All 1 Debates between Desmond Swayne and Nadine Dorries

Product Security and Telecommunications Infrastructure Bill

Debate between Desmond Swayne and Nadine Dorries
Wednesday 26th January 2022

(2 years, 10 months ago)

Commons Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Desmond Swayne Portrait Sir Desmond Swayne (New Forest West) (Con)
- View Speech - Hansard - -

The Secretary of State highlighted that the prices were once too high. Now we have had multiple complaints that the prices are too low. Clearly, the question of valuation is at the heart of the matter, so why did the Government explicitly exclude valuation from the scope of the consultation that preceded the Bill?

Nadine Dorries Portrait Ms Dorries
- Hansard - - - Excerpts

We have listened to landowners. We have not introduced the legislation without involving them in its development. We have included measures in the Bill that make it easier for landowners and operators to use a dispute resolution if landowners feel that they are not getting a fair price. That means greater collaboration, and it makes preposterously low offers less likely. Hopefully, a fair and reasonable price would be agreed. If landowners were not happy with it, it would go to independent arbitration. If they were then unhappy with that, they would have recourse to the courts, which we know would look very dimly on a situation where the telecom providers had been neither reasonable nor fair to landowners. We think that that is a fair and reasonable process.

Making the most of existing infrastructure can play a key role in upgrading services and increasing competition. Under the Bill, operators will have the automatic right to upgrade or share apparatus installed before the 2017 reforms. That will be subject to specific conditions to ensure that the work does not negatively impact landowners. The measures have been considered carefully to deliver significant benefits, while ensuring that there will be little impact on landowners. The Bill also rationalises the way that certain older code agreements are renewed so that they reflect the code as reformed in 2017. This means that there will be greater consistency in how agreements are renewed across the UK. On that basis, the 2017 coding agreements will not be revisited.

All those things will make much better use of existing infrastructure, reducing the need for new installations. That means less disruption with fewer street works and fewer mast installations in both rural and urban settings—something that, I am sure, will welcomed in all parts of the House. We will take away that community disruption. In response to my right hon. Friend the Member for Wokingham (John Redwood), I will take away his point about cables being laid under roads. In the area where I live, it is done under the pavement right outside my house. I would imagine that there is a good reason why that has to happen in some areas, but I will get back to him with what it is.

Secondly, we want to build stronger, more constructive relationships between network operators and potential site providers. We are introducing measures to make it easier for those two parties, when negotiating agreements to install telecoms apparatus, to use an alternative form of dispute resolution if a disagreement arises such as I have set out. This will encourage constructive dialogue between networks, operators and potential site providers. It will help new agreements be reached more quickly and address situations where landowners may feel compelled to accept terms offered by operators.

Finally, we are creating a new court process to address situations where landowners are not responsive. This process will provide a quick and inexpensive route for operators to gain access to certain types of land. Again, these measures have been developed to strike the balance between protecting landowners and ensuring that everyone across the UK has access to reliable and quick digital infrastructure.

We need this infrastructure because of the sheer demand on our networks. Just think of all the devices that are in use at this very moment. Millions of people will be switching on their smart TVs to stream a film or a series box-set, unlocking their phones or tablets to call a friend or a relative, or asking their smart speakers to play music or give information. Around this Chamber, right now, many wrists are sporting smartwatches that keep us up to date with the latest news or alert us to the fact that we have a new message from those infamous WhatsApp groups. [Laughter.] Sorry—I just couldn’t resist.

But with every connectable product that enters our lives, the risk of cyber-attack grows. In the first half of 2021 alone, we saw 1.5 billion attacks on connectable products—double the figure for the same period in 2020. Most of us assume that if a product is for sale in the UK it is safe and secure, but thousands of people in the UK have been victims of cyber-attacks. Many of them have lost significant amounts of money or have had their private data hacked and shared, and they have lost trust in the idea that they can connect with one another and go about their daily lives with confidence. This is not just damaging on a personal level; it also has serious implications for our national security. Cyber-criminals now have the ability to use compromised connectable products to attack large infrastructure. We saw this with the 2016 Mirai attack, which targeted anything from baby monitors to medical devices to home appliances to disable internet access across much of the US east coast.

In the past few years, this Government have made significant progress to strengthen the UK’s cyber-security. In 2018, we published a code for manufacturers to improve the security of their own consumer devices. We led the world on this, and that code has since been used by countries such as Australia and India to inform their own product security principles. However, the cyber landscape is constantly evolving and our approach needs to evolve with it if we want to stay safe.

We have reached the point at which legislation is required to protect citizens and networks from the harm posed by cyber-criminafls. Packaged together, the telecoms and product safety measures in the Bill will work in tandem to do just that, creating a reliable, fast broadband while supporting the growth of more secure consumer connectable products.

The Bill will enable the Government to specify a number of mandatory security requirements for smart devices. They will be set out in regulations, but manufacturers are already on notice regarding what the initial three requirements will be. The first is a ban on universal default passwords. Too often, consumer connectable products come with easy-to-guess passwords as their default setting, such as “password”, “admin” or four zeros. That makes them vulnerable to hacking, and risks compromising a user’s privacy and security right from the get-go. Under this new security requirement, all passwords that come with a new device will need to be unique and not easily guessable.

The second mandatory requirement is for manufactured consumer connectable products to provide a public point of contact so that security researchers and others can easily report when they discover security vulnerabilities, flaws and bugs in their devices. Manufacturers can then quickly identify and address any shortcomings in their products. At present, nearly 80% of firms have no such system in place.

Finally, manufacturers will be required to be completely transparent about how often, and for how long, their products will receive security updates and patches. According to the current guidance that is being commonly issued, if we update our computers regularly when asked to do so and use two-step verification, 90% of cyber-attacks can be avoided. The requirement for manufacturers to be transparent about how often their product will receive security updates is intended to help consumers to know at which point they will need to do that.

Businesses will have to give customers that information at the point of sale, and keep them updated throughout. If a product will not be covered by security updates, that must be disclosed. That will enable consumers to have all the facts that they need to make an informed decision about their purchase, to understand when the product they buy could become vulnerable, and to base their decision on whether or not to buy on that information. When the security requirements have not been complied with, businesses will not be allowed to make these products available in the UK. We will be able to monitor, investigate and take enforcement action against non-compliant businesses.

We have been setting consumer standards of this kind for decades. Every product on our shelves has met all sorts of minimum requirements, whether to ensure that it is fire-resistant or to ensure that it is not a choking or suffocation hazard. It should be no different in the digital age. The Bill allows us to protect people across the UK even as the world around us changes. It allows us to keep pace with technology as it transforms our everyday lives. Combined with the measures on the telecoms infrastructure, it will do a huge amount in the coming years to benefit our constituents and society at large.

I hope that Members will show their support for the Bill, and that the benefits can be realised as quickly as possible. I commend the Bill to the House.