Draft Product Security and Telecommunications Infrastructure (Security Requirements for Relevant Connectable Products) Regulations 2023 Debate
Full Debate: Read Full DebateStella Creasy
Main Page: Stella Creasy (Labour (Co-op) - Walthamstow)Department Debates - View all Stella Creasy's debates with the Department for Science, Innovation & Technology
(1 year, 2 months ago)
General CommitteesIt is a pleasure to serve under your chairmanship, Mr Hollobone. I do not wish to detain the Committee for long, but it strikes me that it would be useful to make a couple of observations, not least that I find myself in substantial agreement with the previous speaker about the importance of this issue.
There are so many stopped clocks around this building at this point in time. I am also now fascinated to see what will come up on my Facebook adverts as a result of the hon. Gentleman’s speech. I suspect I will be getting many about lightbulbs, and Farrow and Ball paints—people can make their own jokes out of that.
I have a few simple questions for the Minister. So far, we have talked about products and the regulation of them, but we have not talked about consumers and consumer experiences. The elephant in the room is Brexit. After all, we were signed up to regulations that were shared across a massive consumer group of 550 million consumers, which meant that we had weight when negotiating with manufacturers. Now we are not, and we are bringing in our own regulations. Whatever one thinks of that decision, it means that there will potentially be some anomalies for consumers, unless our consumers never leave this country, whether to go to Northern Ireland or to mainland Europe. Can the Minister say a little about whether the draft regulations will have an impact on guarantees on consumer standards?
In particular, a lot of people will look at the exchange rate and try to get a better deal by buying goods overseas. What will the measures mean for consumers who might want to use any of these items on their holidays? People might take a baby monitor with them, or if their watches break they might walk into an Apple store in a foreign country and ask for help. What will our having a different set of regulations mean? Should we buy an item overseas to use it here? Could the companies tell us that we have voided our guarantees because we have bought a good in a different territory, where there are different regulations and therefore potentially different software components?
Has the Minister had any conversations with his colleagues about the requirements under the Consumer Rights Act 2015? The consumer protection regulations were written at a time when we all abided by a common framework of regulations, which meant that consumers did not need to worry about these things. Now we are going it alone, so when we go overseas or bring things here from overseas, there will inevitably be conflict and confusion. The Minister said a lot about the companies and the regulations; he has not said as much about the actual consumers—our constituents—who might suddenly find that “Computer says no” repeatedly, and not know to whom they can turn to do anything about it.
I will finish these points, if I may.
On enforcement, astute colleagues have observed that it falls under the Department for Business and Trade. The previous Parliamentary Under-Secretary of State, the Minister for Small Business Consumers and Labour Markets, approved the recommendation for the OPSS to adopt the enforcement role for part 1 of the 2022 Act. The OPSS is part of the DBT and will therefore simply be enforcing the product security regime as the Secretary of State. It will begin enforcement functions as soon as the draft regulations come into force. To the question, I am reassured that the OPSS is properly resourced.
I have some final points. On the international aspect of the IOT security measures, the proportionality of implementing a given cyber-security measure for a product depends on a huge range of factors, from the product’s technical architecture to the settings in which it is ultimately deployed in. The Government are therefore mindful of the risk of imposing obligations on businesses that may in many cases be disproportionate. The Chancellor of the Duchy of Lancaster and Deputy Prime Minister, and the National Cyber Security Centre are keeping an active watch on the importance of updating that.
On SME information, I am absolutely delighted to undertake that we will provide tailored information and guidance to assist small and micro-businesses. As colleagues have observed, they do not always have the relevant bandwidth to keep abreast of technology.
My hon. Friend the Member for South Thanet asked whether the self-certification and compliance mechanism—the duty placed on manufacturers—is sufficient to cover the risk. My answer to that would be that the draft statutory instrument is in our judgment the right place to start, but it is a start. We did not want to introduce heavy-handed legislation on day one, which would undermine business confidence and trigger huge fears in the industry. We wanted to start with something that everyone could at least acknowledge—our very important basic standards—then develop that, through consultation with the House, in a proportionate and agile way. I reinforce my comments on how that is a rather different approach from the EU one.
The hon. Member for Walthamstow made an important point about consumers. On the point about SMEs, we are actively engaging with consumer groups and we will ensure that any of their concerns are also reflected in our ongoing updates.
Will the Minister clarify a simple point? Would a consumer’s guarantee be voided were they to use one of the items overseas, or if they brought an item here and used it on their connection, because there are now two different regimes?