Read Bill Ministerial Extracts
Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateBaroness Northover
Main Page: Baroness Northover (Liberal Democrat - Life peer)Department Debates - View all Baroness Northover's debates with the Department for Digital, Culture, Media & Sport
(3 years, 5 months ago)
Lords ChamberMy Lords, this has been a thoughtful debate, with contributions from several former Ministers who have worked in this area, including the noble Lords, Lord Young and Lord Vaizey, and the noble Baroness, Lady Morgan. Their insights into the challenges here are welcome. As this Second Reading has shown, we have a problem and the Bill is put forward as the solution. I thank the noble Baroness, Lady Barran, for laying out its provisions and intentions clearly.
The problem identified is the security risk potentially embedded in our telecoms systems, as exemplified by Huawei and other companies. Set against that, especially as we seek to make our own way outside the EU, is the Government’s aim that the UK should be at the forefront in science and technology, as laid out as the strategic direction for the UK in the integrated review. Therefore, there is a need to draw on the best telecoms systems, as the noble Baroness, Lady Morgan, clearly laid out.
However, in addition, balancing the ability to use whatever is best in the market globally and the need to protect our security is another vital strand. We cannot and must not use technology built on human rights abuses and thus become complicit in those abuses, rather than fight to address them. Noble Lords have set out the challenges, particularly from the rise of China, as well as the necessity of not using companies built on abuse. The experience of the middle of the 20th century marks a huge warning to us. We need only look at the history of the chemical and pharmaceutical giants that multiplied in size in Germany and were built on the appalling slave labour in the extermination camps.
We know that genocide and gross human rights abuses are not things of the past. We need to be ever vigilant. Up to 1.5 million Uighurs have been forcibly removed by the Chinese state by mass transit and put into forced labour camps in which components used in Huawei technology are made. The noble Lords, Lord Alton and Lord Balfe, and the noble Baronesses, Lady Bennett and Lady Stroud, all emphasised those important points. When the Minister winds up, as the noble Lord, Lord Alton, requested, I should like her to outline what further action the Government will be taking that regard, given the international obligation to take such action once a country becomes aware that genocide may be occurring. We have signally failed to challenge China in regard to Hong Kong. What lessons have we drawn from that? Does the Minister agree that the Bill should not simply set technological advance against security but incorporate that concern? Can any other position be justified?
The key issue is whether the Bill achieves what it sets out to do and whether it brings its own risks and possible unintended consequences. As my noble friend Lord Fox and others have said in this Second Reading debate, we support the principles of the Bill. I note that the noble Lord, Lord West, the House of Lords member on the Intelligence and Security Committee, said that the Bill rightly seeks to address concerns first raised by his committee seven years ago in its report, Foreign Involvement in the Critical National Infrastructure. He feels that the Government are finally listening to those warnings. However, as with the National Security and Investment Act, he reports that his committee is
“concerned that the Bill does not provide for sufficient parliamentary oversight of these important new powers.”
The noble Earl, Lord Erroll, and others also warned on that.
The noble Lord, Lord West, made the sensible point that if the material is sensitive, it should be submitted to the ISC—that is the very purpose of the committee. The noble Lord, Lord Holmes, just reiterated that. Alternatively, of course, we could just look behind bus stops in Kent and then gather it up and pass it to the noble Lord, Lord West.
The theme of scrutiny came through from other noble Lords. The Delegated Powers Committee has expressed reservations and my noble friend Lord Clement-Jones went further in his criticism in this regard. The Bill gives Ofcom new powers to monitor and assess the security of telecoms providers, with very heavy fines if companies are deemed to have transgressed. It introduces new controls on the use of Huawei 5G equipment, including a ban on the purchase of new equipment from the end of 2021 and a commitment to remove all equipment from 5G networks by 2027.
My noble friend Lord Fox set the Bill several tests. He asked whether the Bill’s effect can be shown to shut out the technology it is meant to shut out. Can we be assured that the Government and Ofcom have the right powers, the necessary checks and balances, and the resources to do such work? When it comes to supply chain diversification, are we able to shut out Huawei and others but still have 5G in a timely manner? My noble friend Lord Fox, the noble Baroness, Lady Morgan, and others also noted the lack of diversity we face here—the noble Baroness, Lady Morgan, identified it as a market failure—and the risks that this poses to the economic position of the United Kingdom. The noble Lord, Lord Young, pointed to the report of the noble Lord, Lord Livingston, which sets out clearly the ways in which the UK might be able to develop this industry and how that requires working with other like-minded countries so that there are common standards and codes of practice. I look forward, as no doubt others do, to receiving the letter which the noble Lord suggests the Minister should write on the matter.
We have already heard concern about the powers given to the Government and to Ofcom. We also hear of concerns about the lack of clarity and transparency, which, as my noble friend Lord Clement-Jones said, is causing great concern within the industry. The criticism is that the proposed measures are either technically unworkable or damaging to the industry. One area which my noble friend flagged is in relation to providers whose networks are not based only in the United Kingdom and which would therefore find it challenging to engage as codes might be drawn up if there is no formal structure through which this might be done. My noble friend argues for a technical advisory board, and I note also that concerns were expressed about the flexibility and future-proofing of the Bill.
The Minister spoke of the Bill applying not just to one company, one country and one threat. That clearly must be the case. I note, for example, what the noble Lord, Lord Young, said about the number of departments which might be relevant here and the newly pressing risks of cyber rather than conventional warfare, yet the absence of the DCMS Secretary of State from the National Security Council points to our being behind the curve.
Questions have been raised which will need to be considered in areas beyond the Bill. There is a wide challenge here, as the noble and gallant Lord, Lord Stirrup, the noble Lord, Lord Balfe, and others emphasised. As we move to green technology, China is far ahead of us, controlling the raw materials as well as the technology needed to power it. That competitive advantage has probably been given rocket boosters by the pandemic, as the noble Lord, Lord Alton, noted in relation to lateral flow tests. I took one the other day; it was a sort of strange little pregnancy test. Clearly, all this has brought economic benefit to the Chinese economy from our reliance on its traders for so much of the resources needed in the pandemic. As the noble Baroness, Lady Stroud, pointed out, we are moving into a different geopolitical landscape, although the noble Lord, Lord Maxton, put us as perhaps a little point in a very long historical process.
We are indeed in challenging times, out of the EU and unable therefore to strengthen our position as we could before as part of the richest trading bloc in the world. Instead, we need to find allies as the headwinds of changing superpower strengths buffet us. How closely then are we working with the EU on this as well as with the United States? The Bill marks a recognition of that challenging position, but in Committee and on Report there will no doubt be challenges as to whether it can deliver that security and moral compass which the Government claim, at the same time as we face major financial pressures, out of the EU and recovering from the pandemic. I look forward to the Minister’s response.
Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateBaroness Northover
Main Page: Baroness Northover (Liberal Democrat - Life peer)Department Debates - View all Baroness Northover's debates with the Department for Digital, Culture, Media & Sport
(3 years, 4 months ago)
Grand CommitteeMy Lords, we move into the scrutiny of the Bill, which seeks to balance the need for the United Kingdom to be at the forefront in technological development and connectivity—requiring the fastest and most efficient broadband, for example—with the need to ensure that we do not inadvertently open ourselves to malicious actors or states as we do so. It is therefore appropriate that the first group of amendments seek to strengthen the security side, recognising the complexity of modern threats. The noble Lord, Lord Alton, has as ever laid out the case extremely clearly and in detail, and I look forward to the noble Baroness, Lady Barran, replying as comprehensively. He has long made sure that in the Lords we delve deeply into these issues as we challenge the Government and hold Ministers to account.
These are sensible amendments intended to set the Bill in the context of what our allies are doing, drawing from their knowledge and experience and, as the noble Lord said, most importantly, working together. They propose actions that should be happening anyway but which we know can be easily set aside or overlooked as Governments address many pressing issues. Amendment 1 includes a duty to review telecoms vendors
“which are prohibited in other jurisdictions on security grounds”.
It is important that we both learn from other jurisdictions and act together. We have seen how China, for example, seeks to pick off states, as in its recent threat to ban Australian beef on the basis of what it had judged to be interference in its internal affairs. We also saw the Foreign Minister of New Zealand at first indicate that her country should go its own way in relation to China, clearly worried about China’s possible actions, before stepping back from that position in recognition of the fact that we really are stronger together.
There are clear risks. We see Canadian citizens used as pawns in a wider concern about Huawei. As China becomes ever more dominant economically, and under its current leadership, resistance to its positions will become ever more difficult. We have been unable even slightly to hold it back in relation to Hong Kong, and it is therefore vital that like-minded countries work together. Therefore, there are two reasons for seeing what other like-minded countries are doing: first, to see what risks they identify and, secondly, to decide whether we should act together, as we would hope they would act when we saw risks. We are of course in a weaker position globally as we are out of the EU, which has strength in numbers and economic power.
Amendment 20 would expand the powers to include ownership or investment, and this clarifies further where risks might be; for example, through the investment clout of certain players. This is clearly vital.
Amendment 27 would require the Secretary of State to review the UK’s security arrangements with countries banned by a Five Eyes partner and decide whether to issue a designated vendor direction or take similar action with regard to the UK’s arrangements with that company. This updates previous legislation where this risk was not so apparent as it is now, with the hugely increased economic and other associated power, for example, of China. Of course, the Five Eyes of the US, Canada, Australia, New Zealand and the UK are very much aligned on this. Certainly, the risks identified by the Five Eyes should be front and centre in our thinking. I would say that we should add in the EU. Had we still been in it, we would have had that major sphere of influence to strengthen our position further. That makes these amendments even more important.
As the noble Lord, Lord Alton, laid out, we have become very dependent on China in many areas. That is true not only in the area of the Bill but in the new green industries, for example. We need to be much more strategic than we have been in this regard up to now. As he also set out, we cannot build our business on human rights abuses even up to genocide.
I am sure the Minister will say that these amendments are not needed as all these actions will be taken, but they are tabled to make sure that they are. We know that this has not happened adequately up to now; we need to strengthen the Bill, as the noble Lord, Lord Alton, has stated. I therefore look forward to the Minister’s reply.
My Lords, I apologise to my colleagues that I was not able to speak at Second Reading. I am quite clear, as I suspect we all are, that the security of the UK’s telecoms infrastructure is vital. Sadly, we come pretty late to the scene. The expansion of 5G and full-fibre broadband should have happened years ago, so this is not before time.
I read economics at Cambridge and looked at a number of aspects of economic expansion there, particularly in relation to business sectors. It is all very well saying that we will try to prevent the supply chain to the UK network being dependent on a limited number of suppliers. That may be a good idea in theory, but I just reflect that we have a national grid which is every bit as important as 5G; we have one or two aircraft manufacturers, and we have a couple of shipyards, so I just wonder whether there are a whole lot of suppliers out there for the telecoms world—there will be others who are better qualified than me to judge that. However, it is clear that we need to identify areas of risk, and Huawei is clearly one of them.
I would just ask a couple of simple questions. The noble Baroness, Lady Northover, mentioned Five Eyes. Is there a co-ordinating structure for Five Eyes in relation to this particular structure? If so, where is it based, what is our contribution to it and who exactly is doing it?
Some of our colleagues may have read the recent trading standards report that has just come out—I read it only last evening. A massive number of scams is happening at this point in time and we are dealing with the trouble they cause.
Amendment 20 refers to
“a specified country or … sources connected with a specified country, including by ownership or investment”.
I have worked overseas, including in a fair number of countries in south Asia such as Pakistan, India and Sri Lanka, so I ask: who on the ground will actually be doing the work? Quite frankly, I know of nobody in any of our high commissions capable of doing that sort of analysis. Do we have a floating investigatory system? How are we going to judge the evidence properly?
On Amendment 27, we need to take care, clearly, but we must recognise that there may be a valid opportunity in a company that has upset the host Government. You and I would not know the situation, but we should be aware of that fact.
I am a bit sceptical about the security check. I made a freedom of information inquiry—it was nothing to do with telecoms—and, at the end of the day, the reason given for not producing all the evidence following my FoI request was the security of the country. It was never explained in words of one syllable—or indeed in any syllables at all—what aspect of my inquiry would affect the security of the UK. I would like to know this from the Minister: are we relying on Five Eyes or are we relying on Ofcom? Who is it specifically that will be doing this analysis?
Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateBaroness Northover
Main Page: Baroness Northover (Liberal Democrat - Life peer)Department Debates - View all Baroness Northover's debates with the Department for Digital, Culture, Media & Sport
(3 years, 4 months ago)
Grand CommitteeMy Lords, it is a privilege to speak after the noble and gallant Lord, Lord Stirrup. I support Amendment 18, in the names of the noble Lord, Lord Coaker, and the noble and gallant Lord, Lord Stirrup, and Amendment 25, which is also in the name of the noble Lord, Lord Alton.
These amendments propose a pathway forward that would ensure we are well equipped to handle the challenges that will inevitably come our way in the next decade. Amendment 18 places a requirement on the Secretary of State to create a body designed to analyse and consider existing and emergent threats in the telecommunications sector, incorporating representatives from the major bodies of our national security matrix. This body would then be required to lay an annual report before all Members of Parliament, ensuring adequate parliamentary scrutiny and oversight. Indeed, if not for Back-Bench agitation, we might still be aimlessly integrating Huawei into our critical infrastructure, lagging behind our Five Eyes allies in recognising the security threat that such high-risk vendors pose.
Amendment 25, building on the horizon scanning outlined in Amendment 18, requires the Secretary of State to publish a long-term telecommunications strategy in partnership with the aims and outcomes of our closest Five Eyes and NATO allies. In alignment with the integrated review of security, defence, development and foreign policy, this strategy would ensure that long-termism is built into our thinking across both our economic and strategic aims in the coming decade.
We have one of the most sophisticated and advanced intelligence-gathering apparatuses in the world. We are a significant asset to our Five Eyes and NATO allies and a crucial linchpin in ensuring the international order. Yet we have been slow to respond to the rapidly changing digital landscape that we find ourselves in.
An obvious example of this is the much-discussed high-risk vendor, Huawei. It is extraordinary to think that all the way back in 2013 a report from the Intelligence and Security Committee concluded that Huawei posed a risk to national security and that private providers were responsible for ensuring the security of the UK telecoms network. Yet now, according to Ofcom, Huawei accounts for about 44% of the equipment used in providing superfast full-fibre connections directly to homes, offices and other businesses in the UK.
In a Statement to Parliament last year, the Foreign Secretary made the welcome announcement that
“high-risk vendors should be excluded from all safety- related and safety-critical networks in critical national infrastructure”—[Official Report, Commons, 28/1/20; cols. 710-11.]
and yet, due to how embedded this vendor has become in our critical infrastructure and the lack of competition, Huawei, as we have heard, is not set to be removed as a provider until 2027. It should never have reached this point. A horizon-scanning body and deeper parliamentary oversight would ensure that we are not left sleeping at the wheel again. How was it that our Five Eyes allies were significantly more alert to this risk than we were?
Furthermore, without cross-body co-ordination, the rapid advances in technology we are set to witness over the coming years will make it even more difficult to adapt to threats as they manifest themselves. GCHQ Director Jeremy Fleming suggests that the UK needs to prioritise the advances in quantum computing, as well as working with allies to build better cyber defences and shape international standards and laws in cyberspace. With quantum computing becoming more mainstream, there is a risk that a sudden increase in processing power could render existing encryption methods useless.
These are just some of the challenges we face. The future of our security and sovereignty will depend on the steps we take in this Bill. According to MI5, at least 20 foreign intelligence services are actively operating against UK interests. We have a remarkable security and intelligence community but, as we enter this new era, we must accept that our ability to adapt to emerging challenges will be the defining feature that drives us forward and keeps us ahead of other nations that would challenge our national interests.
We have seen how easy it is for a digital attack to break down our critical systems. Just last month, a ransomware attack in the US took down the entire Colonial Pipeline infrastructure, which transmits nearly half the east coast’s fuel supplies. Analysts have suggested that hackers could have been inside Colonial’s IT network for weeks or even months before launching their ransomware attack.
This issue extends into the digital space. A 2018 report commissioned by the US Senate intelligence committee, The Tactics & Tropes of the Internet Research Agency—a Russian propaganda unit—revealed that there was:
“A sweeping and sustained social influence operation consisting of various coordinated disinformation tactics aimed directly at US citizens, designed to exert political influence and exacerbate social divisions in US culture”.
I posit that we may not even be aware of the scope of the disinformation and destabilisation occurring online that is challenging our sovereignty and internal security.
I support these amendments in light of the fact that it has taken considerable Back-Bench activity to alert us to the security issues posed by high-risk vendors; that we are still not thinking clearly on China; and that we need systems and structures to ensure that long-termism is built into our thinking across both our economic and strategic aims in the coming decade.
My Lords, Amendment 18 would require the Secretary of State to
“establish a body … to consider emerging and future developments for the telecommunications sector for the purposes of identifying current and emerging security threats.”
Amendment 25 would require the Secretary of State to
“publish a long-term strategy on telecommunications security and resilience.”
These are very sensible proposals, and the speakers have made a cogent case. I thank the noble Lord, Lord Coaker, for his wide-ranging and positive introduction to these amendments.
This is an extremely complex area, as we have heard, not only within our discussions of the Bill but beyond. We know from bitter experience that something can be flagged as a risk and then, without proper focus on it—given all that Governments have to focus on —follow-through is less than systematic. Think of pandemics, flagged, not least in the 2015 strategic review, yet followed through with little or no preparation. This picks up a theme that the noble Baroness, Lady Stroud, emphasised in relation to Huawei: awareness but lack of action. Therefore, the case for a body that looks at this area in the widest sense is compelling.
My Lords, I have added my name in support of Amendment 22, which the noble Lord, Lord Coaker, explained so comprehensively and so well. He has picked up an ongoing theme that has been so agitating noble Lords—especially, I note, the noble and learned Lord, Lord Judge—about the Executive increasingly and simply bypassing Parliament. I think that the noble and learned Lord will be very interested in this matter when we come to Report in the Chamber.
In this regard, I can do no better than refer the Minister to the speech by the noble Lord, Lord West, at Second Reading. He is the Lords representative on the Intelligence and Security Committee. He pointed out that this is exactly what that committee is for. It is clearly vital that Parliament has a role in what is covered under the Bill, but we also understand the potential security sensitivities here. This is where that committee can play a vital role on behalf of Parliament, but under the strict security rules under which it operates. If there are matters that the Secretary of State is withholding from publication in the interests of national security and in related areas, these must be reported to the ISC. I therefore urge the Minister to accept this amendment.