Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateJulia Lopez
Main Page: Julia Lopez (Conservative - Hornchurch and Upminster)Department Debates - View all Julia Lopez's debates with the Department for Digital, Culture, Media & Sport
(3 years, 1 month ago)
Commons ChamberI beg to move, That this House disagrees with Lords amendment 4.
With this it will be convenient to discuss the following:
Lords amendment 5, and Government motion to disagree.
Lords amendments 1 to 3.
I am pleased that the Bill has returned to the House from the other place and for the chance to speak to it. I thank my hon. Friend the Member for Boston and Skegness (Matt Warman) for his tremendous work in bringing it through the House earlier in this Session and in the last.
The Bill will create one of the toughest telecoms security regimes in the world. It will protect networks, even as technologies grow and evolve, shielding our telecoms critical national infrastructure both now and for the future. As the House will be aware, the Bill introduces a stronger telecoms security framework, which places new security duties on public telecoms providers and introduces new national security powers to address the risks posed by high-risk vendors.
I will briefly summarise the changes that have been made to the Bill. Lords amendments 1 to 3 were tabled by my colleague in the other place, Lord Parkinson. Lords amendment 4 relates to reporting on supply chain diversification and Lords amendment 5 relates to reviewing actions taken by Five Eyes nations regarding high-risk vendors. I will speak first to Lords amendments 1 to 3.
The important role of parliamentary scrutiny has been raised in debate throughout the passage of the Bill. In the other place, particular attention has been paid to scrutiny of our strengthened telecoms security framework. In its report on the Bill, the Delegated Powers and Regulatory Reform Committee noted that the new codes of practice were central to this framework, as they will contain specific technical information for telecoms providers. The Committee recommended that the negative procedure should be applied to the issuing of codes of practice. We carefully considered the Committee’s recommendation over the summer, and tabled amendments 1 to 3 in the other place to accept them.
The amendments will require the Government to lay a draft of any code of practice before Parliament for 40 days. Both this House and the other place will then have a period of time to scrutinise the code of practice before it is issued. These amendments demonstrate that we have listened and that we are committed to every aspect of the framework receiving appropriate parliamentary scrutiny. I commend these amendments to the House.
I will now speak to Lords amendment 4, regarding diversification. This amendment would place an annual requirement on the Government to report on the impacts of their 5G telecoms diversification strategy on the security of public telecommunications networks and services. It would also require a debate in the House on that report. The Government cannot support the amendment for two reasons. The first objection relates to the flexibility necessary for diversification. A reporting requirement of this nature is restrictive and premature. This is an evolving market that is rapidly changing, and we need the flexibility to focus our attention where it will have the greatest impact. While our focus is currently on diversifying radio access networks, once that part of the mobile network has been diversified we will move on to focus on other areas. Committing to reporting on specific criteria would limit us to reporting against the risks as we find them today and would not afford us the flexibility that diversification requires.
I am very interested in what the Minister says, because one of the major themes, and one of the big failures of the 5G debacle over Huawei, is the fact that we do not have diversification in the network. How will the Government be able to do a stocktake every year so that we as parliamentarians, and others, will be able to judge that what is being said about a commitment to diversification, which is in a lot of policy papers, is actually happening in practice?
I thank the right hon. Gentleman for his comment. Hon. Members will be able to raise in the normal way, through parliamentary questions, scrutiny at oral questions and Committee work, what we are doing in this area. We are reporting regularly on some of our diversification efforts and some of the money that we are spending from the spending review.
I accept that, although the current Government’s response to parliamentary questions these days is sometimes lacking. What benchmark, then, will the Government use for ensuring diversification? I accept that the Minister is the Minister today, but there will possibly be a future Minister—she will not be there for ever—so how are we to judge that we are actually going to get that diversification? Without that, we will end up as we have done now, with a network that is market-led and diversification is not in the market.
I appreciate the right hon. Gentleman’s concerns. We are committed to reporting to the House on a regular basis, but we do not want to limit ourselves on specifically what we will be reporting on in technological terms, because this is a rapidly evolving marketplace and we need to make sure that we have the flexibility to deal with particular infrastructure challenges as and when they come along.
My sense is that this amendment is intended to hold the Government’s feet to the fire on delivering their diversification strategy. If that is the case, a reporting requirement of this nature is unnecessary. This House and the other place already have mechanisms to hold the Government to account through parliamentary questions, as I said, and through the various Select Committees that can ably scrutinise this work. That is the appropriate way for scrutiny to take place.
Our second objection relates to focus. This is, first and foremost, a national security Bill. It is intended to strengthen the security and resilience of all our public telecoms networks, be they fixed line or mobile—2G, 3G, 4G, 5G and beyond. While the Government’s 5G telecoms diversification strategy has been developed to support that objective, it is not the sole objective of the strategy. This is market-making work. It is not a panacea to raise the security of our public networks. Moreover, the current scope of the strategy is not to address the entire telecoms market but to diversify a specific subset of it. The amendment extends the Bill beyond its intended national security focus and creates an inflexible reporting requirement on a strategy that will need to continue to evolve. We have been insistent on this position, and that is why I ask that this House disagrees with Lords amendment 4.
Lords amendment 5 would require the Secretary of State to review decisions taken by Five Eyes partners to ban telecommunications vendors on security grounds. In particular, it would require the Secretary of State to review the UK’s security arrangements with the vendor and consider whether to issue a designated vendor direction, or take a similar action, in the UK. I welcome the intention behind the amendment, which demonstrates that those in all parts of this House and the other place take the security of this country and its people incredibly seriously.
However, while we support the spirit of the amendment, we cannot accept it for four reasons. First, the House will recall that the Bill will provide the Secretary of State with the power to designate specific vendors in the interests of national security for the purpose of issuing a designated vendor direction. In clause 16 there is a non-exhaustive list of factors that the Secretary of State may take into consideration when issuing these designation notices. That list illustrates the kinds of factors we proactively consider on an ongoing basis as part of our national security work. A decision by a Five Eyes partner, or any other international partner, to ban a vendor on security grounds could be considered as part of that process, so this amendment would require us to do something that has been part of the Bill from the outset.
The key remark that the Minister made there was that it “could be” considered. We have seen the Government’s failures previously in relation to Huawei, so why should we have confidence moving forward that this will be any different?
I appreciate the hon. Member’s comments. When the Secretary of State is looking to designate a vendor, she will put that to the House to be scrutinised, and we will be scrutinised on this issue through the usual procedures that I have outlined in my previous comments.
I welcome the Minister to her place. If we look back over the past few months, even the past year or so, we see very much that the resistance early on by the UK Government with Huawei, when other Five Eyes countries were banning it, has led to a remarkable back-cost for replacing all this stuff because we failed to take an early decision. While the amendment may not be perfect, it indicates clearly a big weakness in the Government’s position, even in this very good Bill. If Five Eyes countries, which are our main allies in intelligence, spot there is a problem, we should pause, investigate the reasons why, and then come back to the House with the reasons why we disagree or agree. The amendment aims at doing that, so perhaps the Government should think about amending the Bill in such a way.
I appreciate my right hon. Friend’s comments, but it is important that we do not put in primary legislation the specific partners that we should have to listen to on these specific issues. It would create a hierarchy of diplomatic networks.
With respect, these are not specific partners; these are our closest allies when it comes to intelligence sharing. They do not get any closer than this. Working with them, as we do in sharing intelligence, means that using systems for sharing that intelligence would corrupt our own ability. I wonder whether the Minister could just slightly reset: these are not just partners.
I appreciate my right hon. Friend’s comments. The amendment would require us to do something that has been part of the legislation from the outset. We believe that our existing approach is the right way to continually consider the decisions of our international allies and partners, whether or not they are part of Five Eyes. That brings me to the second objection to the amendment, which is that it is unnecessary because we regularly engage with our Five Eyes partners and are committed to a close and enduring partnership with them. We agree with the other place that where possible, the UK Government should consider the actions of other countries when developing our own policies, and that is exactly what we do already. It is what we have been doing before and during the passage of this legislation.
The intelligence and security agencies across Five Eyes retain close co-operation, which includes frequent dialogue between the National Cyber Security Centre and its international partners. This dialogue includes the sharing of technical expertise on the security of telecoms networks and managing the risks posed by high-risk vendors. There are mechanisms in place for the NCSC to share this and wider information with the Department for Digital, Culture, Media and Sport.
Collaboration with our Five Eyes partners forms an intrinsic part of our national security work. The alliance was not created through legislation and it has not required legislation for us to develop and strengthen that relationship, and the amendment would set an unhelpful precedent. We do not need the amendment to compel us to work with our Five Eyes partners.
That takes me to our third reason for resisting the amendment, which is that the UK needs to have the flexibility to develop and encourage international relationships in addition to Five Eyes. Naming individual countries in this way would set an unhelpful precedent for national security legislation in future. As I have acknowledged, it is important that we consider the policies of our Five Eyes partners, namely New Zealand, Canada, Australia and the US, when developing our own policies, but we also need to consider the policies of a wide range of other countries, including those of our European neighbours, such as France and Germany, and those of other nations, such as Japan, South Korea and India. Stipulating in primary legislation the countries whose policies the UK Government should consider when developing our own national security policies, whether Five Eyes or other countries, would be unhelpful, given the wide-ranging nature of our international collaboration. It would be highly unusual to refer to specific countries in legislation in this way, and this Bill is not the right place to create such a precedent.
The fourth reason for resisting the amendment is that it is impractical because of the many different ways in which other countries operate their national security decision making. The amendment would require us to act whenever a ban takes place in another Five Eyes country, but it may not be immediately clear when a country has taken a decision to ban a vendor, particularly if they have relied on sensitive intelligence to make that decision.
It may not always be apparent why a particular country has banned a particular vendor. There could be any number of reasons why a foreign Government would choose to restrict a company’s ability to operate within that country. Those reasons may not be based purely on national security grounds. I welcome the intention behind the amendment, but we cannot accept it because we feel that it is duplicative, impractical, restrictive and, ultimately, unnecessary.
In summary, the House is presented with a strengthened Bill as Lords amendments 1, 2 and 3 will increase the chances of parliamentary scrutiny of the telecoms security framework. As I have set out, however, it would be inappropriate to agree to Lords amendments 4 and 5. I thank the other place for its scrutiny of the Bill. I commend Lords amendments 1, 2 and 3 to the House and ask that the House disagrees with Lords amendments 4 and 5.
I thank colleagues in the other place who have worked hard to improve the Bill. National security is the first duty of any Government and Labour will always put our country’s security first.
The pandemic has shown how important telecommunications networks are. I declare an interest as a former telecoms engineer, but I am sure I speak for the whole House in thanking all those who have kept our networks going during the pandemic. We have been dependent on them to work from home or to keep in touch with family and friends. This House could continue its important work thanks to telecommunications networks, as well as the hard work of House staff and the Speaker’s support.
A secure network is of the utmost importance. Labour welcomes the Bill’s intention while recognising its limitations. I am pleased that the Lords amendments that we are discussing reflect issues that Labour has been raising.
Lords amendment 1 seeks to improve transparency in the use of the Secretary of State’s powers to issue codes of practice to communications providers through the negative procedure. It reflects amendments that we tabled in Committee in response to the sweeping powers that the Bill gives to the Secretary of State and Ofcom. As the Comms Council UK said,
“the Minister will be able to unilaterally make decisions that impact the technical operation and direction of technology companies, with little or no oversight or accountability.”
The House has a duty to ensure that those powers are proportionate and accountable, so we are happy that the Government have bowed to pressure from Labour to strengthen parliamentary scrutiny, even if, in our view, it does not go far enough. Two consequential amendments to Lords amendment 1 set out the conditions for the 40-day scrutiny period and ensure that that time cannot be disrupted by recess or Prorogation so that this House and the other place have sufficient time to scrutinise the code.
Lords amendment 5 is cross party and designed to ensure that the Government review a vendor that is banned in a Five Eyes country. We support the amendment and find the Government’s opposition concerning, as we believe it could threaten our national security.
I find the Minister’s arguments against the amendment somewhat confused. She claims that the amendment is unnecessary because we already monitor Five Eyes countries and would always respond to the actions of our closest intelligence partners, but if that is true, why not formalise it? We are stronger together, specifically with our Five Eyes allies. Instead of putting forward further arguments, I turn to the eloquent explanation of Conservative peer Lord Blencathra:
“All it asks the Government to do…is to review the security arrangements with a telecoms provider if one of our vital, strategic Five Eyes partners bans its equipment. We are not calling for a similar immediate ban, or an eventual ban, we are just saying let us review it and come to a conclusion.”—[Official Report, House of Lords, 19 October 2021; Vol. 815, c. 99.]
We will support the amendment.
Lords amendment 4 requires the Secretary of State to report on the diversification strategy’s impact on the security of telecommunications networks. It would also allow for a debate in this House on the report to further strengthen parliamentary scrutiny. Labour supports the removal of high-risk vendors from our telecoms networks, and given the grave situation into which successive Conservative Governments have allowed our networks to fall, it is essential that the Government have the powers to remove Huawei at speed. However, we are left with only two providers, and as we heard repeatedly at every stage of this Bill’s progression, two providers is not diverse, is not resilient and is not secure.
We cannot ensure national security without a diverse supply chain, but I fear that the Government still just do not get it. Let me just take two of the Minister’s arguments. The first argument seems to be, as far as I could comprehend it, that requiring reporting would be “restrictive and premature”, but surely if the Government’s intention is to diversify the supply chain—and we have heard that we cannot have a secure network without a diversified supply chain—the only way a reporting requirement would be limiting is if the Government have no actual intention of doing anything about diversifying it.
The Minister’s second argument seems to be that this is too technologically specific. Lords amendment 4 says:
“The Secretary of State must publish an annual report on the impact of progress of the diversification of the telecommunications supply chain on the security of public electronic communication networks and services.”
Would the Minister tell me what in that is specific as to the technology? Indeed, the only specific aspect of technology is a requirement to include future technologies that may be used as a platform, such as cloud computing. I find the Minister’s reasons for not supporting this amendment concerning. I fear that the Government are just not serious about diversifying our supply chain, and that they do not really have a plan for it.
The Minister mentioned asking parliamentary questions. Just last week, I asked her what funding was available for 5G diversification, and she talked about
“a Future RAN Competition (FRANC) and opening the doors of the SmartRAN Open Network Interoperability Centre (SONIC Labs).”
I want to know how diversification is being achieved and how local sovereign UK capability is being built, not an acronym soup that is ad hoc, hard to digest and dangerously complacent.
I rise to speak in favour of Lords amendment 5, which was championed in the other place by my Friend, Lord Alton and which focuses on the Five Eyes partnership. The Minister said that the amendment was unnecessary, but I would argue that if she were to accept it, it would provide a safety net. Last year, the Government were forced into committing to removing Huawei equipment from the UK’s 5G network, which followed on from a ban by the US and Australian Governments. We had even found ourselves in a situation in which one of our closest allies publicly threatened to stop intelligence sharing with us for the first time in our 75-year partnership. I would argue that this amendment would ensure that we did not find ourselves in a similar place again.
Let me give the House an example. Despite being blacklisted by our closest ally for its ongoing links to the ongoing genocide in the Xinjiang, and a Chinese intelligence law which means that the company can not only harvest data but provide data back to the Chinese state, the surveillance company Hikvision continues to be embedded in councils, hospitals and city infrastructure up and down this country. Earlier this year, I led a Business, Energy and Industrial Strategy Committee report, “Uyghur forced labour in Xinjiang and UK value chains”, which also looked at data harvesting. I was deeply unimpressed with Hikvision’s response, and I want to put on record that I thoroughly support the Foreign Affairs Committee’s recent recommendation that the Government should forbid Hikvision from operating in the UK. My Select Committee continues its work on Xinjiang, and I look forward to meeting TikTok in the near future.
The amendment would provide a fantastic safety net to ensure that we do not find ourselves in a difficult relationship with our Five Eyes partners again. Why would we want to risk that? I urge the Minister to recognise the motivation behind the amendment, which would enable trust and deepen our intelligence sharing alliances with our closest partners as well as ensuring security at home. I also urge the Minister, if she has the time, to read the “Uyghur forced labour in Xinjiang and UK value chains” report, and in particular to focus on article 7 of China’s national intelligence law, which states that any company that is registered in China has to provide data to the Chinese Communist party on demand, and also to deny to any other state that it is doing so.
With the leave of the House, I close this debate by thanking hon. Members for their contributions to the debate and for making a number of extremely important points about national security. I am keen to address those not only now, in this legislation, but in the future, through horizon scanning for some of the challenges that are coming up.
I appreciate that some of the trust in the system has been undermined by the Huawei situation, and I am sympathetic to concerns raised about reporting, diversification and resilience. My hon. Friend the Member for Solihull (Julian Knight) is absolutely right that this legislation is just one part of a wider security framework. The development of 5G and full-fibre networks brings new security challenges, which we must be prepared for.
This legislation sets up a strong regime for handling and removing high-risk vendors from our public networks, but it is just the start. Specific security measures will be set out in secondary legislation; there will be a lot of work to do in the next stage as we draw up that legislation, and we will be publishing a code of practice explaining the technical guidance that providers can follow to comply with legal duties.
The final secondary legislation and code will be agreed through public consultation, which I hope will provide another opportunity for hon. Members who have concerns in this area to provide adequate scrutiny. I am alive to some of those concerns, but, as my hon. Friend the Member for Boston and Skegness (Matt Warman) has outlined, MPs and Peers have had multiple chances to scrutinise and feed back on our diversification strategy, and we will continue to report on developments.
I remind the Minister that the members of the ISC present tonight have written to the national security adviser on the revision of the memorandum of understanding from the Prime Minister to the ISC. We really do expect some changes to that, so that we can close the gap on supervision of things that other Select Committees cannot look at.
I thank my right hon. Friend for that point. This issue has been raised throughout the passage of the Bill; I am alive to those concerns from the ISC, which bring particular expertise and scrutiny on matters on which others cannot, by virtue of their security importance. I understand that the ISC’s Chair has written to the Cabinet Office on the matters raised, but I wish to engage with the Committee on its important work. I believe I may—