Commons Sense

Hansard-based summaries and metrics

<-- Back to proposed bills

Product Security and Telecommunications Infrastructure Bill - Sitting 2

15 March 2022

Proposing MP
Caroline Nokes Con
Romsey and Southampton North
Type
Public Bill Committee

At a Glance

Issue Summary

The statement discusses the UK's leadership in developing international regulations for IoT security and how the country can align its laws with other nations to protect consumers while minimizing burdens on businesses. The statement discusses the need for legislative action to address cybersecurity issues associated with Internet of Things (IoT) devices. The statement discusses the importance of consumer decision-making regarding product security and support duration, highlighting that market drivers alone may not be sufficient to address cybersecurity issues. Professor Carr discusses the need for consumer education regarding device longevity and the potential benefits of regulations like GDPR in driving investment in security measures. Caroline Nokes (Conservative MP for Romsey and Southampton North) concludes an evidence session of the Public Bill Committee on the Product Security and Telecommunications Infrastructure Bill. The statement discusses the need for legislative changes to accelerate the rollout of digital connectivity in the UK, focusing on full-fibre network upgrades and addressing challenges related to multi-dwelling units (MDUs) and rural areas. The MPs discuss the portrayal of operators' behavior towards landowners and the potential impact of proposed legislation on infrastructure roll-out. Caroline Nokes requests witnesses to keep their answers shorter during the discussion on the Product Security and Telecommunications Infrastructure Bill. The discussion addresses the challenges and concerns regarding the implementation of telecommunications infrastructure in multi-dwelling units, particularly focusing on landlord-tenant relationships and legal obligations. The discussion revolves around the impact of rent reductions on telecom infrastructure providers and the visual impact of upgrading existing telecommunication infrastructure. The discussion revolves around the Product Security and Telecommunications Infrastructure Bill, focusing on clauses related to extending measures to multi-dwelling units and pole networks. Caroline Nokes chairs a session to hear oral evidence from Till Sommer, head of policy at the Internet Service Providers’ Association (ISPA), regarding the Product Security and Telecommunications Infrastructure Bill. Till Sommer discusses the Product Security and Telecommunications Infrastructure Bill, focusing on access to third-party land in rural areas, alternative dispute resolution mechanisms, and upgrade rights. MP Caroline Nokes introduces Rocio Concha from Which? and Jessica Eagleton from Refuge for testimony on the Product Security and Telecommunications Infrastructure Bill. The discussion focuses on addressing concerns related to technology misuse in cases of violence against women and girls, including discussions on product security requirements, potential amendments to include online marketplaces, and funding for support services. The discussion revolves around the need for consumer awareness regarding smart home device security risks and the proposed measures to address tech abuse. The statement discusses the importance of clear product support information at the point of sale to help consumers make informed decisions.

Action Requested

There is no specific action requested, but the speakers highlight the need for the UK to continue leading in this space by endorsing best practices that are internationally recognized and supported. They emphasize the importance of maintaining a balance between regulatory standards and innovation.

Key Facts

  • The PETRAS consortium has been working on cyber-security of IoT devices for many years.
  • Over 110 organizations globally, including Microsoft, Google, Qualcomm, DCMS, RISCS, and IoT Security Foundation, have endorsed the global statement launched by Professor Carr on February 15.
  • ETSI (European Telecommunications Standards Institute) has adopted the UK's code of practice into a European norm.
  • A voluntary code of practice was published in 2018.
  • Some manufacturers have done nothing despite being put on notice since 2018.
  • Only one in five companies surveyed provided a process for security researchers to report issues.
  • Professor Carr discusses the impact of support duration on consumer decision-making.
  • David Rogers emphasizes the importance of transparency and ensuring that consumers feel protected.
  • Chris Elmore raises concerns about unregulated online marketplaces selling insecure products.
  • Four out of five IoT manufacturers still do not have a vulnerability disclosure programme.
  • TechUK's written evidence suggests that current proposals risk unintended consequences for manufacturers and consumers.
  • There are concerns about the Enforcement Body alerting the public about security risks in a way that might make devices seem obsolete or expose vulnerabilities to threat actors.
  • Caroline Nokes chairs the Public Bill Committee session on the Product Security and Telecommunications Infrastructure Bill.
  • The session involves testimony from Catherine Colloms (Openreach), Simon Holden (CityFibre), Mark Bartlett (Cellnex UK, Speed Up Britain), and Juliette Wallace (MBNL, Speed Up Britain).
  • Witnesses are to provide evidence until 3:40 pm.
  • Speed Up Britain supports policy ambitions laid out in 2017 but notes the law is not working effectively.
  • Openreach aims to build 25 million full-fibre homes and businesses by the end of 2026, underpinning the Government’s manifesto commitment of achieving 85% coverage.
  • There are approximately 6.1 million MDUs in the UK where rapid upgrade is challenging due to unresponsive landlords.
  • Openreach has over 1 billion meters of cable over poles and aims to build 6.2 million commercial rural premises, beyond Project Gigabit targets.
  • CityFibre’s footprint covers 8 million households and utilizes Openreach's infrastructure for faster rollout and environmental benefits.
  • Speed Up Britain represents MNOs including Cornerstone, MBNL, Cellnex, DMSL, WIG.
  • Since 2017, about 1,000 agreements have been completed, with 85% consensual and no need for legal processes.
  • Only 0.5% of discussions ended up in the tribunal.
  • Catherine Colloms' company fibred Salisbury fully but could only access about 79% of MDUs due to unresponsive landlords.
  • Caroline Nokes addresses a Public Bill Committee sitting for the Product Security and Telecommunications Infrastructure Bill.
  • Most multi-dwelling units are in urban areas like Hornchurch (13%) and Hastings (24%).
  • Current legislation allows landlords absolute rights to redevelop sites, impacting tenants' access to telecommunications infrastructure.
  • The policy aims to reduce costs for telecom investment in 5G but is seen as overly aggressive by some landowners.
  • 85% of agreements are consensual, though many feel coerced due to legal costs and bargaining strength imbalance.
  • Juliette Wallace mentioned that there have been a few cases of 90%-plus reductions in rent.
  • The average reduction in rent across the sector is approximately 63%.
  • Catherine Colloms demonstrated how minimal visual impact can be achieved when upgrading existing duct and pole infrastructure with new fibre cables.
  • Mark Bartlett asserts that towercos have been part of the industry since its inception, investing billions of pounds in connectivity across the UK.
  • Cellnex invests hundreds of millions of pounds annually to connect various parts of the country with small cells and tower upgrades.
  • The ability to upgrade pre-2017 infrastructure is seen as critical for delivering 5G technology efficiently.
  • Till Sommer is head of policy at the Internet Service Providers’ Association (ISPA).
  • ISPA represents both large infrastructure providers like Openreach and CityFibre, as well as smaller start-up companies.
  • Wayleaves is identified by every member who builds networks as a major barrier to broadband rollout.
  • The Bill addresses access to third-party land in rural areas to unlock additional properties for broadband roll-out.
  • Alternative dispute resolution is included on a voluntary basis, with tribunals considering ADR outcomes.
  • Upgrade rights aim to use existing infrastructure to avoid redundant construction and visual impairment.
  • Cybersecurity provisions under part 1 of the Bill mandate compliance by internet-connected devices within manufacturers' supply chains.
  • Rocio Concha is the director of policy and advocacy at Which?.
  • Jessica Eagleton is a senior policy and public affairs officer at Refuge.
  • 59% of women and children supported by Refuge last year experienced abuse involving technology.
  • 50% of all cases of violence against women and girls now involve devices.
  • Companies should take reasonable steps to address security flaws before public disclosure to prevent alerting abusers.
  • A tech abuse team provides specialist frontline support but is under-resourced.
  • Rocio Concha supports including minimum supporting periods for products through secondary legislation.
  • Jessica Eagleton mentions common devices causing problems include smart home hubs, voice assistants, TVs, plugs, light switches, and fitness trackers.
  • Refuge's approach is to empower survivors to use technology safely with a range of resources developed.
  • The statement concludes today’s sitting of the Product Security and Telecommunications Infrastructure Bill Committee.
  • The Committee will meet again on Thursday at 11.30 am in Committee Room 14 to continue line-by-line consideration of the Bill.
Assessment & feedback
Summary accuracy