David Johnston debates involving the Department for Digital, Culture, Media & Sport during the 2019 Parliament

Tue 19th Jan 2021
Telecommunications (Security) Bill (Fourth sitting)
Public Bill Committees

Committee Debate: 4th sitting: House of Commons
Thu 14th Jan 2021
Telecommunications (Security) Bill (First sitting)
Public Bill Committees

Committee stage: 1st sitting & Committee Debate: 1st sitting: House of Commons
Thu 14th Jan 2021
Telecommunications (Security) Bill (Second sitting)
Public Bill Committees

Committee stage: 2nd sitting & Committee stage & Committee Debate: 2nd sitting: House of Commons
Mon 30th Nov 2020
Telecommunications (Security) Bill
Commons Chamber

2nd reading & 2nd reading & 2nd reading: House of Commons & Carry-over motion & Carry-over motion: House of Commons & Money resolution & Money resolution: House of Commons & Programme motion & Programme motion: House of Commons & Ways and Means resolution & Ways and Means resolution: House of Commons & 2nd reading & Programme motion & Money resolution & Ways and Means resolution & Carry-over motion

Oral Answers to Questions

David Johnston Excerpts
Thursday 26th May 2022

(2 years ago)

Commons Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Chris Philp Portrait Chris Philp
- View Speech - Hansard - - - Excerpts

Those things are already priority offences in schedule 7 to the Bill. The Bill went into Committee on Tuesday and I look forward to discussing with the shadow Minister and other Committee members ideas to improve the Bill as it goes through Parliament.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

I warmly welcome what we are doing with the Online Safety Bill to protect people from harm, because tech companies have been far too lax at doing so for far too long, but there is concern in some quarters that we will unintentionally end up restricting freedom of speech by conflating opinions that people do not like to hear with actual harms that are done online. Will my hon. Friend reassure me that we will ensure that we stay on the right side of that line and protect freedom of speech in the Bill?

Chris Philp Portrait Chris Philp
- Hansard - - - Excerpts

Yes, I can categorically give that assurance. There has been some misinformation around this issue. First, there is nothing at all in the Bill that requires social media firms to censor or prohibit speech that is legal and that is harmless to children. Reports to the contrary are quite simply untrue. In fact, there is express provision in the Bill: clause 19(2) expressly provides for a new duty on social media firms to have regard to free speech. Such a provision does not currently exist.

Draft Online Safety Bill Report

David Johnston Excerpts
Thursday 13th January 2022

(2 years, 4 months ago)

Commons Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

My right hon. and learned Friend makes an important point about flexibility. I wonder whether he is familiar with the work of the Epilepsy Society, which has found that people with photo-sensitive epilepsy are being sent flashing images in the hope that that might induce a seizure. Does he feel that that type of harm ought to be incorporated in the definitions in the Bill as well?

Jeremy Wright Portrait Jeremy Wright
- View Speech - Hansard - - - Excerpts

Sadly, I am familiar with the activity that my hon. Friend describes. Of course, it is quite possible that such activity is unlawful, in which case it may well be covered in that part of the Bill. If it is not, we must ensure that there is sufficient flexibility to cover it elsewhere.

The conflict between flexibility and specificity appears elsewhere too. The Committee is right to say, as was my hon. Friend the Member for Gosport (Dame Caroline Dinenage), that the categorisation approach to differentiating platforms that present greater harm from those that present lesser harm is too blunt an instrument. We need a more sophisticated approach based on risk profile, as the Committee says—one that recognises that risks can emerge from unexpected places and with which we can see small platforms becoming influential very quickly.

I also think that the Committee is entirely right to seek to change the emphasis of the Bill away from solely content and towards activity and systems too, because ultimately it is the ordering, promoting and manipulation of content that is the root of the problem, and that is what the Bill should seek to address. Transparency will of course be crucial in enabling the regulator to do so.

It is also right to highlight, as the report does, what needs adding to or bolstering in the Bill, whether it be anonymity, the management of end-to-end encryption, misinformation and disinformation, or age assurance and verification, which others have spoken about. There are, as the Committee says, other changes needed to the Bill. The structure at the moment is heavily dependent on risk assessments that platforms themselves conduct. There is no provision at the moment for the regulator to do something about those risk assessments being profoundly inadequate, whether by accident or design, and there clearly needs to be.

We all agree that Ofcom needs adequate sanctions to be taken seriously. I welcome, as the Committee does, the Government’s indication that they will bring forward more quickly individual director liability for information offences—in other words, failures to give Ofcom information about what is going on. We need to recognise that out of that arises the potentially fairly ludicrous situation in which an individual director might be engaging in the most appalling conduct, but so long as they are honest with the regulator about it, they are okay. That cannot be right and that is why I think the Committee is right to identify the need for an additional offence to deal with egregious conduct by directors.

The balance between parliamentary oversight and the operation of ministerial discretion in the Bill is, frankly, in the wrong place. There is too little of the former and too much of the latter. Power for Ministers to amend codes of practice in order to reflect Government policy is a particularly chilling potential infringement on the independence of the regulator. That needs to be repaired.

The final point I want to make is this: when we approach a Bill not just of this complexity but with the groundbreaking nature that my hon. Friend the Member for Gosport described, we need to do so with humility. We may not get everything right first time and there is no monopoly of wisdom. There is no example for us to look to internationally and the rest of the world is looking at us to do this first. I take the point made earlier about delay, but we are still doing it first. We need to get it right and I hope the Government will approach it with an open mind.

Independent Fan-led Review of Football Governance

David Johnston Excerpts
Thursday 25th November 2021

(2 years, 6 months ago)

Commons Chamber
Read Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts

Urgent Questions are proposed each morning by backbench MPs, and up to two may be selected each day by the Speaker. Chosen Urgent Questions are announced 30 minutes before Parliament sits each day.

Each Urgent Question requires a Government Minister to give a response on the debate topic.

This information is provided by Parallel Parliament and does not comprise part of the offical record

Nigel Huddleston Portrait Nigel Huddleston
- View Speech - Hansard - - - Excerpts

I absolutely appreciate the sense of urgency, because one basis of the report was to ensure that some of the crises that we have seen in the sport do not happen again, so there is an urgent need for action. On the process, the hon. Gentleman will appreciate that it is an independent report that the Government need to respond to formally. I do not want to pre-empt those conclusions today; we need to do some work. I can tell him, however, that my first meeting to discuss the response to the report happened this morning. I will then need to have some conversations with my right hon. Friend the Leader of the House, who is sitting next to me, about the process and where we go forward as well—I am sure that he also heard the comments of the hon. Member for Ogmore (Chris Elmore).

David Johnston Portrait David Johnston (Wantage) (Con)
- View Speech - Hansard - -

I, too, thank my hon. Friend the Member for Chatham and Aylesford (Tracey Crouch) for all her work on this excellent report. In my constituency, I have a series of very small clubs, such as Didcot Town, Wantage Town and Wallingford Town, which are often run on a shoestring by volunteers who put in their own money to keep them going. Can my hon. Friend the Minister assure me that, when he considers the report’s recommendations, he will think about how we can protect clubs such as those, not just clubs in the top two divisions? If they go, the community loses something important.

Nigel Huddleston Portrait Nigel Huddleston
- View Speech - Hansard - - - Excerpts

I absolutely agree with my hon. Friend about the pivotal role that clubs such as his play in their communities, as we have seen particularly in the last two years. It is vital that we put them on a sustainable and sound footing, so financial flows within the football ecosystem were part of the review. There is a lot of money in football, but it is not always in the right place.

Oral Answers to Questions

David Johnston Excerpts
Thursday 18th March 2021

(3 years, 2 months ago)

Commons Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
John Whittingdale Portrait Mr Whittingdale
- Hansard - - - Excerpts

As I say, the EU Commission has already provided an assessment of the UK’s data protection laws, which found us to be adequate, and there is absolutely no reason why that should not be confirmed once the processes are under way. However, we have said that it is sensible for businesses to make contingency plans by putting alternative transfer mechanisms in place, just in case there comes a point at some future date, but we expect adequacy to be granted within the timescale permitted.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

What progress his Department has made on allocating further support to the culture and heritage sector through the Culture Recovery Fund.

Oliver Dowden Portrait The Secretary of State for Digital, Culture, Media and Sport (Oliver Dowden)
- Hansard - - - Excerpts

Over £1 billion from the culture recovery fund has been allocated, including £800 million supporting almost 4,000 organisations and sites across the whole of England. More than 80% of grants and 85% of loans awarded in the first round of the fund have now been paid. As Members will have seen, an additional £390 million for the fund was announced in the Budget, taking dedicated support for culture and heritage during the pandemic to almost £2 billion—an unprecedented sum.

David Johnston Portrait David Johnston [V]
- Hansard - -

The culture recovery fund has provided a vital lifeline to many organisations in my constituency, from the Cholsey and Wallingford railway to the Oxford Philharmonic to the Didcot Railway Centre, which is a popular family attraction. Does my right hon. Friend agree that just as people have been very good at supporting their local shops during the pandemic, it would be great if, when restrictions lift, they can go and visit their local culture and heritage sites, even if they have been many times before, to help them get back on their feet?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

I completely agree. The Government have been here for culture throughout the pandemic, and as we emerge from it, I know that the public will want to be there, too. As our cultural institutions reopen, we will encourage people to get out there and support them. That includes attractions in my hon. Friend’s constituency, as he referenced, such as the Didcot Railway Centre and the Cholsey and Wallingford railway, both of which have been supported through our culture recovery fund.

Telecommunications (Security) Bill (Fourth sitting)

David Johnston Excerpts
None Portrait The Chair
- Hansard -

I am sure Members would appreciate further details on the Intel example, if you can provide that.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

Q Can I ask about the diversification strategy, which is a question I asked some of the other witnesses? The Government are rightly investing a significant amount in this. We all agree that it is needed. What do you think success looks like? Our problem at the moment is that if we take out Huawei, we have only two vendors we can use. What range would you like to see, and in what sort of timeframe?

Heba Bevan: The problem with Huawei is a bigger problem. The technology was freely created by BT and got sold to Huawei. I think that such an important technology should not have been allowed to be sold in the first place. I am sorry; this is my personal view, not a company view. I think certain technology should be kept within the country because it has a certain importance and all of us use it, so it should be kept in a certain way.

On replacing Huawei with something else, currently we do not have many options, to be honest, in terms of 5G. We have Ericsson, which is a provider of a chip. There are other providers, but they have not come out. Even looking into modules currently, UtterBerry is working on a 5G project with DCMS and the Welsh Government, and we are basically creating the first IoT solution that is completely compatible with 5G.

In terms of supplier for the chip, we have one option, which is Qualcomm. We have Ericsson as well, but they are not at the same speed as Qualcomm, so in terms of options to go with 5G, I do not think there are many suppliers in that market. The capabilities within the—

David Johnston Portrait David Johnston
- Hansard - -

Q May I briefly interrupt? I accept that there are not many suppliers now. Given the money that the Government are going to invest in trying to support having more suppliers, how many would you like to see and by what timeframe?

Heba Bevan: That depends on competition law. The more the merrier probably, at least to give each of us a choice. It would be great to have a choice and to pick the best for the situation. The problem is, given the speed at which we want to roll out 5G, I do not think we will have enough time to create many companies that can provide 5G. We have the capabilities to do it in the country, but we do not have the capability to manufacture that number and roll it out to the entire country. Perhaps Dr Andy Sellars or Nick can comment on that.

Dr Johnson: Let me chip in for a bit. In terms of diversification, there is an issue with scale. Derek McManus made this point—I listened to his contributions from Thursday—about scale. In order to serve the global telecoms operator network, you need scale. You need enough financial and technical muscle to withstand the procurement practices. There is an issue around how much you can afford to deliver, at certain profit margins, in order to make a business. It is very difficult for small companies to achieve that scale.

Speaking for myself, we are a case in point. We achieved a certain degree of scale but did not get to the point where we could compete effectively with Ericsson, Nokia or anybody else in that space. There are quite a few second-tier players around, Mavenir and Airspan, which have 5G technology that could be deployed. Is that scalable to the degree that Vodafone Group would require? Do they have the financial backing to withstand Vodafone procurement organisation? I think that is a major issue.

If you look for the sentiment of the investment community around telecoms, I do not think you will get very positive feedback. Investors are, with one or two exceptions, looking elsewhere to make money. It is a very mature market. Finding new growth in that market is very challenging. I do not have an obvious answer to how, globally, you would achieve diversification. Doing from the UK is a big challenge.

The only crumb of comfort I can offer is that we should, I think, focus on core intellectual property, as a country, strategically. If you just focus on the software, and the implementation of the technology, we will get outrun by people with much bigger and much cheaper workforces, which are as highly skilled. The only way to cement the position in the global economy is by intellectual property and ensuring that you own it, it is well protected, and you can leverage it and exploit it appropriately in that space. Some of the work that Andy is doing at the Catapult is looking at not necessarily software, but technology that could be used in 5G to improve the efficiency of radios and so on. Paradoxically, hardware-centric IP may well be very important to the effective operation of a network.

I am not giving you a very good answer here. It is a very challenging political goal, to say that we want to diversify. What is in it for us as an investment community and a technology community? I think everyone is looking elsewhere at the moment.

None Portrait The Chair
- Hansard -

I am conscious of the time. Dr Sellars, do you have anything to add to that?

Dr Sellars: Absolutely. We are in a situation where we have three monolithic suppliers—we are actually down to two monolithic suppliers. With telecom diversification, we have an opportunity to look at disaggregating parts of the network, especially for newer 5G and other services.

My background is similar to Heba’s. I am an electronic engineer by trade. I have designed electronic systems that have been manufactured in the UK and I have written software to drive those systems. In the UK we have something like 5,000 companies that design and manufacture electronic systems. Something like 600 of them are involved in telecoms. I am not suggesting that all of those 600 become equal players. That would be a crazy scenario. But there are certainly some parts of the telecom network where the UK is pre-eminent. There are some backhaul and fibre technologies that we are very good at. As we deploy 5G into rural communities, that is likely to require low Earth orbit satellites; we are very good at satellite communications.

We have clusters of activity with these things around the UK. There is a cluster of radio frequency, backhaul and satellite communications in the north-east, and of satellite manufacturing in the central belt of Scotland. We have clusters of activity in the Western Gateway and around small-cell base stations. In south Wales, we have clusters of activity in compound semiconductors, which are the next generation of chips required for 5G and other high-data rates communications. So, I think the diversification strategy goals of opening up and disaggregating the markets are certainly going in the right direction.

Ultimately, it comes to the telecom operators and how many suppliers they would like in their vendor supply chain. If we can disaggregate the network and come up with open standards for various parts of the network, such as open RAN and backhaul network gateways, that opens the playing fields and enables companies to compete equally. As I say, there are a number of UK companies that could compete. They are globally competitive and could compete on equal grounds with other companies to get access to those markets.

In terms of the timescale to do this, at the moment we have three monolithic suppliers and we are going down to two. Patching that scenario feels like a very short-term timescale, but I would indicate that a broader diversification would probably be in the order of three to five years.

Telecommunications (Security) Bill (First sitting)

David Johnston Excerpts
Committee stage & Committee Debate: 1st sitting: House of Commons
Thursday 14th January 2021

(3 years, 4 months ago)

Public Bill Committees
Read Full debate Telecommunications (Security) Act 2021 View all Telecommunications (Security) Act 2021 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 14 January 2021 - (14 Jan 2021)
Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q In the near term, it is not going to replace the hardware that we need at the moment, which the two vendors are providing. Are you talking specifically about open RAN, or are you talking about diversification or any strategy to develop a UK hardware supplier?

Andrea Donà: There is an opportunity for British companies to play an active role in the open RAN ecosystem. As we open up the interfaces of the technology, it creates a golden opportunity for British companies, with British support and know-how, to come and contribute to the development of this new technology.

Patrick Binchy: My views are broadly aligned with the previous answers. The reality of the situation that we find ourselves in is that there are only two practical vendors for the next couple of years. As both my colleagues have said, beyond that there is opportunity for ORAN.

I am not sure if it came across in the previous answers, but I would stress strongly that the first thing we need is the R&D. We need to understand how we can move this technology forward. As Derek said, trials are primarily operating in rural capacity, but to be a true competitor to the incumbents we have to be able to use it in deep urban areas, under significant loads, which needs a lot of development.

The Government can support trials and help build the ecosystem around them, but the first thing that we need is to get the research and development that will feed the trials. In terms of the Government’s development of opportunities in ORAN, it is key that they look at working with international partners. This has to be scaleable; otherwise, it is never going to be commercially viable.  The UK market will not be big enough to drive that scale and commerciality.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

Q It was widely reported that between 2009 and 2011, Vodafone found back-door vulnerabilities in equipment in Italy, and that you were assured by Huawei that they were being removed. You subsequently found that, in fact, they had not been removed. Do you have any concerns about back-door vulnerabilities in the equipment between now and 2027, and can you give us a sense of your management of that risk and what you do to try to make sure that there are not any?

Andrea Donà: Specifically on the incident you are referring to, which was in April 2019, it was a Telnet protocol, which is used by many vendors in the industry to perform diagnostic functions. It is important to note that it would have not been accessible from the internet. Detailed analysis showed that it was simply a failure to remove a function that is used, as I said, for performing diagnostics after it had been developed.

On the broader question of security and our concerns, we have always maintained the very highest level of security policies, security processes and security procurement mechanisms and frameworks. We use a layered approach to our security needs, whereby we secure by design. All our systems and process put in place guarantee the highest security standards, end to end. The UK networks and standards are the highest in the world. We constantly work hand in glove with the NCSC, and abide by all the latest NCSC guidance and policies to keep those minimum standards high every time. We have worked very closely with the NCSC to set up HCSEC, an ad hoc centre where any new Huawei equipment or software goes through rigorous checks, audits and assurances, in line and in close collaboration with NCSC.

Patrick Binchy: I do not have much to add to that. We are similarly aligned in terms of our processes, from procurement to deployment. We have security checks throughout, and separate functions to make sure that we are adhering to those. We work very closely with the NSCS and HCSEC in terms of the technologies that are in the network. Going forward, we will continue to do so. We will be reviewing the software and hardware versions that we have in place and ensuring that those are fully checked and validated. As I said earlier, we also have a full, independent view of the traffic traversing our network, so if something untoward were to start happening, we would immediately have a view of it, and would be able to shut it down independently.

Derek McManus: As I said earlier, we do not have sufficient numbers in the UK. We have fewer than 10 Huawei base stations, so although we perform all the necessary checks, we are not exposed on the scale of others in the market.

None Portrait The Chair
- Hansard -

I propose drawing this part of our deliberations to a close at 12.30 pm. We have five Members seeking to ask questions. If our panellists keep each of their answers to one minute, we will get everybody in—and we will get all the answers as well. I call Christian Matheson.

Telecommunications (Security) Bill (Second sitting)

David Johnston Excerpts
Committee stage & Committee Debate: 2nd sitting: House of Commons
Thursday 14th January 2021

(3 years, 4 months ago)

Public Bill Committees
Read Full debate Telecommunications (Security) Act 2021 View all Telecommunications (Security) Act 2021 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 14 January 2021 - (14 Jan 2021)
Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q I do not disagree on that, but let us be honest. Telecommunications is a competitive market. If we want to move to open RAN or make real generational change, the Government will have to intervene quite heavily in the market to change minds. Operators will not do it unless they see a competitive advantage. That is possibly why we have had the situation with the hardware side of it, with China buying into the market by undercutting other people and providing state subsidies, for example. Without support for R&D and actual market intervention, that radical change will not happen quickly.

Matthew Evans: I think the £250 million is clearly initially focused on the R&D ecosystem. That is a big commercial barrier when you look at the testing environment and the time it often takes for operators, understandably, to feel confident in deploying equipment into their networks, because they are ultimately responsible for the integrity of them. If we can supercharge the testing environment in the UK, we should be able to shorten the time to market, but open RAN in particular is going to require a boost in funding to accelerate the maturity of that technology.

The other part of the diversification strategy is the scale vendors that may be operating in other parts of the world but are not present in the UK today. That is why it is also important to tackle some of the regulatory or commercial barriers that exist and prevent them from entering the market today.

Hamish MacLeod: I do not think I really have anything to add to what Matt just said.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

Q I think we all support diversification in principle, but what does success look like for the two of you? How many companies would it be? We have only two vendors that we can choose from at the moment, so how many do you think is acceptable? Is there an analogous comparison for you, whether in tech or elsewhere, of the much broader choice that we should be aiming for, and how long do you think it will take to get there?

Hamish MacLeod: One of the things about open RAN and more open architecture generally is that you generate competition in the hardware and in the software—it is not one package—so I think it is realistic to expect more competition, particularly in the software side of things.

None Portrait The Chair
- Hansard -

Do you have anything to add, Mr Evans?

Matthew Evans: Not too much. It is hard to put a number on it, but success would be where we clearly have a greater number of vendors than today, and that is a mix of open and proprietary technology. As Hamish says, the reason it is hard to put a number on it is that in that open stack, you could have competition within the stack, rather than between vendors that sell the consolidated package.

David Johnston Portrait David Johnston
- Hansard - -

Q So you do not want to put a number on it, but is there another sector that you would draw a comparison with that does not have this problem and is, in principle, the sort of thing we should be aiming for here?

Hamish MacLeod: The analogy that has sometimes been used with me is looking back 40 years to the computer market. We all used to buy IBM computers and you got the computer and all the software integrated, and then the two separated out. There was interoperability and you create a lot more competition and innovation. That is a potential analogy—a rough analogy, I would say.

None Portrait The Chair
- Hansard -

Anything to add, Mr Evans?

Matthew Evans: No, that is a good analogy.

--- Later in debate ---
None Portrait The Chair
- Hansard -

Who wants to go first? It looks like it is Mr Johnston. Can I just ask you to say which of the witnesses you are directing your question to?

David Johnston Portrait David Johnston
- Hansard - -

Yes, although I was going to ask them who they think is best to answer it.

None Portrait The Chair
- Hansard -

There is always one.

--- Later in debate ---
David Johnston Portrait David Johnston
- Hansard - -

Q We asked the previous witnesses this question. When it comes to stringency on these issues, do any of you feel able to give us a sense of the international comparison between the regime that this Bill creates and regimes around the world?

John Baker: Perhaps I could take that one. This is falling in line with what is going on globally. We see initiatives coming from Spain, the EU and the US. The US is further ahead in terms of passing law on trusted suppliers, and it is now setting timelines and budgets for taking suppliers out of the network. That rip-and-replace programme is now under way. The money for that was approved in December, and operators are looking at open RAN as solutions for that. That is very similar to the activities that you are planning through this Bill in the UK.

Chris Jackson: What we have seen in Japan is strong support for this direction, but I think the UK Government have taken the lead in terms of putting forward an aggressive stance on this to ensure that the security of the country is protected. The UK is doing everything that we would expect it to, and we fully support that.

Stefano Cantarelli: Some of the things said about the diversification of the supply chain are particularly important in terms of the ability to create competition and, as such, innovation. The interoperability of interfaces is fundamental in order to boost data and to be able to create more competition. We strongly believe that competition is based in innovation, and innovation these days can create a very powerful cycle of technology. It is not like how it was in the old days when it took maybe a year, two years or three years to get things into deployment; today, in less than a year a trial can become a commercial deployment.

Pardeep Kohli: I agree with the other gentlemen. In a number of countries, operators have made the decision that, going forward, they will only buy open RAN-based solutions. Governments are supporting that in many parts of the world.

Kevan Jones Portrait Mr Jones
- Hansard - - - Excerpts

Q This question is to whoever wants to pick it up. The debate in the UK on Huawei has been around hardware, and clearly open RAN is the future. Can you give an indication of two things? First, what are the timescales for its development and deployment? Secondly, because we have got operators currently taking out Huawei kit and putting in Ericsson or Nokia kit, how do you incentivise those companies to take the open RAN approach in terms of developing a market for that product? Where are we at internationally on open RAN compared with other countries?

Pardeep Kohli: Let me start. You are right that until now it was all about hardware, because people were building proprietary hardware to supply radio products. When you do hardware-based solutions, the scale matters, because you need logistics, manufacturing capability and factories, and obviously Huawei, Ericsson and Nokia had a strong base and the logistics set up.

When you do open RAN, it is more software leaning on general-purpose hardware. Companies like us do not need manufacturing plants any more because we are only providing software, and we have the advantage that our software can run on a private cloud that an operator can build on, for example, standard Dell servers—there are plenty of them, and people can build those—or we can run it on a public cloud on Amazon or Google. If you look at the scale that Google, Amazon and Azure have, Huawei is nowhere close to their scale. In that sense, the whole matter of Huawei’s scale does not matter at all the moment you move a hardware problem to a software problem.

The same thing happens with logistics and people. For us, hardware-based solutions need people to carry the hardware around, bolt it and everything. For software, with the click of a button you can distribute it to 2,000 sites; you do not need people and logistics to drive hardware around. This is how with what we are doing—for example, we are working with Dish to build a nationwide network, and we will have 50,000 sites deployed in less than two years—not that many people are required to do all this, because the problem has moved from hardware to software.

We would like the Government and other people to understand that there is no way any company can beat Huawei with the presence it has in China alone if they take on the problem as a hardware problem. It must be converted into a software problem—that is the only way it can be solved.

On your question about how we convince operators, it is always on the point about proof. We are a 20-year-old company working with operators all over the world. We handle 60% of the world’s operators’ messaging. If you look at SMS, for example, we carry that traffic for all the operators in the UK, and voice calling. We already do more critical services: radio is important, of course, because of the connectivity, but operators are relying on us for the day-to-day services. Now we are working with them to prove that our software is as good or better than what they can get on from the incumbents. Of course, we are expecting them to participate in the journey and work with us so that we can prove to them that we are good. We have done that in all other layers of the software, so we feel that if somebody engages with us, within six to nine months we will prove to them that we are good and it works.

That is working; in terms of the whole idea that the technology does not exist, we have crossed that hurdle. Now it is more about, “Okay, does it work for this use case or that use case?”, or, “In my network, I may have some proprietary stuff I have done with existing vendors, and I want you to do that as well.” So it may take six to nine months, or even 12 months, to get there, but I think we are beyond the point where we need to prove that it works. We know it works.

--- Later in debate ---
None Portrait The Chair
- Hansard -

I think it is possibly better if I get one of the Members to put a question to you first. David.

David Johnston Portrait David Johnston
- Hansard - -

Q That was a helpful teaser of what you think about this legislation. Could you expand on exactly why you have that view on what you see as the inadequacies?

None Portrait The Chair
- Hansard -

I think that is primarily to Dr Bennett.

Dr Bennett: It is because I care very much about you succeeding with this. I think everyone in the telecoms industry wants your intentions to be met, but we have to remember that when it comes to something as complex as security in the UK telecoms network, even if everyone follows best practice, it is a question of not if there will be a security breach, but when, and how quickly you can mitigate it. The reason is that our communications network has grown like Topsy. It has multiple digital infrastructures sitting on a lot of legacy systems, including analogue systems and copper. It is a very complex system of systems, with multiple, ill-defined interfaces and literally billions of end points, many of which have no security at all; the internet of things is an example.

The question is how you can minimise the likelihood of breaches. To do that in this very complex situation, you need a balance between light-touch regulation, which Ofcom seems to prefer, particularly with tier 3 suppliers, and the absolute need for security. Looking at our absolute need for security and the recent SolarWinds compromise, the inclusion of SolarWinds Orion products in networks was considered by everyone to be perfectly sensible. It was a trusted supplier. However, the latest things that I have seen say that thousands of networks have been compromised by that. As it seems to have been a spying attack, only about 10 networks are known to have been breached, but it will take months for all of those networks to be secured, and there are other potential breaches. The NCSC recently put out a note about that to all end users.

That is typical of the kind of things we will face. If we want an infrastructure that can cope with that, we need to do a lot of things. There needs to be a very honest and open dialogue between all the telecoms suppliers, their supply chains, their subcontractors, the Government, Ofcom and other agencies.

None Portrait The Chair
- Hansard -

Q I will interrupt you there for a second, but I will come back to you. Mr Robson, do you have anything you want to add?

Julius Robson: Security is about resilience, and it is not a question of whether something will go wrong; it is a question of when. When we realise that one of our vendors is high-risk, will it take seven years to fix that problem? That is not a healthy place for our industry to be in. We want a rich diversity of suppliers working together, so that when we identify a suspect component or part in our network, there is something sitting there, warmed up and already integrated, ready to be swapped over. That is where we want to get to.

Dr Louise Bennett pointed out that there are many parts to this network; it has lots of legacy pieces. It is not a bad thing that our network is comprised of many diverse parts—that makes it less vulnerable to a single point of failure. Someone pointed out earlier that there is the idea of the weakest link—something is only as good as its weakest link—but actually, a diverse system with many different types of vendors involved is harder to take down. Maybe you can take down part of that network, but the whole thing will not fail if just one part is compromised. I think diversity is the answer to resilience in this case, and we should be looking to head in that direction.

David Johnston Portrait David Johnston
- Hansard - -

Q Just to be clear, is your critique of this legislation that you feel that something is missing from it? Or, given that you think breaches are a case of “when” rather than “if”, which I am happy to accept, is your critique that no one piece of legislation could totally protect us from this, and that it is about what the whole sector is doing to keep us secure?

Dr Bennett: It is partly to do with what the whole sector is doing, but I think some things have not had enough emphasis in the Bill. One of them is what I have called the asset database. Those of us who were involved with the millennium bug know that we spent a hell of a lot of time trying to understand what the asset database for all our networks was, in order to find the components that were likely to cause a problem. I assume that the tier 1 suppliers and our main network suppliers have a comprehensive asset database, but you actually need a well-secured asset database that goes down to the component level. Over time, as you maintain it and move some components out and other components in, you need to be clear about what has happened to them.

At a subcontractor level, that can often be extremely difficult to do. You can find someone who thinks, “Oh, it’s okay; I’ve replaced that with something, and the spec looks similar.” The spec may look similar, but when someone says, “Actually, it is version so and so of such and such a component from such and such a supplier that you now need to take out,” you will find that you do not know in your asset database that you have some of those components in it. I could not see anything in the Bill that talks about the asset databases of the companies that supply the networks we are using, and I think that omission needs to be dealt with.

That leads to another point, which is about the processes for maintaining security over time. You may now be taking out all the Huawei kit and putting other things in its place, but that is happening all the time—that maintenance is going on all the time. There is no mention in the Bill of a technical advisory board focused on the provisions of the Bill, and that would be a very helpful addition. The board would perhaps be able to point out that there were new types of components coming in that ought to be looked at or considered and that ought to be recorded in people’s asset databases, and people should make sure that happens.

Leading on from that, I also think that the processes are not as transparent as they ought to be for Parliament. It would be helpful if there was a commissioner, such as the Information Commissioner or the Investigatory Powers Commissioner. That would be helpful in keeping an eye on what is going on here, and in order to be able to help policy makers and the Secretary of State to make the right changes.

None Portrait The Chair
- Hansard -

I am just going to interrupt you there, because I am conscious of time and a couple of Members are indicating that they want to come in. I call Christian Matheson.

Online Harms Consultation

David Johnston Excerpts
Tuesday 15th December 2020

(3 years, 5 months ago)

Commons Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

On age assurance, we are looking at the sort of emerging technology whereby, for example, one can look at how children type and use artificial intelligence to see that it is a child rather than an adult. Just yesterday, I was at a company called SafeToNet, which is doing fantastic work—for example, building into social media platforms through the electronic device that a child is using, whether that is an iPad or a phone, safety features that would block pornographic images and so on. The hon. Lady also asked me about further powers that we are taking. Forgive me; I have temporarily forgotten the point that she raised, but I am happy to write to her on that point.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

I welcome my right hon. Friend’s statement. Large tech platforms build incredibly complicated models to track our every move, profile us and suggest products that we might want to buy. They even now read our messages and suggest how we might like to reply, and yet when it comes to removing harmful content, they suggest that it is too difficult for them. Does he agree that what he is setting out is well within their capabilities, as long as they have the will?

Oliver Dowden Portrait Oliver Dowden
- Hansard - - - Excerpts

My hon. Friend makes a very important point. Too often, tech firms say that they cannot do such things, but strangely, when it is in their commercial interest to do so, they find a way of doing it. This legislation is setting a clear direction of travel from Government, so that they know that we will be willing to take that action to force them to take measures in the public interest.

Telecommunications (Security) Bill

David Johnston Excerpts
2nd reading & 2nd reading: House of Commons & Carry-over motion & Carry-over motion: House of Commons & Money resolution & Money resolution: House of Commons & Programme motion & Programme motion: House of Commons & Ways and Means resolution & Ways and Means resolution: House of Commons
Monday 30th November 2020

(3 years, 5 months ago)

Commons Chamber
Read Full debate Telecommunications (Security) Act 2021 View all Telecommunications (Security) Act 2021 Debates Read Hansard Text Read Debate Ministerial Extracts
David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

It is always a pleasure to follow my right hon. Friend the Member for South Holland and The Deepings (Sir John Hayes). I welcome the Bill and congratulate the Government on it. It is a good Bill, and credit should go to the ministerial team for that. Credit should also go to my Back-Bench colleagues who have made important contributions this year. There are plenty of them, but in particular, my hon. Friend the Member for Tonbridge and Malling (Tom Tugendhat), my right hon. Friend the Member for Chingford and Woodford Green (Sir Iain Duncan Smith) and my hon. Friend the Member for Isle of Wight (Bob Seely) have helped us to get to a better Bill.

This comes a couple of weeks after Second Reading of the National Security and Investment Bill, which I also spoke in support of. As with that Bill, it is right that we devise a new regime for the risks that we think we face at this time, and we should not be too prescriptive. Our focus in 2020 is Huawei, but we have to leave this open to new threats that we might encounter, so I am comfortable with Huawei’s name not being on the face of the Bill.

I support Ofcom being given the powers to ensure that providers adhere to the new security measures that we want them to take. I also support the Government bringing forward the deadline for buying new equipment from Huawei to September 2021 and the removal of all its equipment by 2027. Of course, I would like that date to be earlier, and I maintain that there is a distinction between what the providers want to do and what is genuinely impossible for them to do, but I accept the Government’s judgment. I accept that, like any businesses making an investment decision, providers require certainty. They need to know that that is the year it is happening, and we need to stick to that. I also accept—perhaps the Minister could comment on this—that providers have an understandable concern that the decisions made by local authorities about masts and so on may further delay the roll-out, and perhaps we can support them in those decisions.



As this debate went on in 2020, I found some of the contributions—not necessarily from this House but from outside it—frustrating. One in particular was the suggestion that there are no risk-free vendors. I accept that, but when we are dealing with companies such as Nokia and Ericsson, we know that we are dealing with fundamentally different entities from companies such as Huawei. We are not concerned that Nokia and Ericsson will collaborate with intelligence agencies on spurious national security grounds, and we are not concerned that there might be back-door vulnerabilities in the equipment, as Vodafone found a decade ago; even though it was assured that they had been taken out, that was not the case. It is also fair to say that we are not concerned about malicious cyber-attacks being directed at us from the Governments of Finland and Sweden. I accept that no provider can be without any risk at all, on the basis that I accept that no system is completely foolproof, but we are dealing with very different companies in those respects, compared with those where we have concerns about the world view of the country they are headquartered in.

Yet we need more competition and more diversity of providers. We would need that, by the way, even if there were no security considerations whatsoever, because competition improves quality, choice and price. I therefore very much support the Government’s investment of £250 million. I represent a largely rural constituency, so I entirely understand the importance of connectivity generally, and of 5G for the country as a whole and for my constituency. It has been suggested that it will be worth £170 billion to our GDP in the next decade. I know that the decisions being made through the Bill will delay the roll-out and increase the cost, yet they are entirely the right decisions to take because they are about our national security. In July 2019, the Government’s own supply chain review found that successive policy decisions had meant that, although we might have achieved good commercial outcomes, we had poor cyber-security. It is therefore entirely right that the Government should now reverse that order of priority, even if it is going to cost more and take more time, and I wholly support their aspiration to have one of the toughest security regimes in the world.

Professional and Amateur Sport: Government Support

David Johnston Excerpts
Wednesday 30th September 2020

(3 years, 7 months ago)

Commons Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Nigel Huddleston Portrait Nigel Huddleston
- Hansard - - - Excerpts

The hon. Gentleman is right to stress the importance of sport. Of course, we want as many people as possible to see sports in the absence of going to stadiums. We have had success in the past—for example, having the premier league on the BBC for the first time—and we continue to have conversations with the broadcasters. There is a balance to be struck, but those conversations continue, and we appreciate his input.

David Johnston Portrait David Johnston (Wantage) (Con)
- Hansard - -

It has been a difficult time for sports clubs across my constituency, but two individuals have provided a spot of light. Charles Walker, who is 62, ran 28 half-marathons, and Lincoln Callaghan, who is five, cycled 100 km—in stages, I should add—to raise money for Didcot Town football club. They raised several thousand pounds. That is obviously not a substitute for the club’s income, but it is a welcome lifeline. Will my hon. Friend join me in congratulating them and encouraging others who are thinking about raising money for a good cause to remember their community clubs?

Nigel Huddleston Portrait Nigel Huddleston
- Hansard - - - Excerpts

I am absolutely delighted to congratulate and applaud Charles Walker and Lincoln Callaghan for those efforts. What better example could there be of sport’s pivotal role in the community and the power of sport? They have set fantastic examples and will give hope and inspiration to many more.