Cyber Security and Resilience (Network and Information Systems) Bill (First sitting)
Freddie van Mierlo ExcerptsTuesday 3rd February 2026
(1 day, 13 hours ago)
Public Bill CommitteesRead Full debate Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 View all Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 3 February 2026 - (3 Feb 2026)
Emily Darlington (Milton Keynes Central) (Lab)
Q
David Cook: The original NIS regulations came out of a directive from 2016, so this is 10 years old now, and the world changes quickly, especially when it comes to technology. Not only is this supply chain vulnerability systemic, but it causes a significant risk to UK and global businesses. Ransomware groups, threat actors or cyber-criminals—however you want to badge that—are looking for a one-to-many model. Rather than going after each organisation piecemeal, if they can find a route through one organisation that leads to millions, they will always follow it. At the moment, they are out of scope.
The reality is that those organisations, which are global in nature, often do not pay due regard to UK law because they are acting all over the world and we are one of many jurisdictions. They are the threat vector that is allowing an attack into an organisation, but it then sits with the organisations that are attacked to deal with the fallout. Often, although they do not get away scot-free, they are outside legislative scrutiny and can carry on operating as they did before. That causes a vulnerability. The one-to-many attack route is a vulnerability, and at the moment the law is lacking in how it is equipped to deal with the fallout.
Jen Ellis: In terms of what the landscape looks like, our dialogue often has a huge focus on cyber-crime and we look a lot at data protection and that kind of thing. Last year, we saw the impact of disruptive attacks, but in the past few years we have also heard a lot more about state-sponsored attacks.
I do not know how familiar everyone in the room is with Volt Typhoon and Salt Typhoon; they were widespread nation-state attacks that were uncovered in the US. We are not immune to such attacks; we could just as easily fall victim to them. We should take the discovery of Volt Typhoon as a massive wake-up call to the fact that although we are aware of the challenge, we are not moving fast enough to address it. Volt Typhoon particularly targeted US critical infrastructure, with a view to being able to massively disrupt it at scale should a reason to do so arise. We cannot have that level of disruption across our society; the impacts would be catastrophic.
Part of what NIS is doing and what the CSRB is looking to do is to take NIS and update it to make sure that it is covering the relevant things, but I also hope that we will see a new level of urgency and an understanding that the risks are very prevalent and are coming from different sources with all sorts of different motivations. There is huge complexity, which David has spoken to, around the supply chain. We really need to see the critical infrastructure and the core service providers becoming hugely more vigilant and taking their role as providers of a critical service very seriously when it comes to security. They need to think about what they are doing to be part of the solution and to harden and protect the UK against outside interference.
David Cook: By way of example, NIS1 talks about reporting to the regulator if there is a significant impact. What we are seeing with some of the attacks that Jen has spoken about is pre-positioning, whereby a criminal or a threat actor sits on the network and the environment and waits for the day when they are going to push the big red button and cause an attack. That is outside NIS1: if that sort of issue were identified, it would not be reportable to the regulator. The regulator would therefore not have any visibility of it.
NIS2 and the Bill talk about something being identified that is caused by or is capable of causing severe operational disruption. It widens the ambit of visibility and allows the UK state, as well as regulators, to understand what is going in the environment more broadly, because if there are trends—if a number of organisations report to a regulator that they have found that pre-positioning—they know that a malicious actor is planning something. The footprints are there.
Freddie van Mierlo (Henley and Thame) (LD)
Q
Jen Ellis: You have covered a lot of territory there; I will try to break it down. If you look at the attacks last year, all the companies you mentioned were investing in cyber-security. There is a difficulty here, because there is no such thing as being bullet-proof or secure. You are always trying to raise the barriers as high as you can and make it harder for attackers to be successful. The three attacks you mentioned were highly targeted attacks. The example of Volt Typhoon in the US was also highly targeted. These are attackers who are highly motivated to go after specific entities and who will keep going until they get somewhere. It is really hard to defend against stuff like that. What you are trying to do is remove the chances of all the opportunistic stuff happening.
So, first, we are not going to become secure as such, but we are trying to minimise the risk as much as possible. Secondly, it is really complex to do it; we saw last year the examples of companies that, even though they had invested, still missed some things. Even in the discussions that they had had around cyber-insurance, they had massively underestimated the cost of the level of disruption that they experienced. Part of it is that we are still trying to figure out how things will happen, what the impacts will be and what that will look like in the long term.
There is also a long tail of companies that are not investing, or not investing enough. Hopefully, this legislation will help with that, but more importantly, you want to see regulators engaging on the issue, talking to the entities they cover and going on a journey with them to understand what the risks are and where they need to get to. If you are talking about critical providers and essential services, it is really hard for an organisation—in its own mind or in being answerable to its board or investors—to justify spend on cyber-security. If you are a hospital saying that you are putting money towards security programmes rather than beds or diagnostics, that is an incredibly difficult conversation to have. One of the good things about CSRB, hopefully, is that it will legitimise choices and conversations in which people say, “Investing time and resources into cyber-security is investing time and resources into providing a critical, essential service, and it is okay to make those pay-off choices—they have to be made.”
Part of it is that when you are running an organisation, it is so hard to think about all the different elements. The problem with cyber-security—we need to be clear about this—is that with a lot of things that we ask organisations to do, you say, “You have to make this investment to get to this point,” and then you move on. So they might take a loan, the Government might help them in some way, or they might deprioritise other spending for a set period so that they can go and invest in something, get up to date on something or build out something; then they are done, and they can move back to a normal operating state.
Security is not that. It is expensive, complex and multifaceted. We are asking organisations of all sizes in the UK, many of which are not large, to invest in perpetuity. We are asking them to increase investment over time and build maturity. That is not a small ask, so we need to understand that there are very reasonable dynamics at play here that mean that we are not where we need to be. At the same time, we need a lot more urgency and focus. It is really important to get the regulators engaged; get them to prioritise this; have them work with their sectors, bring their sectors along and build that maturity; and legitimise the investment of time and resources for critical infrastructure.
Alison Griffiths (Bognor Regis and Littlehampton) (Con)
Q
David Cook: The legislation talks about secondary legislation, so it allows for an agile, flexible programme whereby organisations can be brought within scope very quickly if concerns make that necessary. What that leaves us with, though, is that although legislation can be changed quickly, organisations often cannot. Where there is a definition, as we see with NIS2, as to which entities are in scope, organisations can embark on a multi-year programme to get into a compliant position. They can throw money at it, effectively.
What this legislation talks about, through the secondary legislation, is bringing organisations into scope and mandating specific security controls or specific requirements on those organisations in terms of security, but while the law might come in over a weekend, organisational change will not necessarily follow. There is a potential issue there. I can see the benefit and attractiveness of secondary legislation being used to achieve that aim, but having a clearer baseline as to what that sort of scope might look like—it could be ramped up or down, and the volume could be turned up or down, depending on need—would be more helpful. Reducing scope while diverging from NIS2 might be a benefit in terms of the commercial reality, but it might be a misstep in terms of security and the long tail that it takes to get more secure.
Bradley Thomas
Q
Dr Sanjana Mehta: May I weigh in on the second question first? It is good to note that the definition of reportable incident has expanded in the current legislation. One of the concerns that the post-implementation reviews had from the previous regulatory regime was that the regulated entities were under-reporting. We note that the Bill has now expanded the definition to include incidents that could have an adverse impact on the security and operations of network and information systems, in addition to those incidents that are having or have had a negative impact.
While that is clear on the one hand—some factors have been provided, such as the number of customers affected, the geographical reach and the duration of the incident—what is not clear at the moment is the thresholds linked with those factors. In the absence of those thresholds, our concern is that regulated entities may be tempted to over-report rather than under-report, thereby creating more demand on the efforts of the regulators.
We must think about regulatory capacity to deal with all the reports that come through to them, and to understand what might be the trade-offs on the regulated entities, particularly if an entity is regulated by more than one competent authority. For those entities, it would mean reporting to multiple authorities. For organisations that are small or medium-sized enterprises, there is a real concern that the trade-offs may result in procedural compliance over genuine cyber-security and resilience. We call on the Government for immediate clarification of the thresholds linked to those factors.
Jill Broom: I would like to come in on that point. Our members would agree with it. Companies need to be clear about what needs to be reported, when it needs to be reported and where they need to report it. A bit of clarity is required on that, certainly around definitions. As Sanjana said, it is good to see that the definition is expanding, but definitions such as “capable of having” a significant impact remain unclear for industry. Therefore, we need a bit more clarity, because again, it means that we could risk capturing absolutely everything that is out there, and we really want to focus on: what is most important that we need to be aware of? Determining materiality is essential before making any report.
In terms of the where and the how, we are also in favour of a single reporting platform, because that reduces friction around the process, and it allows businesses, ultimately, to know exactly where they are going. They do not need to report here for one regulator and there for another. It is a streamlined process, and it makes the regime as easy as possible to deal with, so it helps incentivise people to act upon it.
I have another point to add about the sequencing of alignment with other potential regulation. We know that, for example, the Government’s ransomware proposals include incident-reporting requirements, and they are expected to come via a different legislative vehicle. We need to be careful not to add any additional layers of complexity or other user journeys into an already complex landscape.
Freddie van Mierlo
Q
Secondly, Dr Mehta, you spoke earlier about what is not in scope in this legislation. I am particularly interested in the fact that local government is not included in it, because it has a critical role in electoral services and in local and national democracy. What do you think are the threats from leaving local government out of scope?
Jill Broom: I think that generally, our members would always call for alignment, where possible, in any kind of legislation that spans the geographies. But we understand that the Bill focuses on a particular sector—the critical national infrastructure in the UK—and we welcome the intent of it.
Dr Sanjana Mehta: On sectoral scope, with the way that the Bill is currently drafted, there is obviously flexibility to introduce new sectors, and to bring in more provisions and guidance through secondary legislation and additional guidance. That being said, our recommendation is certainly to expand the sectoral scope at this stage by bringing in public administration.
There are a number of key reasons for that. First, public administration needs to be role model of good cyber-security to the rest of the economy. I think it was the 2025 state of digital government review that pointed out that the risk of cyber-attacks on Government is critical. You mentioned local government, but there are also central Government Departments that hold and process vast amounts of personal and sensitive information; I think, for example, DWP administered £288 billion of benefits over the past year. More than 23 million people claimed some sort of benefits from DWP and, in responding to those claims, DWP must have processed huge amounts of very sensitive medical and financial information on individuals. We think it is an omission to leave it out, and we recommend that the Government consider bringing it into scope.
Lincoln Jopp (Spelthorne) (Con)
Q
Stuart McKean: I do not think the cyber-criminal really cares, to be blunt. They will attack anywhere. You can, of course—
Freddie van Mierlo
Q
Dr Ian Levy: In October 2025, we had an incident that had quite a widespread impact. We have engaged with regulators around the world, including multiple regulators in the UK, to explain what happened. We published, quite transparently, what had happened during the incident and afterwards. Explaining how the part of the organisation that had built that particular system works is very time-consuming. It is also almost certainly out of date by the time we have finished. In that particular case, it was something called a “race condition”, which is a well understood computer-science hard problem. No amount of regulation or legislation would have made a difference, because it was a race condition, and they are incredibly hard to find in software.
I think that regulating outcomes is the right answer, and making sure that we are doing due diligence, and that our view of appropriate risk management is broadly the same as yours, without making us a national security entity. That is the challenge. How we run our business is not really relevant; it is the outcomes that matter.
Matt Houlihan: It is increasingly important that businesses, parliamentarians and Government officials work together on these issues. As we said earlier, the pace of change in terms of the technology, and indeed the business environment—at both the UK and global levels—is moving very quickly. Having that exchange of information will be important.
It is important—from an international business point of view—that regulation is as aligned as is practicable with the other jurisdictions that a lot of the companies here will be working in. That will not only benefit companies that are headquartered elsewhere and operate in the UK; it will benefit UK-headquartered companies that are looking to expand abroad. It must also be proportionate and targeted. I think that at the nub of your question, there is clearly a need, going forward, for strong co-operation and the sharing of expertise and experiences.
Cyber Security and Resilience (Network and Information Systems) Bill (Second sitting)
Freddie van Mierlo ExcerptsTuesday 3rd February 2026
(1 day, 13 hours ago)
Public Bill CommitteesRead Full debate Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 View all Cyber Security and Resilience (Network and Information Systems) Bill 2024-26 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: Public Bill Committee Amendments as at 3 February 2026 - (3 Feb 2026)
Freddie van Mierlo (Henley and Thame) (LD)
Q
Ian Hulme: Certainly from an ICO perspective, many IDSPs that we currently regulate are operating across boundaries. From our perspective, the focus is on the outcome. If they have operations in other jurisdictions that are providing services into the UK, our focus is on the outcome and getting to understand the UK side of things more than anything else.
Natalie Black: This is a challenge for us every day. Many of the companies that we regulate have a footprint in the UK or multiple footprints around the world. The issue is in making sure that the UK requirements are as clear as possible to give them no excuse to argue exceptionalism. That is why we really welcome the opportunity to get into the detail through secondary legislation, which will be very important in holding all the companies to account that we think need to be held to account.
The Chair
That brings us the end of the allotted time for the Committee to ask questions. On behalf of the Committee, I thank our witnesses for their evidence.
Examination of Witness
Chung Ching Kwong gave evidence.
Oral Answers to Questions
Freddie van Mierlo Excerpts(8 months, 3 weeks ago)
Commons ChamberRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Freddie van Mierlo (Henley and Thame) (LD)
For three years, the Marsh lock horsebridge in Henley has been closed. The bridge connects Henley to Shiplake and is an integral part of the Thames path national trail. The petition I present today, which has more than 6,000 signatories and was started by nine-year-old Claudia Fennell, who is in the Gallery today, calls for the bridge to be reopened. I welcome news from the Environment Agency that money has been identified to begin design work, but it is only partial funding, and the future is still uncertain.
I take this opportunity to also put on the record my regret at the closure of events organiser Henley Swim due to the sewage crisis, and to express my concern about the pending strike action by lock keepers.
The EA must be given the resources needed to keep our river thriving economically and safe for all users. The petitioners therefore request that
“the House of Commons urge the Government to take immediate action to encourage the Environment Agency to repair and reopen Marsh Lock Horsebridge.”
Following is the full text of the petition:
[The petition of residents of the United Kingdom,
Declares that Marsh Lock Horsebridge should be repaired and reopened; notes that an online petition on the issue was started by Claudia Fennell; notes the online petition on this issue has received over 6,000 signatures; notes the petition is supported by the former Mayor and the Deputy Mayor of Henley; further notes that the bridge has been closed since May 2022; notes that the bridge is an important part of the constituency community and impacts the mental and physical health of residents; notes that residents are currently unable to access the Thames path to Shiplake and numerous swimming spots; and further notes that local businesses reliant on the footfall from walkers and river-goers have been badly affected.
The petitioners therefore request that the House of Commons urge the Government to take immediate action to encourage the Environment Agency to repair and reopen Marsh Lock Horsebridge.
And the petitioners remain, etc.]
[P003067]
Data (Use and Access) Bill [Lords]
Freddie van Mierlo Excerpts(8 months, 4 weeks ago)
Commons ChamberRead Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Victoria Collins
Thank you for calling me, Madam Deputy Speaker, and for your patience regarding my earlier intervention. I am very passionate about all elements of the Bill.
On Second Reading, I said:
“Data is the new gold”—[Official Report, 12 February 2025; Vol. 762, c. 302.]
—a gold that could be harnessed to have a profound impact on people’s daily lives, and I stand by that. With exponential advances in innovation almost daily, this has never been truer, so we must get this right.
I rise today to speak to the amendments and new clauses tabled in my name specifically, and to address two urgent challenges: protecting children in our digital world and safeguarding the rights of our creative industry in the age of artificial intelligence. The Bill before us represents a rare opportunity to shape how technology serves people, which I firmly believe is good for both society and business. However, I stand here with mixed emotions: pride in the cross-party work we have accomplished, including with the other place; hope for the progress we can still achieve; but also disappointment that we must fight so hard for protections that should be self-evident.
New clause 1 seeks to raise the age of consent for social media data processing from 13 to 16 years old. We Liberal Democrats are very clear where we stand on this. Young minds were not designed to withstand the psychological assault of today’s social media algorithms. By raising the age at which children can consent to have their data processed by social media services, we can take an important first step towards tackling those algorithms at source. This is a common-sense measure, bringing us in line with many of our European neighbours.
The evidence before us is compelling and demands our attention. When I recently carried out a safer screens tour of schools across Harpenden and Berkhamsted to hear exactly what young people think about the issue, I heard that they are trapped in cycles of harmful content that they never sought out. Students spoke of brain rot and described algorithms that pushed them towards extreme content, despite their efforts to block it.
The evidence is not just anecdotal; it is overwhelming. Child mental health referrals have increased by 477% in just eight years, with nearly half of teenagers with problematic smartphone use reporting anxiety. One in four children aged 12 to 17 have received unwanted sexual images. We know that 82% of parents support Government intervention in this area, while a Liberal Democrat poll showed that seven in 10 people say the Government are not doing enough to protect children online.
Freddie van Mierlo (Henley and Thame) (LD)
I welcome new clause 1, tabled by my hon. Friend. Does she agree that raising the age of consent for processing personal data from 13 to 16 will help reduce the use of smartphones in schools by reducing their addictiveness, thereby also improving concentration and educational performance in schools?
Victoria Collins
That is exactly what is at the heart of this matter—the data that drives that addictiveness and commercialises our children’s attention is not the way forward.
Many amazing organisations have gathered evidence in this area, and it is abundantly clear that the overuse of children’s data increases their risk of harm. It powers toxic algorithms that trap children in cycles of harmful content, recommender systems that connect them with predators, and discriminatory AI systems that are used to make decisions about them that carry lifelong consequences. Health Professionals for Safer Screens—a coalition of child psychiatrists, paediatricians and GPs— is pleading for immediate legislative action.
This is not a partisan issue. So many of us adults can relate to the feeling of being drawn into endless scrolling on our devices—I will not look around the Chamber too much. Imagine how much more difficult it is for developing minds. This is a cross-party problem, and it should not be political, but we need action now.
Let me be absolutely clear: this change is not about restricting young people’s digital access or opposing technology and innovation; it is about requiring platforms to design their services with children’s safety as the default, not as an afterthought. For years we have watched as our children’s wellbeing has been compromised by big tech companies and their profits. Our call for action is supported by the National Society for the Prevention of Cruelty to Children, 5rights, Healthcare Professionals for Safer Screens, Girlguiding, Mumsnet and the Online Safety Act network. This is our chance to protect our children. The time to act is not 18 months down the line, as the Conservatives suggest, but now. I urge Members to support new clause 1 and take the crucial steps towards creating a digital world where children can truly thrive.
To protect our children, I have also tabled amendment 45 to clause 80, which seeks to ensure that automated decision-making systems cannot be used to make impactful decisions about children without robust safeguards. The Bill must place a child’s best interests at the heart of any such system, especially where education or healthcare are concerned.
We must protect the foundational rights of our creators in this new technological landscape, which is why I have tabled new clause 2. The UK’s creative industries contribute £126 billion annually to our economy and employ more than 2.3 million people—they are vital to our economy and our cultural identity. These are the artists, musicians, writers and creators who inspire us, define us and proudly carry British creativity on to the global stage. Yet today, creative professionals across the UK watch with mounting alarm as AI models trained on their life’s work generate imitations without permission, payment or even acknowledgment.
New clause 2 would ensure that operators of web crawlers and AI models comply with existing UK copyright law, regardless of where they are based. This is not about stifling innovation; it is about ensuring that innovation respects established rights and is good for everyone. Currently, AI companies are scraping creative works at an industrial scale. A single AI model may be trained on thousands of copyrighted works without permission or compensation.
The UK company Polaron is a fantastic example, creating AI technology to help engineers to characterise materials, quantify microstructural variation and optimise microstructural designs faster than ever before. Why do I bring up Polaron? It is training an AI model built from scratch without using copyright materials.
Protection of Children (Digital Safety and Data Protection) Bill
Freddie van Mierlo ExcerptsFriday 7th March 2025
(10 months, 4 weeks ago)
Commons ChamberRead Full debate Protection of Children (Digital Safety and Data Protection) Bill 2024-26 View all Protection of Children (Digital Safety and Data Protection) Bill 2024-26 Debates Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Freddie van Mierlo (Henley and Thame) (LD)
When I was growing up, we were first becoming aware of the digital world. On coming home from school, I would log in to MSN Messenger, check MySpace, carefully arrange the 10 top friends on that platform, and check out online games. Now those early tools have been honed to be as addictive as possible. Social media is a space for unchecked bullying and a place for predators to hide. I got my first phone aged 13, but the most advanced technology on it was an FM radio. Today, phones are not phones at all—they are supercomputers in our pockets. No parent wants their child to be left out, and once that first child in a class gets a phone, the floodgates open. We must give schools and parents tools to overcome that collective action problem.
Ben Coleman (Chelsea and Fulham) (Lab)
Will the hon. Gentleman join me in congratulating the Fulham boys school in my constituency, which was the first school in the country to replace smartphones with brick phones? As a result, it has seen pupils become more engaged, better social interactions and improved classroom behaviour. Does he agree that that school sets an example for the country to follow?
Freddie van Mierlo
I happily join the hon. Gentleman in congratulating that school.
Unfortunately, what we have seen today is a tragedy of the Commons, with the weakening of this legislation. We could not, even in this Chamber, overcome the collective action problem to deliver tougher regulation—which we need to stop the misuse of technology and keep the next generation safe—rather than reviews and a promise to plan research. I am happy to see other Members contributing to the conversation, but I note that Reform Members, including the hon. Member for Clacton (Nigel Farage), have decided not to grace us with their presence. If they cared so much about the protection of our children, they would be here.
In conversations with friends who have school-age children, I have learned of apps, such as Roblox, that allow any person to open a conversation with another user of the game. I also heard from campaigners that even Spotify can be used to share explicit images and conduct online grooming. I have spoken to parents in Henley and Thame who are distraught that their children were groomed by predators through social media. When they reported the crime to the police, they were told that nothing could be done because a virtual private network had been used. Technology is constantly evolving and we must stay informed of its developments. Parents must be informed of the risks facing children who use social media.
There is a way forward. We are all aware that social media companies are making huge profits from their activity. Introducing a social media levy to increase tax on those companies is an obvious choice. The money collected from the tax could then be used to support children by funding mental health services. Social media is having a detrimental impact on the wellbeing of children. The least we can do is use its profits to mitigate some of the damage.
The digital age of consent must be increased to 16. The age of 13 is too young for a child to consent to the collection, processing and storing of their data. The change would not ban children under 16 from using social media, but it would force social media companies to make applications safer and child-friendly for those under 16. My daughter is just 14 months old, but she is already being targeted by shows that seek to manipulate babies’ brains to avoid losing their attention. That shows just how pernicious the online space has become, and as a father I fear what it will look like in 10 years’ time. We must act.
Catherine Fookes
Thank you so much for giving way. Do you agree that, although this point has not come across in the debate, we all meet the most incredible young people every day in our constituencies, and we must congratulate them on the amazing things they do—
Madam Deputy Speaker (Judith Cummins)
Order. I remind hon. Members that interventions must be very short at this point, and please do not to refer to each other as “you”.
Freddie van Mierlo
I join the hon. Lady in congratulating young people on their work.
I say as a father that we must act now to reduce the harm caused to two current generations of children and never expose future generations to those harms.
Data (Use and Access) Bill [Lords]
Freddie van Mierlo ExcerptsWednesday 12th February 2025
(11 months, 3 weeks ago)
Commons ChamberRead Full debate Data (Use and Access) Act 2025 View all Data (Use and Access) Act 2025 Debates Read Hansard Text Read Debate Ministerial Extracts Amendment Paper: HL Bill 64-I Marshalled list for Third Reading - (4 Feb 2025)
Peter Kyle
Of course, we should have had this Bill two years ago. We have seen enormous progress on AI technology since then. I have been at the Paris summit for the past few days, and I saw where this technology is heading. Huge advances in the power of AI and the move towards artificial general intelligence are happening faster than anybody imagined. I cannot guarantee that this Bill will be sound for time immemorial, but I can say that it is fit for the moment in which we are living.
I reassure my hon. Friend that all our regulators have been tasked with assessing how non-frontier AI, as applied throughout the economy and society, will impact the sectors they regulate. The Department for Science, Innovation and Technology is offering assistance, where needed, as we assess the impact across our society.
My hon. Friend refers to a general-purpose technology, and it will therefore be applied and deployed in different parts of the economy and society in very different ways. We must make sure that, as a society, we deploy it safely. Once we ensure that the technology is safe, we can embrace it and explore all the opportunities that it offers.
Freddie van Mierlo (Henley and Thame) (LD)
It is hard to imagine a dataset in which it is more important to maintain confidentiality than patient data. This Bill makes changes to the Health and Social Care Act 2012. Can the Secretary of State guarantee that there are no changes to patient confidentiality?
Peter Kyle
I am pleased to give the hon. Member that assurance.
Data reform could not be more urgent or more necessary. Governments have spent years waxing lyrical about the immense promise of technology.
Telegraph Poles: Birmingham
Freddie van Mierlo Excerpts(1 year, 1 month ago)
Westminster HallRead Full debate Read Hansard Text Read Debate Ministerial Extracts
Westminster Hall is an alternative Chamber for MPs to hold debates, named after the adjoining Westminster Hall.
Each debate is chaired by an MP from the Panel of Chairs, rather than the Speaker or Deputy Speaker. A Government Minister will give the final speech, and no votes may be called on the debate topic.
This information is provided by Parallel Parliament and does not comprise part of the offical record
Chris Bryant
Let me be 100% clear: where there is existing infrastructure—ducts under the road or whatever —that can be used. In fact, it should be used and different companies should collaborate to make that happen. I am 100% clear that existing infrastructure should and must be used.
There are a few caveats, as the companies themselves would advance. Sometimes people think there is a duct when there is only a cable that has been laid straight into the mud underneath. Alternatively, the pavement might now be so full of different things, including gas connections, water connections, electricity connections and so on, that there is no space for anything else to be ducted through, or the duct sleeve is so full that nothing else can be put in and another sleeve cannot be put in either. I know that is quite a long set of caveats, but those are the realities of the situation.
The commercial reality is that inserting a new duct—that is, digging up the road and putting everything underground —might be very attractive to everybody in the community, but it is nine or 10 times more expensive than putting things on poles. If we want commercial operators to roll things out, there are certain situations where there are going to be poles. I cannot hide that from anybody; it is a simple reality.
As I was saying earlier, the cabinet siting and pole siting code of practice was issued in November 2016. It sets out guidance on best practice relating to deployment, encouraging operators to site apparatus responsibly and to engage proactively with local authorities and the local community. However, some of the things that I have seen being put in—including by Brsk; not often by many other operators—are clearly in the middle of a pathway or driveway, or in other places that are completely inappropriate.
As I understood it in our meeting last week, and indeed in the exchange of letters after that meeting, Brsk committed to change its policy in such situations. At that meeting, Brsk also undertook to engage in far more proper consultation with people. It will not just put up a sign saying, “We are about to put a pole here,” and then put a pole up the next day; it will engage in proper consultation, which means going door to door and explaining things to people. In many areas, Brsk will bring the local community together for a public meeting.
One Member who came to that meeting with Brsk last week said that there had been such a public meeting in their constituency. It had been very effective and people understood the quid pro quo, which was that if there was no means of doing something by ducting, there would have to be poles; if people did not want poles, they would not get the roll-out of fibre; and other operators were not operating in that field. People said, “Okay, well in that set of circumstances, we still want this roll-out to happen, so we will live with poles.” I think most people can live with that model, but even when that is agreed, we still have to make sure that we do not put poles in the middle of someone’s driveway or where they will obstruct people and not meet the requirements of the disability measures in the Equality Act 2010.
As I said earlier, I know the industry has been working together closely. It is not easy or simple to get commercial operators that have their own investors and shareholders in competition with one another to sit down to agree a new guide and a new code of practice, so I pay tribute to everybody at the Independent Networks Co-operative Association for engaging in that way. The vast majority of the altnet companies engaged in that activity are absolutely determined. They want to take the community with them because they want to be able to sell their product, and because they are responsible players in the market. I pay tribute to them where they have managed to do that.
As Brsk knows, we will hold its feet to the fire on all the commitments that it has made in private meetings with me, in the meetings with MPs that we held last week, and in writing. Before it starts rolling out in a particular area, it needs to explore far more thoroughly what ducting might be available, which might be through BT Openreach or Virgin. It will consult properly in a local area where people lobby and argue that the siting of a pole is particularly inappropriate. It will look at moving it in so far as it possibly can.
Freddie van Mierlo (Henley and Thame) (LD)
Does the Minister agree that the siting of poles is particularly important when we consider national landscapes? It needs to take into account the broader context. Does he also agree that, where local communities are willing to engage with operators and local authorities to fund undergrounding, that would be a good approach?
Chris Bryant
That is the first time that anybody has come to me and said that a local community would fund the ducting, which is an expensive business. All sorts of competition issues might then arise. I am hesitant to advance a yes or a no to that, because one would have to explore whether that was in effect a state subsidy, how that would be provided and what kind of contract there would be for maintenance of the duct—I can foresee all sorts of problems. I am not trying to be a part of the blob, but simply to be as clear as I can about what is possible and what is not.
The hon. Member makes an important point about the desirability of poles in areas of natural beauty and whether we can or cannot have poles. I have seen many different instances—I have tried to go through as many of them as possible as a Minister—such as where people thought the issue was about a duct that somebody was refusing to use, and it turns out it is not a duct at all but a cable laid in sand, so I am quite hesitant about holding forth on where we can or absolutely cannot have a pole.
In case anybody thinks I am being nimbyish, I have poles in my street, and I am about to have another set of poles in my street. I am relatively chilled about that, but I fully understand the issue where someone has never had a pole in their street. Part of the area’s beauty is that it looks remarkably like it did in the 18th or 19th century, and people want to preserve it that way. The downside is that commercially they will probably not get gigabit-capable and fibre-based broadband, which might be more of a problem for the community than having the poles.
I think I have exhausted the subject, unless anybody else wants to have a go at me. I pay tribute to my hon. Friend the Member for Birmingham Edgbaston. I am sure that we will return to the issue as many times as necessary if Brsk refuses to fulfil its promises. I believe that when we sat down with the senior management, they were sincere and honest in the commitment that they were making, and that they did not have as full an understanding of people’s feelings in some communities as they needed to have. As I promised my favourite MP—I cannot say that too often—I will hold the company’s feet to the fire throughout.
Question put and agreed to.