Commons Sense

Hansard-based summaries and metrics

<-- Back to proposed bills

Telecommunications (Security) Bill - Sitting 5

21 January 2021

Proposing MP
Philip Hollobone Con
Kettering
Type
Public Bill Committee

At a Glance

Issue Summary

Philip Hollobone discusses amendment 8 to define 'supply chain components' for the purposes of amendment 7, which aims to add the presence of supply chain components representing a security threat to the list of security compromises. Chi Onwurah discusses the importance of defining national security in relation to telecommunications infrastructure and supply chains. Philip Hollobone is addressing the Telecommunications (Security) Bill and discussing amendments related to network security and the visibility of components in the supply chain. The statement discusses the Telecommunications (Security) Bill and its provisions for network security, particularly concerning supply chain components. The amendment proposes to ensure parliamentary oversight through the Intelligence and Security Committee of Parliament on decisions made under the Telecommunications (Security) Bill. The MP is discussing the need for parliamentary scrutiny of security-related matters, particularly in relation to the Telecommunications (Security) Bill. The statement addresses concerns about the scrutiny of provisions in the Telecommunications (Security) Bill and the need for parliamentary oversight. Chi Onwurah moves a probing amendment to Clause 1 of the Telecommunications (Security) Bill, aimed at ensuring network operators conduct comprehensive audits of hardware supplied by designated or high-risk vendors. The statement discusses the need for regulatory incentives to ensure security in mobile networks and addresses concerns about dependency on network providers like Huawei.

Action Requested

Hollobone proposes defining 'supply chain components' in the Bill, but does not request any specific action beyond this definition.

Key Facts

  • Amendment 8 defines ‘supply chain components’ for amendment 7.
  • Supply chain components refer to processes involved in production, distribution and maintenance of networks and services.
  • Chi Onwurah thanks Philip Hollobone for his intervention.
  • The National Security and Investment Bill was discussed at its Third Reading the previous day.
  • Chris Matheson suggests that a defence and security review could address national security definitions no more than every five years.
  • Amendment 7 aims to extend the definition of a security compromise to include 'the presence in the network or service of supply chain components which represent a threat to national security'.
  • The amendment seeks transparency and proactive measures from providers rather than direct government directives.
  • Clause 1 creates a duty for providers to take 'appropriate and proportionate' measures to protect their networks and services from security compromises.
  • New section 105A provides the legal basis for addressing supply chain risks.
  • The National Cyber Security Centre (NCSC) plays a crucial role in determining national security risks.
  • Ofcom will publish codes of practice as part of its co-production with the Government, NCSC, and others.
  • The amendment would ensure that the Intelligence and Security Committee of Parliament is provided with reports on specified security measures.
  • Section 2(1) of the Justice and Security Act outlines the responsibilities of the ISC for monitoring intelligence agencies like MI5, MI6, GCHQ.
  • The memorandum of understanding can be altered at any time to include broader national security activities.
  • The MP emphasizes the importance of scrutiny by Parliament.
  • There are three alternatives: providing classified information to the whole House, DCMS Committee, or ISC; no scrutiny at all.
  • The ISC can ask for information but lacks legal justification to enforce it.
  • The Telecommunications Security Requirement draft was published on 13 January.
  • The draft has been provided to ISC members and other interested Committees.
  • New section 105Z of the Communications Act 2003 provides for Ofcom to produce security reports that can be published by the Secretary of State.
  • Clause 13 of the Bill provides for a review of the effectiveness of the framework after five years.
  • The amendment aims to require providers to audit goods, services, and facilities supplied or made available for their network's provision.
  • Network operators could face fines up to 10% of annual turnover or £100,000 a day under the Bill for violating obligations.
  • The amendment seeks to address questions about where Huawei equipment is located within networks.
  • Regulation should be seen as an incentive to get things right rather than a burden.
  • Huawei's presence in BT’s network grew over 15 years from small beginnings to becoming the principal vendor.
  • The UK Telecoms Supply Chain Review concluded that there was no incentive for security in mobile networks.
Assessment & feedback
Summary accuracy