(3 years, 10 months ago)
Lords ChamberMy Lords, one of the most mystifying gaps in the agreement is the absence of any provision for co-operation on foreign policy and defence, which the noble Lord, Lord Hannay, also touched on. These are areas where Britain was highly influential as a member state. We were often able to increase the impact of our policies by lining up the EU behind them. The EU wanted a continuing partnership in this area, and it was in British interests to do that, yet the Government refused any discussion. Perhaps the Minister can explain why.
He might reassure us that Britain will rely on bilateral links, especially with France and Germany. Of course, these will remain important, but let us remember that the primary loyalty of both Berlin and Paris will be to policies decided in the EU. Those policies will have an impact on this country; we should be influencing them. British Ministers will not have the time to lobby each EU member state separately. The right answer, surely, is to have regular, structured consultations with the EU on foreign and security policy. If that is too much to contemplate at this time, will the Minister tell us whether the Government will take up President Macron’s proposal for a European security council outside the EU as a forum for European countries, including Britain, to consult on foreign policy?
In my remaining seconds, I will add my voice to those of others who have underlined the plight of people in an industry that is of huge importance to our soft power overseas—that is, musicians and performing artists. In his opening speech, the Minister accepted that the Government had failed to secure reciprocal visa-free access for musicians. That will have a major impact on the sector. For example, the capacity of our great orchestras to tour in Europe will be gravely damaged by a combination of the need for a work permit for each country they visit, complex and expensive customs arrangements, and limits on road haulage. Will the Minister confirm that the Government will work to reduce the burdens on this sector, which is worth four times more to the British economy than fisheries?
(3 years, 10 months ago)
Lords ChamberMy Lords, I do not believe that this thin agreement—as the noble Lord, Lord Maude, called it—with the EU is in the long-term interests of this country. But I will support the Bill this evening, because the only alternative would be the worse chaos of a no-deal departure.
The British people will discover in the months ahead that this agreement will produce an avalanche of restrictions, bureaucracy, extra costs and delays. As that reality sinks in, at least this deal provides a platform on which to start the long process of building back a closer partnership in the years ahead.
I have two brief comments on the substance. The agreement on security and justice provides for a closer association with the EU than I, for one, had feared. I welcome that. But the principle underlying all the complex detail is that the UK will no longer have direct, real-time access to the EU databases and systems which have become so important for British policing, as the noble Lord, Lord Paddick, just explained. We heard in the Lords EU Security and Justice Sub-Committee that British police had consulted the SIS II database over 600 million times in 2019. In future, they will have to request information from the SIS II database, with all the delays that will entail.
Access to some of the other databases for fingerprints, DNA and passenger name records looks at first sight to be easier, but the overall loss will be significant. I cannot understand how it can be claimed that Brexit will make us safer. The question is rather: how much loss of capability will there be? What will be the operational impact of slower and more cumbersome processes, and more police officers tied up in front of computer screens making requests to the EU? Your Lordships’ EU Security and Justice Sub-Committee will hold an inquiry into this in the new year and will report to the House.
Briefly, my view is that the decision not to continue participation in Erasmus is short-sighted and mean-spirited. Erasmus gave life-enhancing opportunities to many thousands of students from the UK and across the EU. Less well-known is the fact that it also enabled vocational and adult education colleges and schools, many in disadvantaged areas, to set up joint projects with counterparts across Europe. It lifted the admin burden of organisers, which allowed smaller organisations that did not have the resources to arrange projects. I am deeply sceptical that a UK scheme, starting from scratch with the funding envisaged, will come anywhere near replicating the transformational impact Erasmus has had on so many lives. I hope this decision to leave Erasmus will be reviewed at the first opportunity.
(4 years, 4 months ago)
Lords ChamberMy Lords, as the Government’s first National Security Adviser, I welcome the moving words of the Chancellor of the Duchy of Lancaster at Ditchley Park over the weekend about the need for reform in the Civil Service to ensure the “mastery of deep knowledge”. Since Mr Frost has not, as far as I know, worked on defence, security or intelligence matters in the way that each of his predecessors had done, how is Mr Gove’s dictum about reform of the Civil Service to be read in the light of Mr Frost’s appointment?
My Lords, I pay tribute to the noble Lord, who was, as he told us, the first National Security Adviser. Each of those, although coming from a diplomatic background, has had different and diverse experience—the noble Lord had a particular role as chairman of the JIC. Where I do agree with him is that the Prime Minister has decided that the role of the National Security Adviser and that of the Cabinet Secretary should be divided. That will give the incumbent time to display his dedication and skills, as I have no doubt he will, in carrying out this important role.
(4 years, 5 months ago)
Lords ChamberMy Lords, it was great to again have the wisdom of the noble Lord, Lord Boswell, at the opening of this debate. I want to focus on the crucial area of justice and security co-operation with the EU. That has a direct impact on the safety and security of the British people, yet we have heard very little about what is happening in the negotiations on that.
No off-the-peg, oven-ready security arrangement with the EU is available. Different countries have different levels of access. Norway and Iceland come closest, but they are in the Schengen area. Even if Britain could get a deal as good as that of Norway and Iceland, it would provide only what a British government document in 2018 called
“a limited patchwork of cooperation”,
with
“a serious shortfall in capability”.
Therefore, logically we need an even closer security relationship than that of Norway and Iceland. It cannot be the government objective that we should leave the EU and become less safe, yet the February Command Paper devoted only four rather brief pages to this vital area.
What are the prospects of negotiating an unprecedented level of security co-operation with the EU in the coming weeks? The answer is that we simply do not know. Michael Gove told the EU Committee last week that he hoped for an agreement, largely, I think, on the basis that we have been a considerable provider of security information to the EU. However, that seems to depend on the EU being willing to abandon its own red lines.
This is not an area where EU leaders can simply cut us a political deal. These are legal instruments with specific obligations. Given the importance of this area for national security, can the Minister give us some indication of when the Government will break their radio silence about the negotiations on justice and security, and what contingency plans are they making in case there is no future relationship agreement and we fall off a security cliff edge seven months from now?
(6 years ago)
Lords ChamberMy Lords, I too congratulate my noble friend on this very timely debate. As so often, I shall be sailing largely in the wake of the noble Lord, Lord West.
The term cyber is shorthand. As this debate has already shown, it covers an enormous spectrum of issues, which is not always helpful to clarity—all the way from crime, through manipulation of opinion, right up to active disruption of critical infrastructure, and even disabling military capabilities. Part of that spectrum is a crime and part of it is a genuine national security risk. As the first National Security Adviser in 2010, we certainly found that cyber was rising up the priority list, but since then it has become even more clear that cyber is a potential threat to national security on a scale that, for example, terrorism never was, although terrorism has dominated our national security priorities for more than a decade.
Cyber is a national security threat like no other in the sense that the Government alone, as other noble Lords have said, cannot protect the public. Defending against cyber is a whole of society response, which makes it unique in the national security domain. Britain is very fortunate to have a world-leading centre of excellence in the National Cyber Security Centre. I had the privilege of being at its second birthday party this week. It is a unique organisation, certainly among the major intelligence countries. There is nothing like it in the US. It is quite striking that the Prime Minister invited the Prime Ministers of Australia, Canada and New Zealand to visit the centre during the recent Commonwealth summit to be briefed on its work. It is very well led by one of our most impressive younger civil servants, Mr Ciaran Martin, to whom I pay a warm tribute.
Why is it unique? It is a combination of three things. First, it is a highly capable 24/7 operational centre that is there all the time detecting and responding to cyber threats wherever they arise, whatever time of day or night, drawing on the world-class capacity that this country has in GCHQ. Secondly, as others have said, it is a centre of technical excellence, seeking to understand what is happening on the internet and where the attacks are coming from. Also, importantly, it gives guidance to the technical community on what to look for in their own systems to check whether a malicious code has got into them. Thirdly, and very importantly, it is a very professional public-facing function. It is the interface between the secret world and the world of helping the public with guidance that is understandable, relevant and rapid. I will say a word about each of those.
The need for permanent vigilance has been very clearly illustrated in the last few weeks. Of course, there are constant attacks from criminals, as other speakers have said. More worryingly, there is also a growing number of threats from hostile states. These present the real national security risk that I was talking about. Ciaran Martin said in his annual report this week that the centre had dealt with more than 1,000 of these hostile-state attacks in its two years of existence. He added that at some point in the future, Britain was very likely to face what is known as a category 1 incident, and I refer my noble friend to the annual report for a categorisation definition of national security aspects of cyberattack. A category 1 incident is,
“a national emergency causing sustained disruption to essential services, leading to severe economic or social consequences or to loss of life”.
For the chief executive of our National Cyber Security Centre to say that that is likely to occur at some point is quite sobering.
The series of announcements co-ordinated by a number of Governments on 4 October demonstrated the scale and the recklessness of recent Russian cyberattacks, as well as the coherence of the western response to them. Noble Lords will recall that Britain attributed an unprecedented number of recent attacks to the Russian GRU military intelligence agency. It also published evidence of what these attacks looked like so that the cyber professionals could check out their own systems. That was a very unusual thing for an intelligence-linked body to do, but it really added to the credibility of our attribution. On the same day, the Dutch revealed the antics of the GRU in the car park of the Organisation for the Prohibition of Chemical Weapons. That felt more like “Carry on Hacking” than a James Bond operation. It was ham-fisted in the extreme, but none the less it was a very graphic example of what was going on in the car parks of our countries. On the same day, the US FBI indicted seven individuals for cyberattacks.
This transparency, therefore, is certainly one of our strongest weapons in responding to attacks—and I think that the GRU had a bad day on 4 October, hopefully—but it needs to be accompanied by advice on how to prevent future attacks. Here, the National Cyber Security Centre is leading the world in developing the tools. The noble Lord, Lord West, referred to the active cyber defence programme that is helping private sector companies, charities, government departments and individuals to take the simple steps that can produce resilience against what is called the commodity attack: the high-volume attacks trying to steal our data or our money that go on all the time. The National Cyber Security Centre has removed over 138,000 phishing sites, which trick the unwary into revealing data or giving access to their systems. It has also blocked many thousands of internet domains that masquerade as government websites. All this is making us safer.
The third area of its activity is raising awareness among all users of the internet. Clear guidance that people can understand and which small companies and charities can implement is crucial. The National Cyber Security Centre is now doing more of that and undertaking initiatives to encourage more young people, especially girls, to choose cyber as a career.
In closing, I want to touch on two broader issues. The first is the issue of how we can respond. One problem of these high-level, state-based cyberattacks is that they are very difficult to attribute with certainty. It needs the skills of an organisation such as GCHQ, but it can be done. Once it is done, it raises the issue of what we do about it. Here, I want to underline the point that it is often said that the cyber domain is a wild west or a jungle. Actually, it is not. The former Attorney-General Jeremy Wright gave a very interesting speech in May on international law and cyber. He made clear that existing international law, including the UN charter, applies to the cyber activities of states. That was not just the British opinion; it was the conclusion of a UN group of experts in 2015, including Russia and China. It is important, because it means that states have the right, in international law, of self-defence under Article 51 of the UN charter in the case of a cyberattack that is equivalent to an armed attack. No country should feel that it has impunity in cyberspace and that it can inflict any level of damage without any risk or response. I hope that, when he responds, the Minister can underline that aspect of our response to cyber, because it is not often understood.
My last point links to what the noble Lord, Lord West, said about 5G. We can see developing now a really important competition between two models of the internet for the future. There is the model that has governed the internet so far: the western, liberal, open approach, sometimes exploited and abused, but with the necessary regulation, giving the economy and citizens a great deal of freedom online. There is also the Chinese model of the internet, which is about control and surveillance, amassing ever greater amounts of data on individual citizens in order to control their activities. Chinese dominance of 5G technology will be very important in the future. What kind of internet will we all be linking up to in the years to come? It is right that Governments should focus on this, as the noble Lord, Lord West, said. We need the closest co-operation among all the western, leading countries with the technology and expertise in play. If we neglect it, we may find that the internet of the future no longer supports the open economy and society that we all stand for.
As this Motion makes clear, the scale and complexity of cyber is growing, but it is not the case that this makes it impossible to defend against, or that it is someone else’s responsibility to do that. Debates such as this have an important role in raising awareness of these issues.