National Security and Investment Bill (Third sitting) Debate
Full Debate: Read Full DebateChi Onwurah
Main Page: Chi Onwurah (Labour - Newcastle upon Tyne Central and West)Department Debates - View all Chi Onwurah's debates with the Department for Business, Energy and Industrial Strategy
(3 years, 11 months ago)
Public Bill CommitteesQ
I welcome the two witnesses from Slaughter and May. Can I ask you to introduce yourselves for the record, please?
Lisa Wright: Hi, my name is Lisa Wright and I am a partner in the competition group at Slaughter and May.
Christian Boney: Good morning. I am Christian Boney and I am a partner in the corporate mergers and acquisitions group at Slaughter and May.
Q
I am sure you are aware that many countries—the US and Canada are just two—give some sense of the factors that might be considered under a national security assessment. Do you think it would be helpful for market participants to have greater clarity about the types of factors that would be considered? How could we give that clarity while retaining the sensitivity and discretion that are needed on those matters?
Joined to that, there are cases such as Arm and DeepMind where economic security became national security over time. When considering what national security is, what links do you see between national security and economic security or sovereign capability? Can they better be reflected in the Bill?
Christian Boney: Lisa, shall I have a go at that first?
Lisa Wright: Yes, go for it.
Christian Boney: Starting with the need for factors to help inform market participants’ decisions about whether, for example, their potential transaction presents risks, yes—in short, the more guidance that can be given about the kinds of factors that the Government will consider in determining whether a transaction presents a national security concern, the better. The statement of policy intent is very helpful in framing that, but clearly the more detail that can be included, the better.
The other thing that will be important in giving people a sense of whether their transaction should be notified or whether it falls within a mandatory notification sector is the interaction that will take place through informal engagement through the investment security unit. It is very important that the process for getting informal guidance from that unit is as streamlined, interactive and responsive as it can be. That will go some way to giving practitioners realtime guidance on potential concerns.
Lisa Wright: Can I just add a point to the idea of the desire for more certainty around what national security means? I think it is worth recognising that that is particularly important if you look at where we have come from. With the existing regime under the Enterprise Act 2002, there have only ever been a dozen or so interventions on national security grounds. There is not a widespread understanding of what it means and the circumstances in which the Government would intervene. That is the historical position, but we all know that this is constantly evolving.
When you take that and add to it the fact that the prediction now is that there will be, as it says in the papers, between 70 and 90 call-ins a year, that is obviously a huge increase against the 12 since the Enterprise Act. Any greater clarity that can be given around the circumstances in which the Government would be looking to, for instance, exercise the call-in powers would be beneficial, particularly at the beginning of the regime when everybody is trying to learn the ropes.
Q
Christian Boney: I think this question really divides into two. In terms of larger corporates, investment by, and in, larger corporates is very likely to be unimpacted in any meaningful way by this legislation, because large corporates and their advisers are very used to going through regulatory clearance processes. This will just be another thing that needs to be added to the list.
I think you make a very valid point in the context of start-up and early-stage companies. The concern I would have principally is with those companies that are in that phase of their corporate life and fall within the mandatory notification sectors. Given the kinds of companies that this country is trying to encourage to flourish—those that are active in areas like artificial intelligence, advanced robotics and quantum technologies—a reasonable number of start-ups, I would expect, would fall within those mandatory notification sectors. For them, this regime is going to make the process of getting investment more time-consuming and more complex.
Anything that can be done in the process of consulting on the mandatory sectors, and anything that can be done to pair back the regime to make it more workable for companies in that stage of life, the better. An example might be some form of de minimis threshold, which is included, such that really early-stage companies do not fall within the mandatory notification regime, but the Government can nevertheless rely on their call-in power down the track, should that early-stage company becomes successful and more strategically important within the UK. Those are my principal thoughts. Lisa, do you have anything to add?
Lisa Wright: Not on that point, no
Q
To clarify, my question was this: how would you distinguish between national and economic security?
My question is more about your reflections on the Bill being narrow in its purpose to deal with national security versus the wider public interest.
Lisa Wright: It is already a very broad regime; it catches a lot of transactions, as we have just discussed. I therefore think it is important and right that it is limited, in terms of the substantive concerns that it is catching, to national security. That is already a necessarily, I think, uncertain or undefined concept. Corporates and investors can make it work as long as other aspects of the regime work efficiently. That may be subject to some of the points that Christian just made about the impact on start-ups.
I think that once you broaden the regime out from national security into other considerations, you do risk introducing quite a degree of unpredictability, which possibly would impact on people’s assessment of the investment climate in the UK. My understanding is that the existing intervention regime under the Enterprise Act is planned to remain in force, so the national security considerations will come out of that and will be dealt with under this new regime. But there will still be the ability for—[Inaudible.]
Q
Professor Martin: Thank you. My name is Ciaran Martin. I am currently a professor of practice at the Blavatnik School of Government at the University of Oxford, but until August of this year I was the founding chief executive of the National Cyber Security Centre and a member of the executive board of GCHQ, within the Government. I should also declare for these purposes, although I am not sure it is relevant, that I serve on the advisory board of a US venture capital company called Paladin.
Q
Professor Martin: Thank you for your comments, Ms Onwurah; it is nice to see you again. I speak as someone who thinks that the Government have broadly got this issue correct, in terms of their proposals in this Bill. That is not to underestimate the sheer complexity of dealing with the core, fundamental question that you rightly identify of balancing economic security and national security and of where one stops and the other begins. That is a very complicated and difficult thing to do. I think one starts with an attempt to define a core principle, which is essentially around the freedom to act. I think that if you look at something such as Arm—I would say this probably more in the case of Arm than DeepMind—and its potential ultimate sale to Nvidia, you see that the UK has less freedom of choice in a key strategic technology, which undermines its own ability.
I think there is an analogy with the little known but quite long-standing—for more than a century—work on sovereign cryptography. That is one of the areas that has long been covered by national sovereignty requirements. There are things in information security, as we used to call it, cyber-security, as we do call it, that have always needed to be fully sovereign, entirely British-made—they are not very many areas. The problem has been that as technology and communications have changed, it has been quite hard to keep up, and there are always pressures to expand that in a way that is economically harmful to competition and so on. So it needs a clever buyer within Government to identify what will be the strategic areas and what will not be.
In the area of sovereign cryptography, we end up trying to keep, depending on the era, around half a dozen or a dozen companies viable, because it is not a lucrative market. You can see the problem, but the key issue is whether there is enough, first, sovereign, but if not sovereign, friendly capability that allows us the freedom of choice to adopt key technologies. That means identifying the key technologies in the first place, evolving them over time and then having a very difficult to achieve but necessary intelligent function within Government that can evaluate the notifications that it gets. Of course, at the moment we do not have the power to do that, and that is what this Bill correctly seeks to remedy.
Q
Moving on slightly, a comment made numerous times on Second Reading was about the role of the intelligence services. Indeed, my right hon. Friend the Member for North Durham (Mr Jones) asked for more intelligence in the process. How can the Bill better ensure that the intelligence services, including the National Cyber Security Centre, have input and scrutiny and, indeed, provide their expertise as part of the process so that the appropriate decisions are taken?
Professor Martin: I think the essential, principal requirement is not the intelligence services’ involvement—although that is important and I will come to that in a minute—but the understanding of technology and technological developments within Government. These are fundamentally economic issues as well. Apart from anything else, if you look at some of the reasons why the Bill has come about, you will see that, in strategically important technologies, the Government have invested heavily in university-sponsored research and in private sector research, only to see the fruits of that research sold off. Even if that did not impact on national security, which in most cases it does, it is not a good return for the taxpayer in terms of long-term UK involvement if the intellectual property ends up being monetised elsewhere.
I have enormous respect for Mr Jones and I think he is on to something in terms of involving the national security and intelligence services, but I do not think this should be intelligence-led. In my experience—obviously, I cannot go into detail on this particular aspect of it—secret intelligence adds relatively little to your knowledge of intent. If we take Russia and China, the two big strategic threats to the UK, Russia does not have a strategy in this space. We have to worry about Russia and cyber-security because it attacks us, but it attacks us on the internet that the west has built.
China is very different. China has a technological, strategic dominance aim, but it is not a secret. It is published and has been translated into English in the Made in China 2025 strategy, as you know. Our knowledge about the precise, intricate details of how that is implemented gains relatively little from secret intelligence.
What secret intelligence does have, particularly in GCHQ and the NCSC within it, is a knowledge of how technology works in terms of the national security threat space. I think the UK has a head start on other countries, because the National Security Council innovations of the 2010s gave the intelligence services a much bigger voice at the table, and that is reflected in the structures that we have now. The UK should be well placed to be able to listen to the intelligence services, but I would encourage—not least to make sure that in this very delicate balance of trying to show that we still have an open economy and are not shutting the doors to investment—as much transparency as possible on the decision taking. It will not always be possible because GCHQ technologists will know about things—exploitations of particular bits of technology—that they cannot reveal. They will be able to tell that to secret forums within Government for consideration—I am quite confident about that: there will be a seat at the table for them.
My recommendation would be that, as far as can safely be done, the Government should be relatively open about why they make the judgements they make about strategic areas of technology and the interventions they will make once this Bill is passed—assuming that both Houses wish to pass it.
Q
Professor Martin: I suppose the mantra, if I had one, would be, “Broad powers, sparingly used, with accountability mechanisms”. It is incredibly hard to be specific about this, for two reasons: one is that new areas of technology crop up, as they invariably do, and the other is that sweeping categorisations are needed on the face of legislation.
I am not a deep technical expert—although others are available from my former organisation—but if you take sweeping, umbrella titles like “quantum” or “artificial intelligence”, there are huge swathes of that where, actually, not a lot of these powers in the Bill will be used. There will be companies that will be doing very interesting things—10 interesting things—of which only one would be caught by this Bill.
If you take areas like specialist quantum computing and so forth, I think the community of interest and expertise is actually relatively small and has relatively good relations with Government—not least because, again, while it is not perfect, the whole system of research council funding and Government investment in funding technological research is pretty good, by international standards—so you end up knowing these people. One of the reasons that this sort of policy evolution came about, which has led to the publication of the Bill before you—I remember this from discussions within Government—is that people were volunteering to come to us. World-leading experts, people who had been funded by the Government—I will not go into individual cases because it is commercially sensitive and possibly security sensitive—would come to Government and say, “Look, we’ve had this inquiry from a Chinese behemoth,” or even, “We’ve had this inquiry from a US company,” and so forth: “What do you guys think about this?” and, invariably, we would have to have an informal influencing discussion.
I do not think that some of the businesses to which this will apply will be screaming that this is horrible Government regulation and intervention in areas where that should not be made. There was already a dialogue; there was just no legislative framework. Of course, that meant that companies that felt a loyalty to the UK and so forth but that also had to look after their commercial interests were sometimes in a real bind.
To try to answer your question, I think that the powers should be fairly broad. I think there should be accountability and transparency mechanisms, so that there is assurance that they are being fairly and sparingly applied.
To be fair, there is nothing to stop MPs from asking questions about international security, but the chances of us ever getting an answer may be somewhat less.
Q
Professor Martin: I am not sure if the Bill will get in the way or help, one way or the other. I think Government technological nous across the civil service needs to be invested in properly. There is a deep, fairly sizeable reservoir in GCHQ. Again, without going into too much detail, more and more people are being transferred and seconded from there into other areas. That is a good thing, and we should welcome that rather than cast aspersions on this being all secret state stuff. It should be permeating normal Government activity.
There will be issues about how to pay for some of the specialists that are needed. I do not think we will ever compete with the big tech companies, but there may be scope for paying some specialists a bit more and bringing them in here. There is something about creating a career path for technologists in Government. There are big issues for the heads of the civil service and the permanent secretaries. If I were heading it, I would want an immediate infusion of seconded talent and private sector buy-ins relatively quickly. Government can do that quite well some- times, and sometimes not so well. There also needs to be a long-term strategy for technologists in Government.