Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateJohn Hayes
Main Page: John Hayes (Conservative - South Holland and The Deepings)Department Debates - View all John Hayes's debates with the Department for Digital, Culture, Media & Sport
(3 years, 6 months ago)
Commons ChamberIt is a pleasure to speak in this debate and to follow all the right hon. and hon. Members who have made contributions.
First, new clause 1 is designed to ensure that there is an obligation on Ofcom, in legislation, to report on the adequacy of its resources and assess the adequacy of the measures taken annually by telecommunications providers to comply with their duty to take the necessary security measures. The hon. Member for Wealden (Ms Ghani) referred to security, and I will speak briefly about that shortly. It also requires Ofcom to assess future areas of security risk based on its interrogation of network providers’ asset registries. That does seem to me to be standard, but it is essential that there is regulation and control of these providers, on which so many of us—indeed, probably all of us—rely so heavily. The Minister may well believe that this obligation is already included in the Government’s Bill, and if that is the case, perhaps he will confirm that that is the position. If that is the case, I am sure that that will highlighted subsequently.
I have seen, during the privatisation of water services and other public bodies, that private companies have little desire to provide any more information than is legally required. They just give us the basics of what they want us to know. I believe that there is an obligation for Ofcom to actively regulate, and to do this we must provide adequate funding. To make this happen, is it a funding issue or can we legislate to ensure that they tell us all we need to know? I will consider the words of the Minister on this imperative regulatory function.
I want to echo the concerns of the hon. Member for Wealden, who comprehensively addressed the issues that concern us all. She referred to companies that have their headquarters in China and how that impacts on us here in the United Kingdom. Our duty in this House is to our citizens: to the citizens of Strangford, to the citizens of Wealden and to everyone across the whole of the United Kingdom of Great Britain and Northern Ireland, and we probably all seek assurances on these matters. Again I look to the Minister to do that in his summing up.
New clause 2 relates to the provision of information to the Intelligence and Security Committee. Does the Minister agree that it is imperative that the appropriate Committees have the right information on security matters? I am a firm believer in the need for information share. It has always been my policy to ensure that those around me in my political life, my social life and my personal life are aware of all the issues that concern them. It is also important that MPs have all the information on board. I am also a firm believer in the chain of command. This may well be due to years of part-time service in uniform; I spent 14 years as a part-time soldier. It is really important that the chain of command is in place. However, there are also times when it is in the interests of the nation that not all is revealed, and there will be a reason for some things being classified as top level only. I understand that; I often ask the police about things that have happened back home, and I say, “Don’t tell me anything I don’t need to know, but if you can tell me, and I can tell others, let me know that.”
Our job as parliamentarians is to scrutinise the Government, to hold Ministers to account and to strive for the good of the nation, and I ask the Minister to clarify why the Government do not feel that new clause 2 is necessary. Does he, for instance, believe that this is already accounted for? If it is, perhaps he could tell us the position on that. I would like to understand the rationale behind withholding information from a regulated Committee and what constitutes high-level information that should be withheld. Again I look to the Minister, as I often do in debates in this House, for a response to satisfy me that new clause 2 is not needed.
My final point relates to amendment 1 to clause 14, which proposes:
“The Secretary of State must, in the process of carrying out reviews and drafting subsequent reports, consult the appropriate ministers from the devolved governments.”
As a Member of Parliament, I have always wished to know what the devolved Administrations are doing. In my case, that relates to the Northern Ireland Assembly. When I saw the amendments and new clauses, I assumed that this provision would have been included as a matter of course. Surely it is a matter of the greatest importance—especially in Northern Ireland, which is fast becoming the capital of Europe’s cyber- security—that the devolved Administrations, and in this case the Northern Ireland Assembly, should have a full understanding of any emerging cases. I say with great respect to everyone else in this Chamber that the cyber sector in Northern Ireland is leaps and bounds ahead of other parts of the United Kingdom. Maybe only the south-east of England can match our level of advancement. We have incredible skills and staff available in Northern Ireland, and the cyber-security sector has grown greatly. So can the Minister reference the mechanism by which this information share can take place without any amendment? Can the Minister confirm that the Northern Ireland Assembly will have a key role to play in this, and tell us how that will work within the legislation before us today?
Chillingly, the head of military intelligence recently concluded that the difference between being at war and being at peace is becoming increasingly blurred. In short, Britain is under perpetual attack.
In support of what my right hon. Friend says, he will recall that one of the main reasons why the Government felt it so difficult to rid themselves of Huawei was that there would then be only two remaining possible suppliers, and if one of them got into difficulty, we would have total dependence on a single supplier. If we do not diversify, it really has knock-on effects: we sometimes have to improperly consider using suppliers that are really a risk to our security.
As my right hon. Friend knows, it is not only the Committee on which he and I serve that has highlighted that point; other Committees of this House have, too, and the Government themselves have acknowledged it. We really need to look at how, having accepted the thrust of his argument, the Government intend to respond. What is the action plan? I know that the Minister will have much to say about this, but my right hon. Friend is absolutely right.
This is part of a wider problem of the concentration of power in the hands of what I described earlier as a handful of unaccountable corporate monopolies. There is a curious assumption that somehow those organisations will be intrinsically virtuous, but that is simply not the case. Commercial organisations are just that: they are interested in commerce. They are not there to do what Governments and this Parliament exist for, which is protecting the interests of the whole of the people.
One thing that worries me a little is that Huawei is Chinese-owned. Nokia and Ericsson are not, but they get a lot of their kit from China, so they are not pure either. That is a worry for diversification.
It is. I referred a moment or two ago to the provisions of the Bill that extend existing powers to take account of supply chains, so the point is acknowledged in the legislation. It brings me neatly—it was not scripted, I hasten to add—to the next part of my speech, because in that process much powerful regulation is put into the hands of Ofcom. I have questions about that for the Minister as this is not territory that traditionally Ofcom has navigated. It will require a step change in Ofcom’s capability and approach to manage the additional responsibilities.
Ofcom was previously responsible solely for assuring the resilience of networks. No list of mandatory standards has previously existed and historically Ofcom produced guidance that merely directed communication service providers towards the main source of advice and best practice. The responsibilities to ensure that providers comply with the new security duties will, as I said, require a step change in what Ofcom does, given that it will now have the authority to practically assess the security practices of large telecom providers, take action where security is at risk of being compromised, and make information available to the Government and provide annual security reports to Ministers.
That brings me to the issue of scrutiny, which has been addressed with by various contributors to the debate so far. Given Ofcom’s new powers, the means by which it can be held to account becomes salient. Of course, Ofcom is accountable to Ministers, but we need Ministers to be accountable, in an effective way, to this House. There is a long debate to be had about the role of various Select Committees in that regard, and it is a debate to which I have contributed previously and the Chairman of the ISC, my right hon. Friend the Member for New Forest East (Dr Lewis), has already spoken eloquently. I simply say to the Minister that there needs to be a well-established and rigorous process by which the new powers can be assessed and checked not only by Ministers of the Crown but by those to whom Ministers of the Crown are accountable. Confusing accountability and scrutiny risks weakening both by obscuring the first and diluting the second.
I know, Mr Deputy Speaker, that you would not want me to conclude any speech without some literary reference. C. S. Lewis said: “Experience: that most brutal of teachers. But you learn, my God do you learn.” The experience that I have had over 25 years in the House—of being a shadow Minister trying to hold Ministers to account, a Minister being held to account and now a Back Bencher trying hold both to account—is that unless the process is right, scrutiny simply will not be effective.
I have talked about vulnerability and the recognition of the need for greater regulation. By the way, if anything, the Bill does too little. It is a good Bill and it does a great deal that I welcome, but over time we probably need to go further. I have previously drawn the House’s attention to the history of legislation affecting security here: it has typically been periodic with few big Bills having been brought to the House that became Acts concerning matters of security. But I repeat what I have said before: I suspect that over the coming years we will have more and more legislation to ensure that our country remains secure, given the dynamism and character of the threats we now face.
I end simply with this. The Bill is good work, but it is—if I might put it as generously as I possibly can to the Minister—work in progress, and I hope that during that progress we see further attention given to the issues of both diversity in the marketplace and scrutiny by this House. A fundamental requirement of Government is to protect our infrastructure and economy and, by doing so, protect our people, for in doing that we protect all our futures.
It is a real pleasure to follow some of the speeches we have heard, particularly those from the Chairman of the ISC, my right hon. Friend the Member for New Forest East (Dr Lewis), and from my right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith).
I rise to support the Government, but I do so with some reservations, which largely reflect concerns that I still have as a member of the Intelligence and Security Committee. I am concerned about oversight and the scrutiny of decisions made by the Department for Digital, Culture, Media and Sport that will have an impact on national security. The issue is growing as commercial companies get more and more involved in such matters. The Government’s current view is that DCMS, Ofcom and the Digital, Culture, Media and Sport Committee could probably watch over these matters. Yes, they probably can, but I am not so sure.
Good. When my right hon. Friends the Members for South Holland and The Deepings (Sir John Hayes) and for Chingford and Woodford Green start talking, I know I am in trouble.
So we on the ISC are subject to section 1(1)(b) of the Official Secrets Act 1989, and, whatever side of the House we sit on, we have all been appointed to the Committee by the Prime Minister with that in mind. However, not every Member of Parliament or Clerk has signed the Official Secrets Act—some have, but many have not. Obviously, I am not being personal about colleagues because a lot of them can keep secrets far better than I can: as my wife says, I have a big mouth. Okay—but I do keep secrets of the state, Minister.
ISC Clerks have something called developed vetting security clearances, but not all DCMS Committee Clerks would. Developed vetting security clearances require the individual concerned to undergo a lengthy and somewhat intrusive investigation—some of the questions are appalling. Assuming that DCMS Clerks were to have such developed credentials and were able to handle top secret material in hard copy, such as documents that need to be secured in security-accredited lockable cabinets within a security- accredited office, anything with a top secret grading on it or an IT system with such grading would need to be accredited and checked out very carefully.
May I also raise the matter of meetings where top secret material is discussed? I may be wrong, but I do not think there is such a meeting room in the Palace or in Norman Shaw—[Interruption.] Sorry, I meant Portcullis House—I have only been here 11 years. A room with clearance would be required even for us to be able to look these documents, store them or discuss them. I do not think it is a secret that the ISC cannot meet here—we have to meet somewhere else. We go to a place that is accredited and checked, where documents can be stored and to which our Clerks have ready and easy access. All discussions concerning such a level of security take place in that room. We are not allowed to write something down and walk it out—everything has to be left there, unless it is specifically on a certain kind of paper and we are informed of that very strictly.
The product of ISC investigations can be laid before Parliament only after a redaction process with the intelligence agencies and confirmation from the Prime Minister that nothing in them might breach national security, so I think it would be rather difficult for the DCMS, Ofcom or the Digital, Culture, Media and Sport Committee to be able to oversee top secret material produced by the Department and still obey national security rules. In short, we parliamentarians might not have oversight of some key decisions made by Ofcom and DCMS. That can work—I have no doubt the Minister will say that—but we could be blindsided. The Government think otherwise at this stage, and I am prepared to accept that promise, but this might quickly run into difficulties when classified material has to be examined by people from Parliament who are specially selected to do it.
In summary, I repeat that I will be supporting the Minister—of course I will, as I am loyal, just like a dog—but it does not stop me raising a flag of concern. There will always be problems around these matters. I hope that that will not be the case but I would not be surprised if, as my right hon. Friend the Member for South Holland and The Deepings has said, we are only at the start of a process and we have to revisit this shortly.
Finally, may I apologise, Mr Deputy Speaker, as I do not feel great and I am a bit dizzy, so my voice is not the usual? I am going to sit down now.
Let me cement that point but also perhaps offer an olive branch to the Minister, if I might be so bold. If the Minister, when he sums up, were to make a firm and binding commitment that he, for example, and others will appear before the ISC at our request to be scrutinised on these and other matters, that might go some way—not the whole way, but some way—to assuaging doubts and fears.
I thank my right hon. Friend for his intervention. Again, I empathise with the point. I will happily leave it to the Minister to make his view known in his summing-up later.