Telecommunications (Security) Bill Debate
Full Debate: Read Full DebateNusrat Ghani
Main Page: Nusrat Ghani (Conservative - Sussex Weald)Department Debates - View all Nusrat Ghani's debates with the Department for Digital, Culture, Media & Sport
(3 years, 6 months ago)
Commons ChamberNo, but I will never waste an opportunity, as it is obviously a joy to intervene on my right hon. Friend, who was asking how much deeper our relationship can go with a country that has sanctioned parliamentarians in this House for basically raising human rights abuses and security concerns.
I am getting so used to just doing what I am told by my hon. Friend when it is necessary that she only has to look in this direction and I give way to her—my apologies.
What I was really trying to get to the bottom of is that I do not think that this is feasible any longer. The Bill illustrates the dichotomy that lies at the heart of the Government’s position. We are trying constantly to talk about these trade relationships, but at the same time we recognise that the country that we are discussing them with is a totalitarian state that is guilty of what many, including myself, believe is a genocide of a whole ethnic group—more than one ethnic group. It is a state that is intolerant, that is suppressing democracy and free speech in Hong Kong, that is threatening Taiwan and India, and that has said that it is in possession of the South China sea. I could go on with that list. We can recognise the compilation of all those things and that there is a security risk, and yet at the same time in the other place we are told, “Don’t worry. We are still trying to do trade deals.”
It is quite interesting that we have reopened an economic and financial dialogue under a JETCO—a joint economic and trade committee—which was originally paused because of the imposition of the national security law in Hong Kong. The discussions have now restarted, although we did not hear much fanfare. We sort of discovered that they had restarted, but there was no announcement from the Dispatch Box that we were restarting them. There are no dates involved, but the discussions are restarting, despite the sanctions against individuals and so on, and despite our sanctions against Chinese officials—although I still wish that we could do more.
I note also that the European Union was heading in the same direction with its agreement, only now, because of the sanctions on its MEPs and so on, it has decided that it is not going to do that. I simply raise the question: if we think that this country and this Government —the Chinese Communist party, the Government of China—are such a potential threat, should we really be trying to reopen those doors, despite the sanctions that we have in place, the sanctions that they have put in place, and the very clear threat that they now pose to our security?
I simply say to my hon. Friend the Minister that I was going to move my amendment, which would have said that the Government should immediately declare many of these companies high-risk vendors by the very nature of the security law that exists in China. However, I would also say, in support of what has been said already, that the Government need to use the internal possibilities in our Parliament. We have a Committee that is cleared to the highest level of security in these areas, and it is important that we use that Committee. If the Government get private advice from the Committee about what it thinks is going wrong with their position, I think that will benefit and improve them.
I therefore ask my hon. Friend to take my amendment into consideration and to answer that point, to think seriously about how we can strengthen the Bill further and, if he can, to make the reservations of this place felt to his colleagues in Government. We are deeply concerned about trying to ride two bicycles at the same time: recognising a deep and growing threat to democracy not just here but around the world from the Chinese Communist party, while trying to beg China to do trade deals with us, notwithstanding the fact that it behaves so badly.
It is an honour to contribute to this measured debate, Madam Deputy Speaker. I am fearful of lowering the tone, but I have been speaking to the Minister—I congratulate him on the amount of communication he has had with us Back Benchers about our concerns—and when I was thinking about how best I could sum up our dialogue, I recalled that Ronald Reagan once said:
“The…most terrifying words in the English language are: I’m from the Government, and I’m here to help.”
I think that, for a Minister, the most terrifying words are: “I’m a Back Bencher and I really am just here to help”. So without our removing the momentum, we really are here to help.
First, I need to put on record my thanks to my right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith) for tabling the amendment, which, unfortunately, was not selected today. I also put on record my support for what my right hon. Friend the Member for New Forest East (Dr Lewis) has proposed, with the support and expertise that he can bring to the debate and legislation, and I hope that the Minister can reflect on both those opportunities down the line. There is much to welcome in the Bill, but I fear that technology can sometimes move faster than we can legislate in this country. I want to touch on two issues: one is national security and the other is resilience and diversifying our supply chain.
I will start by being very helpful as a Back Bencher. I know that the Minister may have cast his eyes on a report that I recently produced for NATO. I sit on the Science and Technology Committee and I was tasked to put together a report on science and technology threats, looking particularly at east Asia. In the report, there is a puff box that he may want to reflect on; it talks about South Korea and the amount of work that it has done in innovating and developing new technology so that it is truly resilient in its national 5G infrastructure. I believe that 85 cities will have coverage by the end of 2021, and they are not reliant on any external Government to provide them with that service, so I urge him to go away and look at what South Korea is doing and possibly see how we can become more resilient in this country.
I want to raise the subject of resilience and security because I sit on the Business, Energy and Industrial Strategy Committee and we have been undertaking a report on links back to Xinjiang. However, companies also gave evidence to us that should cause some concern for the Minister, and with regard to this piece of legislation. This is basically about companies headquartered in China that have access to data we are using or manipulating, and to algorithms we are creating here in the UK.
In particular, I want to reflect on the evidence given to the Select Committee from TikTok. We invited TikTok to come in and give evidence about its algorithms and whether it is distorting them to stop information about Xinjiang and Uyghur being out on the platform. Unfortunately, the more we dug into TikTok, the more complex and concerning it got for us.
TikTok is a media company and a platform. Most kids will have access to it, and most people here may have access to it as well. However, it has a very complex ownership structure, which is why it is important that it is reflected somewhere in the Telecommunications (Security) Bill. It is important because TikTok is a subsidiary of a global parent company, ByteDance Ltd, which is incorporated in the Cayman Islands, but there is a China-based subsidiary of the same global parent company called ByteDance (HK) Ltd.
The reason why this should be of some concern is that when we took evidence from TikTok UK’s branch, we were told that ByteDance could in no way have access to UK data and that the two things were completely separate. However, the problem is that we can legislate in this country for what we want to do to keep our country and our people’s data safe, but when a company we are working with has headquarters in China, it has to abide by completely separate sets of rules and regulations, so we end up in a two-tier system.
Let me just reflect on what a company such as ByteDance has to adhere to. I am talking about China’s National Intelligence Law 2017. My right hon. Friend the Member for Chingford and Woodford Green spoke about article 9, and I want to reflect on article 7. It states, and this has been translated into English so it may not be perfect:
“Any organization or citizen shall, in accordance with the law”—
the Chinese National Intelligence Law 2017—
“support, provide assistance and cooperate in national intelligence work, and guard the secrecy of any national intelligence work they are aware of.”
Fundamentally, companies have to hand over data when they are asked, but when they are asked by another Government—say, our Government—they have to deny that they are doing it. I am concerned about how robust our legislation is today or how robust our legislation will be going forward if companies are abiding by separate sets of intelligence laws based in China.
On a similar theme, let us take a closer look at Hikvision in particular. There was a very good recent report by Reuters, which basically states that half of London councils are using Hikvision, even though Hikvision is banned in the United States. Last week, Italian media reported that Hikvision equipment in the country was “communicating with servers” in China despite being on a supposedly closed network. I am not quite sure what “communicating with servers” means, but for me alarm bells are ringing.
The points I want to land with the Minister are: how robust is the legislation we have in place for today, let alone tomorrow, and how can we ensure that the processes to legislate in this country keep pace with the threats we are facing? I suppose the fundamental point is that China has its own National Intelligence Law, which completely contradicts what we are trying to do here in the UK. Does the Minister have any thoughts about how we can ensure that our security is not undermined by China’s National Intelligence Law? What guarantees can the Government give to constantly look at, review and update this, and also to hold to account the companies we may be anxious about?
We seem to be setting up a two-tier system: one for us in the west with the countries we work with, and a completely separate system for China and the companies it wishes to work with. I fear that, unless we put down a marker, we are going to lose out to a country such as China, and I hope that the Minister can comment on that when he comes to the Dispatch Box at the end of the debate.
It is a pleasure to speak in this debate and to follow all the right hon. and hon. Members who have made contributions.
First, new clause 1 is designed to ensure that there is an obligation on Ofcom, in legislation, to report on the adequacy of its resources and assess the adequacy of the measures taken annually by telecommunications providers to comply with their duty to take the necessary security measures. The hon. Member for Wealden (Ms Ghani) referred to security, and I will speak briefly about that shortly. It also requires Ofcom to assess future areas of security risk based on its interrogation of network providers’ asset registries. That does seem to me to be standard, but it is essential that there is regulation and control of these providers, on which so many of us—indeed, probably all of us—rely so heavily. The Minister may well believe that this obligation is already included in the Government’s Bill, and if that is the case, perhaps he will confirm that that is the position. If that is the case, I am sure that that will highlighted subsequently.
I have seen, during the privatisation of water services and other public bodies, that private companies have little desire to provide any more information than is legally required. They just give us the basics of what they want us to know. I believe that there is an obligation for Ofcom to actively regulate, and to do this we must provide adequate funding. To make this happen, is it a funding issue or can we legislate to ensure that they tell us all we need to know? I will consider the words of the Minister on this imperative regulatory function.
I want to echo the concerns of the hon. Member for Wealden, who comprehensively addressed the issues that concern us all. She referred to companies that have their headquarters in China and how that impacts on us here in the United Kingdom. Our duty in this House is to our citizens: to the citizens of Strangford, to the citizens of Wealden and to everyone across the whole of the United Kingdom of Great Britain and Northern Ireland, and we probably all seek assurances on these matters. Again I look to the Minister to do that in his summing up.
New clause 2 relates to the provision of information to the Intelligence and Security Committee. Does the Minister agree that it is imperative that the appropriate Committees have the right information on security matters? I am a firm believer in the need for information share. It has always been my policy to ensure that those around me in my political life, my social life and my personal life are aware of all the issues that concern them. It is also important that MPs have all the information on board. I am also a firm believer in the chain of command. This may well be due to years of part-time service in uniform; I spent 14 years as a part-time soldier. It is really important that the chain of command is in place. However, there are also times when it is in the interests of the nation that not all is revealed, and there will be a reason for some things being classified as top level only. I understand that; I often ask the police about things that have happened back home, and I say, “Don’t tell me anything I don’t need to know, but if you can tell me, and I can tell others, let me know that.”
Our job as parliamentarians is to scrutinise the Government, to hold Ministers to account and to strive for the good of the nation, and I ask the Minister to clarify why the Government do not feel that new clause 2 is necessary. Does he, for instance, believe that this is already accounted for? If it is, perhaps he could tell us the position on that. I would like to understand the rationale behind withholding information from a regulated Committee and what constitutes high-level information that should be withheld. Again I look to the Minister, as I often do in debates in this House, for a response to satisfy me that new clause 2 is not needed.
My final point relates to amendment 1 to clause 14, which proposes:
“The Secretary of State must, in the process of carrying out reviews and drafting subsequent reports, consult the appropriate ministers from the devolved governments.”
As a Member of Parliament, I have always wished to know what the devolved Administrations are doing. In my case, that relates to the Northern Ireland Assembly. When I saw the amendments and new clauses, I assumed that this provision would have been included as a matter of course. Surely it is a matter of the greatest importance—especially in Northern Ireland, which is fast becoming the capital of Europe’s cyber- security—that the devolved Administrations, and in this case the Northern Ireland Assembly, should have a full understanding of any emerging cases. I say with great respect to everyone else in this Chamber that the cyber sector in Northern Ireland is leaps and bounds ahead of other parts of the United Kingdom. Maybe only the south-east of England can match our level of advancement. We have incredible skills and staff available in Northern Ireland, and the cyber-security sector has grown greatly. So can the Minister reference the mechanism by which this information share can take place without any amendment? Can the Minister confirm that the Northern Ireland Assembly will have a key role to play in this, and tell us how that will work within the legislation before us today?