(4 years, 7 months ago)
Lords ChamberI shall beg noble Lords’ indulgence for a few minutes. I did not have an opportunity to speak at Second Reading, as I was advised not to come to Parliament, but I was assured that this would be an opportunity for me to do so.
I welcome the Bill and its aims to improve access to faster broadband and provide greater choice for tenants and leaseholders. My interest in the Bill, as people will see from my amendment, is very specific; it is to do with what we as a country see as critical infrastructure and how we protect our strategic interests to keep our critical infrastructure safe as technology becomes more complex.
I served on the Joint Committee on the National Security Strategy from 2013 to 2016, when Huawei first came on to our radar, and two significant changes happened in that period. We saw the invasion of a sovereign state on the edge of Europe—the Russian annexation of Crimea—and the installation of President Xi Jinping as head of the Chinese Communist Party, bringing a more assertive, and perhaps what some would describe as more aggressive, tone into China’s international relations. Both have had a profound impact on geopolitics and potentially on security.
China’s companies have long been on our radar in the West for theft of intellectual property, from both business enterprises and research institutions. While I accept that there has always been a level of industrial espionage, with leakages from more advanced economies into those that are new challengers in particular sectors, the international community has attempted to deal openly with China on this. President Obama sought, and attained, an assurance from President Xi that the Chinese Government would clamp down on intellectual property theft, but there is little evidence that much has changed.
The difference is that China is now actively using its economic clout to advance its strategic and geopolitical interests, many of which run counter to our interests, and indeed our freedoms, here in the UK. Huawei is the world’s largest telecommunications company, and there is no reason that it should not be a trusted partner if it were like any other global telecoms firm. The point is that it is not. It has a long history of transgressions, not only in the West but more broadly. Moreover, it is subject to Chinese state security and other intelligence-related laws. These were updated in 2017 and now require Huawei, like other Chinese companies, to hand over data flowing through it to the Chinese state. It is effectively an arm of the state for the purposes of data capture and exploitation. If that was not the intention of the law, as Huawei tells us, the Chinese Government have done nothing to repudiate or amend the law in the period since. In other words, it is the intention of the Chinese Government to control worldwide data that Huawei collects, if they wish to.
There are examples of how this works. The African Union built a new headquarters in Addis Ababa in 2012. An accountant noticed that there was a huge energy consumption surge between midnight and the early hours of the morning in the period between 2012 and 2017. It transpired that data on Huawei’s servers was being transmitted back to Shenzhen covertly in those hours, hence the server activity.
There are many other examples of Huawei’s cyberactivities. The Equifax consumer credit hack recently resulted in millions of US consumers’ data being stolen. Additionally, 12.3 million Britons had their credit card details stolen. That hack was linked to Huawei and the People’s Liberation Army. I find it instructive that when BT involved Huawei in its 21st Century Network plan in 2005, information about Huawei’s involvement was withheld from Ministers and came to light some time later—in a 2013 report of the Intelligence and Security Committee, at the time chaired by Sir Malcolm Rifkind. If the Minister is not aware of its contents, I suggest she apprise herself of it, because it is fairly sobering.
I turn to my specific amendments. I know the UK Government’s position is that we want to roll out increased speed and capacity in our networks to benefit our businesses and consumers. I agree with that. However, the internet of things is here and requires improved capacity. I also agree with that. But Huawei’s involvement in this, even limited to 35% of the non-critical part of the infrastructure, is not something I feel comfortable with. It is incumbent on us to take our strategic national security vulnerabilities seriously, as we are planning not for the next five to seven years but for the next 20 to 30. There are several reasons for this. One is that we should not be so reliant on others for our sensitive and critical needs. One has only to look at the impact of the US-China trade war, and the impact on supply chains exacerbated now by Covid-19, to know that deglobalisation is starting. We in the UK are erecting barriers to our trade with the EU, yet think nothing of allowing companies that are more or less arms of other states into our systems, instead of developing our own capacities as France is attempting to do.
Another reason to be wary is that alternatives do exist. The US is proceeding with Ericsson, South Korea is using Samsung, but most importantly our Five Eyes allies have all rejected the Huawei option and are assessing alternatives. There is no burning imperative to take the decision now, and I fear it was rushed through. We will have to either repeal or regret this decision, unless we come up with safeguards that satisfy our concerns. The demonstration effect of letting Huawei into our system will lull other countries into the view that it is a safe alternative.
The Government tell us that the 35% of market share of Huawei infrastructure will be non-core and non-sensitive, but they do not acknowledge that the crucial difference between 4G and 5G is that, due to the internet of things, 5G networks are largely software-defined, so updates pushed to the network by the manufacturer can radically change how they operate. If a network is run by an untrusted vendor, that vendor can change what the network can do quite easily using software updates. The Australians have stressed this point over and over—namely, that you cannot safeguard against intent. If a provider is bound by its state’s law to do something, it is not its capability that is relevant but its intent. It is a combination of capability, where 5G is more vulnerable, and the intent of a provider that has to do a state’s bidding by law.
The Government also tell us that GCHQ has advised the National Security Council, and that they are acting on the advice of the NSC. However, it was pointed out in a Commons debate by Bob Seely MP on 10 March that the GCHQ Huawei oversight board has voiced deep concerns. According to him, the board found that it could
“only provide limited assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks can be sufficiently mitigated … The Oversight Board advises that it will be difficult to appropriately risk-manage future products in the context of UK deployments, until the underlying defects in Huawei’s software engineering and … cyber security processes are remediated. At present, the Oversight Board has not yet seen anything to give it confidence in Huawei’s capacity to successfully complete the elements of its transformation programme”.—[Official Report, Commons, 10/3/20; col. 201.]
As recently as February 2020, the US Government have claimed in a report that backdoors intended for law enforcement officials in carriers’ equipment, such as antennae and routers installed since 2009, can be accessed by certain vendors.
Amendments 9 and 14 are based very much on Labour and Conservative Party amendments as of 10 March in the other place, and are designed to remove high-risk vendors from the United Kingdom by 2022. Amendment 14 would require vendors who use Part 4A code rights to explain to the satisfaction of the regulator, which will probably be Ofcom, in a publicised plan how they will remove high-risk vendors should they form part of the network. BT has now extended the period that it will take to remove a high-risk vendor from its network to the end of 2022. It needs that period to disentangle itself from those partners. The amendments will ensure that even if high-risk vendors are allowed into the network in the early stages, as the Government propose, there is a clear plan for disentanglement from the outset.
I will conclude by explaining to the Committee why I have tabled these amendments. We all acknowledge that Virtual Proceedings are inadequate for proper scrutiny of legislation. My experience is that, even in normal proceedings, Ministers are sometimes not quite as well informed as they might be. On 27 January 2020, in response to the Statement on Huawei, I asked the noble Baroness, Lady Morgan of Cotes, for her assurances regarding Huawei’s participation in terms of its market share. She replied:
“I give her and the whole House the absolute assurance that high-risk vendors never have been and never will be involved in our most sensitive networks”.—[Official Report, 27/1/20; col. 1300.]
She clearly did not know from the Intelligence and Security Committee’s 2013 report that BT had involved Huawei from quite far back. Huawei is present on the ground in our networks. I am sure that she did not intend in any sense to mislead the House, but many of us who are concerned about these matters would be reassured by having these amendments in the Bill, although I accept that it is perhaps not the ideal vehicle for them—in fact, it is concerned with some things that I wholeheartedly support. If the Government accepted the amendment it would strengthen the Minister’s hand in giving a clear plan to the telecommunications sector regarding its obligations. It will reassure many in the country who have a clearer view of our security risks.
I should have said that I do not intend to press the amendment.
The noble Baroness, Lady Falkner, has made an extremely powerful speech. She has also been extremely ingenious in finding a way to bring this big geostrategic issue into the consideration of a Bill that has a very limited scope. However, given that it is to do with telecoms infrastructure and that one of the single biggest issues in upgrading our telecoms infrastructure is the degree to which we will be reliant on partnerships with Chinese companies, she is perfectly entitled to do so.
I assume that the clerks have ruled that the noble Baroness’s amendment is within the Bill’s scope, otherwise she would not be proposing it. Perhaps when she concludes at the end of this group, she can tell us that it has indeed been ruled within the scope of the Bill. If that is the case, I urge her to bring it back on Report, because, beyond the crisis, there is no more important issue facing Parliament than our relations with China. Indeed, the issue is related to the Covid crisis because the origins of the disease in Wuhan and the way the Chinese regime has dealt with it are central to the Covid-19 crisis. A critical issue that we are having to grapple with is how we get to the facts and the reforms to the international world health architecture that will be necessary which relate to the facts of the outbreak of this disease.