What would the industry be looking for from the Government to assist that and drive it forward? Mr Jones talked about the role of the Government in assisting that. How could they best assist that?

Matthew Evans: The strategy sets out the outline of what the industry would like to see. There are commercial and regulatory barriers that need to be removed or analysed. That includes things like how the lifespan of 2G, 3G and 4G in the UK is going to exist, and setting out a road map. That will allow people to develop technologies in 5G and future generation without having to invest in what are still very good technologies—those that have already been deployed.

What we would like to see in the strategy—this is where the funding is really important—is the R&D and testing ecosystem. We would like to see something like the Future Networks Initiative, which is a proposal for a series of test centres around the UK specialising in different areas of telecoms, particularly open RAN. As I said before, that should help accelerate the adoption of new products and services when utilised in conjunction with the National Telecoms Lab. That is key. As Hamish has said, standards are also really important. Again, we need closer collaboration between the Government and industry, because the technical side is naturally going to be driven by industry.

None Portrait The Chair
- Hansard -

Mr MacLeod, do you have anything to add?

Hamish MacLeod: Very little to add. Personally, I can say that the recent 5G testbed programme that the Government have been initiating to generate interest, applications and scale is a good model. We expect to see that being replicated; indeed, the two might work hand in hand going forward.

None Portrait The Chair
- Hansard -

Thank you. I am going to switch to the Minister and shadow Minister. If there is time left, I will come back to other Members, but I want to be sure that we do this fairly. I call Chi Onwurah.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q Thank you, Mr McCabe, and I thank our witnesses for joining us. I started out in telecoms in 1987, as a hardware engineer. Since then, as you have indicated, our hardware sector in telecoms has disappeared. Hamish, you have talked about the equivalence with the computer sector, which has experienced a similar demise over the past 40 years. I am interested in whether it is possible to have a secure telecoms supply chain without having secure hardware. What are your views on that? The draft vendor designation talks a lot about the geopolitical influence of China rather than about the technical requirements, and that would be as true for hardware as it is for software. Do you think it is possible to have secure supply chains without having sovereign or friendly hardware capability?

I am also really interested in what you said, Mr Evans, with regard to research and development. I absolutely agree with you that we clearly need investment in research and development if we are to lead in hardware and in open RAN and software. You said that the £250 million was focused on R&D, but it is actually focused on testing. It does not really do much for research at all, as far as I can see. You also referred to the diversification strategy as a strategy and not a plan, so do we need investment in research and development? Is the £250 million, which I think—I am looking at the Minister now—is over five years, a significant amount of investment in research and development for the mobile sector and tech sector generally?

Finally, the Bill gives the Secretary the State a huge amount of powers to set out requirements to remove vendors and for Ofcom to inspect what operators are doing. Do you think that might have an impact on international foreign investment in the UK telecoms sector, and are you confident that the right sort of technical, security and democratic scrutiny is in place? That is three things: hardware, research and development, and scrutiny.

None Portrait The Chair
- Hansard -

Shall we start with you, Mr MacLeod?

Hamish MacLeod: I think the question that was directed at me was whether it is possible to have a secure supply chain. I will not try to gainsay Chi’s knowledge on this, but my understanding is that that is the role that the proposed National Telecoms Lab will perform, to validate that security aspect.

Matthew Evans: I agree with Hamish on that first point, to answer Chi’s questions on R&D. We do not yet know how the £250 million is going to be spent. We believe that we will need to accelerate the maturity of technologies such as open RAN, to make them deployable and commercially viable. Yes, we do need to see more, but as I said, that has to be alongside testing, because accelerating the maturity of it does not really matter if the operators do not get that confidence in either the hardware or the software.

In terms of the Secretary of State’s powers, we are broadly comfortable. We would like to see some thresholds on what amounts to a security compromise, particularly in terms of Ofcom’s powers of oversight. From our point of view, and this is also relevant to the foreign direct investment question, if it is evidence-based, as transparent as possible—we know that we will not see all that evidence, particularly that element in the security services—and the actions are proportionate, that is also important. We believe that that builds into the best practice that we see in other areas of national security.

In terms of the technical expertise, we know that NCSC is going to work closely with Ofcom, in terms of providing that oversight. We are comfortable with the experience that we have had over the past couple of years, as the telecoms supply chain has gone through, in terms of the expertise and the overall regime that this Bill seeks to put in place.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q To clarify that point, you are happy with the existing level of scrutiny and involvement of the security services in the development of the framework and the review of the telecoms supply chain, and so on, and you would like to see that continued. When it comes to investment, could you say a little bit about the £250 million over five years, which is, say, £50 million a year? Is that a significant amount of research and development investment in the tech sector in this country?

Matthew Evans: I think it sends quite a strong signal to the market of the Government’s intent. If we published the strategy without the funding, it would not have sent the same signal. We have seen NEC, for instance, commit to opening an open RAN test centre in the UK. I think that is a signal of how the market is starting to react. This needs to work with the grain of industry, so it is important that industry is able to participate in this funding. I think it sent a strong signal.

None Portrait The Chair
- Hansard -

Do you have anything you want to add, Mr MacLeod?

Hamish MacLeod: No.

None Portrait The Chair
- Hansard -

I will switch to the Minister at this point.

Matt Warman Portrait Matt Warman (Boston and Skegness) (Con)
- Hansard - - - Excerpts

Q Thank you, Mr McCabe, and thank you both for your engagement and for welcoming what we are doing. I am interested to know what you feel will be the best way to work with the sectors that you represent, particularly in taking forward the diversification strategy. It is an increasingly diverse sector. The Government want to get the best they possibly can out of that £250 million initial tranche of diversification money. What are your thoughts on how we have worked with the sector thus far and what more should be going on in the future?

Hamish MacLeod: My meeting following this hearing is with the operators addressing that very point. This is something that we want to work extremely closely with the Government on. We are meeting officials next week to continue the conversation on doing things such as setting out the road map for what needs to be done R&D-wise to develop open RAN, what needs to be done from the point of view of the test programme, and what needs to be done on the standardisation road map. We will be taking a very close interest, both as individual operators and jointly.

Matthew Evans: To add to that, I echo that we have had excellent engagement with the Minister’s officials. It is about keeping the momentum up while working with the grain of industry and making sure that we are getting the incentives on the supply side, in the R&D and in the testing, and also in the demand side. That is all about making sure that we have the right commercial incentives for operators, but also that we have the right skills and, if necessary, reinforcing the operators on some of those points as well.

None Portrait The Chair
- Hansard -

Chi?

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

Q I did not think I would get a chance to ask further questions.

I respect your reluctance, if you like, to voice criticisms at this stage, but can I just get a further idea on the level of R&D spend in the sector? We heard from British Telecom this morning that it spends £500 million a year. I imagine it is not the only company to spend. Do you have a view of the level of R&D spend? You talk about the £250 million being a signal. Am I right in thinking that a lot more investment needs to be attracted into the UK telecoms sector in order to really move the dial? That is what we are talking about, is it not—really moving the dial on UK telecoms capability?

Hamish MacLeod: Absolutely. The £250 million was very much described as an initial £250 million, because you are right that moving the dial will take significant investment. With R&D, there is pure R&D—what you do in labs—but there is also the testbed activity, which is a very important aspect, and trials at scale and all those things. Working with the operators, bringing in international partners and leveraging what is going on elsewhere in the world will all be important.

Matthew Evans: The important word there is “leveraging”. Telecom spend on R&D, both traditional and in open RAN, runs into billions and billions of pounds each year, but we can use that £250 million to leverage greater investment. It has to be with the grain of what the industry is delivering, so we can attract more of that investment. If we can be world leaders in the adoption of open RAN, that is key, and we will attract that investment. That is why I think the supply has to match up with the demand side fully.

None Portrait The Chair
- Hansard -

Does anyone else have any other questions? No. In that case, I thank both our witnesses for their evidence. We are extremely grateful to you. We will end this session and move on to the next panel.

Examination of Witnesses

Stefano Cantarelli, John Baker, Pardeep Kohli and Chris Jackson gave evidence.

14:39
None Portrait The Chair
- Hansard -

We are now going to hear from Stefano Cantarelli, global chief marketing officer, John Baker, head of RAN business development, and Pardeep Kohli, chief executive officer, of Mavenir. Joining them is Chris Jackson, president and chief executive officer of NEC Europe Ltd. We will use the same format as last time, although if you want to direct your question to a specific witness, that might be helpful. We have until 3.30 pm for this session. I ask the witnesses to introduce themselves.

Stefano Cantarelli: Good afternoon everybody. My name is Stefano Cantarelli. I am the chief marketing officer for Mavenir. I have spent the last 30 years of my life in telecommunications, of which 20 years have been in the UK, in both fixed and mobile networks.

John Baker: Good afternoon. I head up business development for Mavenir. I was instrumental in setting up the UK industry back in the ’80s for manufacturing and R&D for Nokia, and with Vodafone and Orbitel. I have long experience in the industry and I have been leading the open RAN initiatives from the US globally. I am a member of the open RAN policy coalition board.

Pardeep Kohli: I am Pardeep Kohli, President and Chief Executive Officer of Mavenir. I have been with the company since 2005. The company is over 20 years old and employs about 4,500 people. We have a good presence in the UK. We have been providing software for telecoms applications to UK operators for over 20 years. All operators use our software today for making phone calls, sending messages and voicemail. We started working on open RAN five years ago and now we have deployment in the UK, which has been provided in the test sites. We are building networks in other parts of the world as well, based on open RAN.

Chris Jackson: Good afternoon. I am Chris Jackson, CEO of NEC Europe. I have worked for NEC for 12 years. I took on the role of CEO for Europe on 1 April last year. In terms of my opening statement, I fully support the principles of the Bill. It has been well constructed. The additional powers that the Government and Ofcom now have are much more wide-ranging, and we absolutely support that. We very much promote the vendor diversification strategy, and we are supportive of the aims and objectives behind it.

None Portrait The Chair
- Hansard -

Who wants to go first? It looks like it is Mr Johnston. Can I just ask you to say which of the witnesses you are directing your question to?

David Johnston Portrait David Johnston
- Hansard - - - Excerpts

Yes, although I was going to ask them who they think is best to answer it.

None Portrait The Chair
- Hansard -

There is always one.

David Johnston Portrait David Johnston
- Hansard - - - Excerpts

Q We asked the previous witnesses this question. When it comes to stringency on these issues, do any of you feel able to give us a sense of the international comparison between the regime that this Bill creates and regimes around the world?

John Baker: Perhaps I could take that one. This is falling in line with what is going on globally. We see initiatives coming from Spain, the EU and the US. The US is further ahead in terms of passing law on trusted suppliers, and it is now setting timelines and budgets for taking suppliers out of the network. That rip-and-replace programme is now under way. The money for that was approved in December, and operators are looking at open RAN as solutions for that. That is very similar to the activities that you are planning through this Bill in the UK.

Chris Jackson: What we have seen in Japan is strong support for this direction, but I think the UK Government have taken the lead in terms of putting forward an aggressive stance on this to ensure that the security of the country is protected. The UK is doing everything that we would expect it to, and we fully support that.

Stefano Cantarelli: Some of the things said about the diversification of the supply chain are particularly important in terms of the ability to create competition and, as such, innovation. The interoperability of interfaces is fundamental in order to boost data and to be able to create more competition. We strongly believe that competition is based in innovation, and innovation these days can create a very powerful cycle of technology. It is not like how it was in the old days when it took maybe a year, two years or three years to get things into deployment; today, in less than a year a trial can become a commercial deployment.

Pardeep Kohli: I agree with the other gentlemen. In a number of countries, operators have made the decision that, going forward, they will only buy open RAN-based solutions. Governments are supporting that in many parts of the world.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q This question is to whoever wants to pick it up. The debate in the UK on Huawei has been around hardware, and clearly open RAN is the future. Can you give an indication of two things? First, what are the timescales for its development and deployment? Secondly, because we have got operators currently taking out Huawei kit and putting in Ericsson or Nokia kit, how do you incentivise those companies to take the open RAN approach in terms of developing a market for that product? Where are we at internationally on open RAN compared with other countries?

Pardeep Kohli: Let me start. You are right that until now it was all about hardware, because people were building proprietary hardware to supply radio products. When you do hardware-based solutions, the scale matters, because you need logistics, manufacturing capability and factories, and obviously Huawei, Ericsson and Nokia had a strong base and the logistics set up.

When you do open RAN, it is more software leaning on general-purpose hardware. Companies like us do not need manufacturing plants any more because we are only providing software, and we have the advantage that our software can run on a private cloud that an operator can build on, for example, standard Dell servers—there are plenty of them, and people can build those—or we can run it on a public cloud on Amazon or Google. If you look at the scale that Google, Amazon and Azure have, Huawei is nowhere close to their scale. In that sense, the whole matter of Huawei’s scale does not matter at all the moment you move a hardware problem to a software problem.

The same thing happens with logistics and people. For us, hardware-based solutions need people to carry the hardware around, bolt it and everything. For software, with the click of a button you can distribute it to 2,000 sites; you do not need people and logistics to drive hardware around. This is how with what we are doing—for example, we are working with Dish to build a nationwide network, and we will have 50,000 sites deployed in less than two years—not that many people are required to do all this, because the problem has moved from hardware to software.

We would like the Government and other people to understand that there is no way any company can beat Huawei with the presence it has in China alone if they take on the problem as a hardware problem. It must be converted into a software problem—that is the only way it can be solved.

On your question about how we convince operators, it is always on the point about proof. We are a 20-year-old company working with operators all over the world. We handle 60% of the world’s operators’ messaging. If you look at SMS, for example, we carry that traffic for all the operators in the UK, and voice calling. We already do more critical services: radio is important, of course, because of the connectivity, but operators are relying on us for the day-to-day services. Now we are working with them to prove that our software is as good or better than what they can get on from the incumbents. Of course, we are expecting them to participate in the journey and work with us so that we can prove to them that we are good. We have done that in all other layers of the software, so we feel that if somebody engages with us, within six to nine months we will prove to them that we are good and it works.

That is working; in terms of the whole idea that the technology does not exist, we have crossed that hurdle. Now it is more about, “Okay, does it work for this use case or that use case?”, or, “In my network, I may have some proprietary stuff I have done with existing vendors, and I want you to do that as well.” So it may take six to nine months, or even 12 months, to get there, but I think we are beyond the point where we need to prove that it works. We know it works.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q Which country in the world is at the forefront of open RAN deployment?

Pardeep Kohli: If you look at investments, because of Dish, the US is making the most investments; the Government have now surpassed $1.9 billion on rip-and-replace to replace Huawei equipment, so that will create an ecosystem. In Japan, with Rakuten, they are building a whole nationwide network based on open RAN. We have seen Deutsche Telekom, for example, announce in Germany that it is building an ORAN town, so it will have a whole city that will have only ORAN components in a due timeframe. We have systems applied now in Sri Lanka, in India and in Malaysia. A lot of countries are looking at the economics: obviously, volume makes the numbers different, and with higher volume you will improve the economics further, but if you include the opex cost as well to go along with the capex cost, there is no way to compare what you can get with this technology compared with the legacy one.

None Portrait The Chair
- Hansard -

I am just conscious of time; do any of the other witnesses have anything they want to add to what we have heard from Mr Kohli?

John Baker: I would just like to add that Vodafone has been very much in the lead with the development of open RAN solutions. We have been engaging with Vodafone for three and a half years in test labs and specifying the technology, and so on. The UK has been very much part of bringing this technology forward, as well as BT with the Telecom Infra Project labs.

Chris Jackson: Coming back to your question, I would not like to speculate as to how long it would take for open RAN to become standardised and commonplace within the UK. The Government are setting up a national telecoms lab and SONIC. There are a number of companies like ourselves, NEC, who have just set up our 5G global centre of excellence here in the UK, and the operators have all set up laboratories. If we can start to encourage and bring all those parties together, that is the key to accelerating the technology.

Incentives definitely play a part in this; to comment on Japan for a moment, I know the Japanese Government have incentivised companies to embrace open RAN, and that might well explain why companies such as Rakuten and NTT DOCOMO have been very successful in launching the technology. That proves it can be done and shows that where there is a willingness, there is a way, but if we can drive all those different parties coming together, that is how we will get traction.

Stefano Cantarelli: I just want to say quickly that we are part of some of the initiatives Chris has mentioned, such as SONIC with DCMS and so on, and we think they are particularly useful to give visibility on the status of open RAN. My last comment is about the hardware; I heard a few comments this morning, and I want to underline that hardware is still quite a profitable business. If we look at what happened to IT servers in the IT industry, there are companies that are much more than profitable in those spaces. Commoditisation of a hardware does not mean that there is no profitable business behind it.

None Portrait The Chair
- Hansard -

Thank you. I am going to Mr Sunderland. I will come back to you if you want to come back later.

James Sunderland Portrait James Sunderland
- Hansard - - - Excerpts

Q I note from the briefing notes that I have here just how much global experience Mavenir has, and that perhaps sets you gentlemen apart from the previous witnesses. Could I therefore ask you this, please? Is there anything, in your experience in this field—particularly, perhaps, in America and the far east—that may require to be better reflected in the legislation?

None Portrait The Chair
- Hansard -

Is this question for all the witnesses?

None Portrait The Chair
- Hansard -

Who do you want to go first?

James Sunderland Portrait James Sunderland
- Hansard - - - Excerpts

Mr Baker is the obvious candidate.

John Baker: I think the legislation, as you have it written, is good and supportive. The underlying thread of this is all about open interfaces. Having open interfaces fully specified makes the ability for testing of elements in the network simpler and easier, because you open up the testing community, the vendors, to produce interoperable equipment, so you can compare equipment side by side. This has been the basis of the whole open RAN discussion. Open RAN is about open and interoperable interfaces. If you follow that philosophy through into this Bill, you should be able to test each of the elements and the network end to end, from a security perspective, so we are fully supportive of the activities that you have in place.

None Portrait The Chair
- Hansard -