(8 years, 2 months ago)
Lords ChamberMy Lords, there have not been very many points in the course of this legislation on which I have agreed with the noble Lord, Lord Strasburger, but on this point I do. Amendment 252A raises a very interesting and important point.
Although I am absolutely in favour, as you would imagine, of the Government having the opportunity to access the communications of anybody who is a threat to us—due to terrorism, criminal activities or anything of that sort—there is a competing national security issue here of this country having effective cybersecurity. We have seen the way in which hostile Governments have been seeking to intervene in the American elections, and we have seen all sorts of attempts by hostile states, criminal groups and others to use cyber weaknesses to take forward hostile agendas. Therefore, there is a genuine national security interest in ensuring that, as far as we can, our citizens can communicate securely and privately when they are not going about mischievous business.
The idea that we should take into consideration the requirement not to place non-targeted customers or others at additional security risk is an entirely legitimate one, and I am very interested to hear how the Minister would want to interpret this. We have competing national security issues here and it is a point well made.
My Lords, we have had some rather good discussions with the tech companies. In Committee, we put in some of the amendments that they suggested to us, and some of the government amendments we have been dealing with over the past few days reflect that. I thank the tech companies for their very responsible attitude in continuing discussions with the Government over this period. Certainly with us they have been open, flexible and fairly straight as to what is possible and what the dangers are for them—for example, and as we have discussed, whether a weakness in end-to-end encryption could actually undermine the security that banks and others rely on in their systems—and for their clients, public confidence and national security. The companies recognise that they have a duty of care and loyalty to their customers, while fully respecting the law of the land in which they operate and the legal demands on their staff, wherever they are located.
In their discussions with us, companies have sought clarity that they will not be asked, effectively, to create a new system that would breach end-to-end encryption. They need this clarity for their shareholders and customers’ peace of mind because the reality is that they could never be forced to create a new computer program to hack their own security. I for one cannot imagine the noble Earl, Lord Howe, or anyone else standing over a hapless computer programmer shouting, “Break into it!”, if that company did not want to do it or the computer genius was on a go-slow that day. The idea that you could force somebody to create a program that the company and the employee did not want to is probably not possible.
Given that, the reality is that the things the Government want to ask will happen only when there is a good working understanding between the security services and the company. Therefore, if the tech companies want this clarity as set out in Amendment 251—as we know they do—our interest is to hear from the Minister just what the obstacles are to giving them the clarity that they seek.