(3 years, 4 months ago)
Grand CommitteeMy Lords, I hope the Committee will forgive me if I move on to drier but—I hope the Committee will agree—important ground. In moving Amendment 2, I will also speak to Amendments 3, 4, 5 and 6.
Amendment 2, along with similar amendments to Clause 1 in the name of my noble friend Lord Fox and myself, seeks to narrow the scope of the definitions of “security compromise” and “connected security compromise”. As well as having concerns about oversight of the new powers of the Secretary of State, which we will debate later, there is also concern, reflected by the Constitution Committee, about the width of these crucial definitions and the consequences that flow, particularly as regards planned outages and the need to make a clear distinction between reporting on security compromises and on resilience.
I say this in the context of the impact assessment of 9 June, which stresses the large degree of uncertainty surrounding the costs to be incurred by business, amplified by the report of the Regulatory Policy Committee under its new chair. The Constitution Committee says:
“Clauses 1 and 2 impose duties on providers of a public electronic communications network or service … These include taking such measures as are appropriate and proportionate for the purposes of identifying and reducing the risk of security compromises occurring. The Bill defines security compromises, but the Explanatory Notes acknowledge this definition is broad and do not explain their intended scope. The consequences of a security compromise for providers are potentially significant, including substantial and costly duties of due diligence”—
this echoes the impact assessment. It goes on:
“The House may wish to consider whether narrowing the definition of security compromises would be appropriate.”
BT gave evidence to the Public Bill Committee in the Commons. Of course, BT is a provider which will need to comply with the provisions of the Bill, so I take the liberty of reading out much of its evidence:
“As currently defined, a ‘security compromise’ … would cover any planned network outage that may be required for maintenance or upgrading of the network, or any unplanned outages due to faults or wear and tear. These types of outages are relatively regular occurrences given the scale of our network and we always seek to minimise customer impact and restore service as quickly as possible. The duties on operators in the Bill that flow from this definition are significant—including network issues that cannot reasonably be considered as security compromises (rather resilience or availability issues) would create undue burdens on operators and potentially on OFCOM.
These outages are not the result of any unauthorised access or malicious intent, nor do they have consequences for the confidentiality of data or signals carried over the network. We do not believe it is the intention of the Bill to apply the same requirements (e.g. with respect to reporting or notification to stakeholders), or to make the same powers available to OFCOM, in relation to these types of incidents, as are intended to apply to ‘security compromises’.”
It goes on:
“The definition also seeks, we understand, to capture any compromise to the integrity of signals conveyed over a network. However, the way that this is expressed—by reference solely to compromises of the ‘confidentiality of signals’—is unclear and confusing. It could be significantly improved by making a simple amendment to refer to ‘confidentiality and integrity’.
The definition of ‘connected security compromise’ … is a simple definition referring to something that ‘occurs in relation to another public electronic communications network or a public electronic communications service’. Given the potential breadth of this definition, building some specifics on how the ‘connected’ element will be assessed in the overall Government/OFCOM guidance on ‘security compromise’ will be important.”
So a provider that will be considerably impacted by the Bill and the Constitution Committee have raised important issues about the width of these definitions. These amendments perhaps do not go as far as some providers would like, but they attempt to give greater certainty by specifying that compromises which involve security issues are covered, but not wider outages which do not have security implications. I very much hope the Government will heed both the providers and the Constitution Committee by narrowing the width of these definitions. I beg to move.
My Lords, I had the privilege of being an RAF pilot. The instructions we received as pilots in methods of security included the word “anything”. In other words, if you are flying a jet on a mission and you suspect something, “anything” is reported back, or you take remedial action. You do not try to refine that security by, in this case, reducing it or leaving any element of doubt. Thinking about it a little further, the “anything” could be technical. In this context, it could be competitive; it could be a company being taken over; it could be lack of finance; it could be fraud. Above all, it could provide a loophole. Therefore, Her Majesty’s Government are absolutely right in putting in the word “anything” and not trying to restrict it further.
(3 years, 8 months ago)
Lords ChamberMy Lords, I am grateful to my noble friend Lord Hodgson for tabling the amendment because what is behind it is absolutely right, as a number of my noble friends have said in the debate. That is fine, particularly in a situation whereby we are hoping to set the environment in which new companies can be created. After the pandemic, we are highly likely to see a number of movements in that area that would not normally happen.
One area on which I have a slight query is the preference to be given to someone who has done it before, particularly if they are not a company but someone who is handling the matter. That gives an advantage over someone who has not done it before. Therefore, regarding the point made by the noble Baroness, Lady Bowles, about a time limit or distance limit in terms of time, there needs to be some stop on that. Otherwise, an unfair advantage is given to one party over another.
Another element that I worry about a little, which covers security matters as much as anything, is that some people out there are enormously creative in terms of manoeuvring and so on. Two things may seem similar but can be yards apart—miles sometimes. Not all that is written on the outside packet of a product or company represents what is happening underneath.
While I support the broad thrust of my noble friend Lord Hodgson, I have those reservations and shall listen carefully to my noble friend on the Front Bench.
My Lords, the noble Baroness, Lady Noakes, has coined another phrase that will run through this Bill—notably, “practical impact”. It is interesting that among those of us who have taken part in the debates on the Bill many have a practical understanding of what its impact could be. We have been in walks of life that have brought us into the investment community—not least the Minister himself—and we see the potential for major issues arising under the legislation because of the way in which it is drafted. This group of slightly disconnected amendments illustrates that. The noble Baroness, Lady Hodgson, and my noble friend Lady Bowles forensically took us through the amendment and Amendments 67B and 67C. I shall come to the question on whether Clause 30 should stand part of the Bill in a moment.
However, the amendment is definitely the kind of red tape-busting amendment that we need. My noble friend Lady Bowles said that we needed provisions that actually met the needs of the investment community and were tailored to it. The amendment is a classic example of what could be done in terms of making sure that we do not have a situation in which companies have to make notification after notification. The inter- twining of the mandatory and the voluntary notification aspects provided for in the amendment is extremely important.
Then we come to Clauses 19 and 24, and Amendments 67B and 67C. The noble Lord, Lord Hodgson, also has a way of coining a phrase, such as “stop the clock” provisions, which again give the Government all the cards and the poor old investor could be stuck for some period of time. As the noble Lord pointed out, the extent of the powers in terms of the periods are already quite long—75 working days or 15 working weeks for a national security assessment, or 30 working days or six working weeks for the initial screening period. We are not talking about modest periods but, rather like the referee in a rugby match, the Government can stop the clock and there is no control over that, as far as I can see. Therefore, we on these Benches firmly support those amendments.
On Clause 30 stand part, I liked the phrase of the noble Baroness, Lady Noakes: “stuff these companies with public money”. If that was the case, it would be pretty egregious. Now that noble Lords have drawn our attention to it, we can see that the Explanatory Notes on Clause 30 are vanishingly small. There is virtually nothing in there: there is no control over what the Secretary of State does. He may have to give a report if it is over a mere £100 million—and what is £100 million but small change in the circumstances? The Secretary of State can make more or less any decision and then say, “We have made the decision, but we have plenty of cash that we can stuff into your pocket.” It is the opacity, the lack of reporting and any real control in Clause 30 to which the noble Lord, Lord Hodgson, has rightly drawn attention. This is another area where I hope the Minister has something to say that not only gives quite a lot of further assurance but undertakes to create greater control over the powers in that clause.
After a bit, one gets a feeling for a Bill, and this one seems overly weighted in favour of the Secretary of State. The Secretary of State is more or less footloose and fancy free, and it is the poor old investor who will have to bear all the consequences.
(4 years ago)
Lords ChamberMy Lords, I declare a possible interest as a solicitor qualified in England and Wales and I share all previous speakers’ support for IP professionals, who ensure that we have the necessary intellectual property protection in the UK. I strongly support my noble friend Lady Bowles’s Amendment 107A and share her confusion, not to say bafflement, at Amendment 107. She has drawn attention to the obscurity of the drafting. Why are patent and trademark attorneys included and then excluded?
My noble friend has been, if anything, very kind to the drafters of the government amendment. Not only is it obscure but, as we have heard from the noble Lord, Lord Smith, there seems to have been no proper consultation with the professional bodies and regulators such as CIPA, CITMA and IPReg before it was tabled. This is all compounded by the use by both officials and the Minister of the term “automatic recognition” in communication with my noble friend, when we should be talking about qualifications.
Why has automatic recognition, from which exemption is needed, been introduced? As an interloper on this Bill, perhaps I can ask the most fundamentally naive question: why do we need not just Clauses 22, 23 and 25 but Part 3 in the first place? Are these the emperor’s new clothes? Even the Explanatory Note is rather obscure in its rationale, saying:
“There is currently no overarching system or consistent approach for the recognition of professional qualifications between the nations making up the UK internal market. Therefore, if professional divergence increases across the UK, professionals could have greater limitations on their ability to practise across the UK than exists currently.”
What professional divergence is threatened or envisaged? There is the continuing need for professionals covered in this part to be suitably qualified, but why do we need a new piece of legislation simply to preserve the status quo? I am sure the Minister has the answer at his fingertips.
My Lords, it is a little disappointing that, in a Bill that is vital for the future of our country, there seems to have been some misunderstanding; somehow or other the key role of patent and trademark attorneys has been misunderstood. They are vital to the future of our country because, as it happens, we are quite good at producing ingenious new products, processes and systems of manufacture that are patentable. Equally, we are good at marketing products that require trademarks. Here is an area where we really are at the forefront of Europe’s activity—and, many would say, the world’s—so this is crucial, and we need to be clear that it is going to operate properly without any hiccups.
In my judgment, we need to defend some of our trademarks in particular. When we are marketing on our own outside the EU, I believe that we will get challenges. I have worked overseas and seen it happen there, and I do not see why it might well not happen here in the UK. As we move forward on that challenges dimension, I recall that, as I think one or two of my colleagues know, I worked in south Asia for two years. When I was in India, there was a system of mutual recognition for trademarks in certain categories of products. I wonder whether that is an element of the new deal we have done with Japan.
On my final point, I declare an interest in that I have a son, a lawyer, working in the Cayman Islands—in other words, the Overseas Territories. Given the confusion that we have had today, I am not entirely clear whether in the Overseas Territories a qualified patent lawyer or trademark attorney, who is a UK citizen qualified in the law and in whatever elements are needed for such attorneys, is able to operate although they are not actually in a part of the UK.