Telecommunications (Security) Bill

Bob Stewart Excerpts
2nd reading & 2nd reading: House of Commons & Carry-over motion & Carry-over motion: House of Commons & Money resolution & Money resolution: House of Commons & Programme motion & Programme motion: House of Commons & Ways and Means resolution & Ways and Means resolution: House of Commons
Monday 30th November 2020

(3 years, 11 months ago)

Commons Chamber
Read Full debate Telecommunications (Security) Act 2021 View all Telecommunications (Security) Act 2021 Debates Read Hansard Text Read Debate Ministerial Extracts
Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

In short, yes, the right hon. Gentleman is absolutely correct. What this Bill does is bite in three respects. First, it sets out the overarching duties on mobile network operators and other telecoms providers in statute. It then empowers the Government through secondary legislation to provide further requirements on them. On top of that, for the tier 1 providers, which will basically be all the big telecoms providers, it also introduces a code of practice whereby they have to comply with that to ensure that they are secure. Across the board, the Bill tightens the requirements on them.

Bob Stewart Portrait Bob Stewart (Beckenham) (Con)
- Hansard - -

To follow up on the comments of my good friend the right hon. Member for North Durham (Mr Jones), does the Bill also give added protection to private individuals using their mobile phone, to stop them having it tapped by, say, a newspaper reporter?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I cannot imagine what my hon. Friend is alluding to. This is aimed at the telecoms providers, but in tightening the security requirements on them, it in turn, of course, tightens the security for individual telecoms users. The Bill makes it a duty for telecoms providers to comply with those directions and introduces robust penalties for those that fail to do so.

The point is that these powers will protect us against both the high-risk vendors of today and the threats of tomorrow. I know that for right hon. and hon. Members there are significant concerns about one high-risk vendor, Huawei. This has rightly attracted the attention and concern of many hon. Members and I want, first, to reassure them that I have heard them, that I am acting and that I am taking a clear-eyed approach to protecting our national security.

In July, I announced that UK telecoms providers should cease to procure any new 5G equipment from Huawei after 31 December 2020 and remove all Huawei equipment from our 5G networks by the end of 2027. This Bill enables us to implement those decisions in law.

--- Later in debate ---
Bob Stewart Portrait Bob Stewart (Beckenham) (Con)
- Hansard - -

This Bill makes sense. I agree with the right hon. Member for North Durham (Mr Jones) that it is primarily about security. It is a top priority for us to ensure the security of all telecommunications networks, particularly those that might carry classified information and that is what this Bill is all about. I particularly endorse those clauses in the Bill that give the Government robust powers to manage high-risk vendors based, of course, on National Cyber Security Centre advice. That may well also include direct guidance from other intelligence agencies as well. It is also absolutely right that the Government have placed a ban on purchasing new equipment from high-risk vendors from September 2021 and ordered the removal of high-risk vendor equipment from our networks by 2027, but, as I will go on to say, it will have implications. I wish we could achieve that earlier, but, obviously, industry needs time to manage the transition required.

The NCSC is at the forefront in developing telecommunications security requirements. It has done this in collaboration with industry and these requirements are detailed and effectively designed to establish a layered defence against cyber-attacks and infiltration. Codes of practice will devolve from these requirements and they will form a method of operation as well as being a way of calculating risks for operators Ofcom, DCMS, and NCSC. I endorse the view that these requirements and codes of practice will definitely increase the difficulty, the cost and the risks faced by a hostile player attempting to infiltrate or to compromise a UK telecommunications network, but, as the right hon. Gentleman has said, that does not mean that we are invulnerable—oh, no, it does not. There are still risks.

Next year, I gather that we will need to pass secondary legislation to endorse codes of practice that will, thereafter, be used to instruct operators on how to meet their security obligations. Such codes of practice will be policed by Ofcom—we have talked about that a little. Most certainly, it will require training on how to do this. Here there needs to be a serious interchange with the NCSC where a working relationship between the two bodies is crucial—and at cost. Of course there are penalties for this decision. Not only will this change delay the roll-out of the 5G network, but significant consequent costs will be incurred by industry. I know that industry may need the Government to support it in consequence of this decision. On the other hand, a recent report has also suggested that upgrading the UK’s 5G infrastructure could be worth about £158 billion to the economy over a 10-year period.

We have already mentioned that there are three significant vendors who provide large-scale telecommunications equipment in the UK. These are Ericsson, Nokia and Huawei. With the significant removal of Huawei as a result of this Bill, choice of vendors is of course reduced by a third, which is most certainly not ideal. It would be far better if we had more choice and competition, but we do not—that is the fact of it. However, Ericsson and Nokia are very good, trusted and long-standing companies whose security credentials are tried and trusted. I am very pleased by the idea of the open radio access network—open RAN—being developed. It is crucial to develop the UK as a world leader in 5G. Essentially, open RAN allows interconnectivity between different telecommunications mobile networks, and avoids the necessity of all components coming from just one supplier. For instance, Ericsson equipment can be interfaced with that of Nokia, or perhaps another new supplier—let’s hope so. That aids the drive towards competition andthus has cost benefits.

 

I have been an extremely good boy, Madam Deputy Speaker. I hope I am going to get a thumbs up for finishing in six minutes. I commend this Bill to the House.

Bob Stewart Portrait Bob Stewart
- Hansard - -

I got a thumbs up from Madam Deputy Speaker; I sit down with a big glow on my face.