Baroness Chapman of Darlington
Main Page: Baroness Chapman of Darlington (Labour - Life peer)Department Debates - View all Baroness Chapman of Darlington's debates with the Cabinet Office
Cybersecurity and UK Democracy
Baroness Chapman of Darlington Excerpts(1 month, 1 week ago)
Lords ChamberRead Full debate Read Hansard Text Watch Debate Read Debate Ministerial Extracts
Baroness Chapman of Darlington (Lab)
My Lords, I begin by making clear, as my right honourable friend Pat McFadden did in the other place, that we on these Benches support the Government in their efforts to counter attempts by China or any other state to interfere with our democratic processes in any way. This includes attempts to prevent elected representatives from going about their business, voicing their opinions or casting their votes.
We pay tribute to the work of the intelligence and security services in protecting our democracy and the public more widely. However, we need to question the coherence of the Government’s approach to this issue so far. Surely it is necessary for the Government to have a consistent approach across government, as the cyber threat is not restricted to democratic processes. It extends to universities, electric vehicles, energy, aviation, the safety of Hong Kong nationals, and intellectual property. How confident is the Minister that the vigilance recommended today in relation to democracy, which many would say comes slowly rather than swiftly, is equally applied to other areas of activity? Does the Minister honestly think that the limited action outlined in the Statement is sufficient to deter China? Given what we now know, what further steps are the Government going to take, since the hacking and impersonation of parliamentarians is not the full extent of this and not at all the action of a friendly state?
The calculation of any state which wishes us harm or considers that it may be necessary to do us harm in the future has changed markedly in the last decade. That which previously would need to be achieved through violent means can now be done through cyberattack. The defeat mechanism now is different. Our energy supplies, communications, water, transportation and finances are all targets in a completely new way. Undermining our democracy is just another form of attack. Does the Minister accept that we currently lack a consistent approach across government? I ask this as noble Lords will no doubt be aware that the Foreign Secretary has been the subject of unhelpful speculation regarding his interests in China. It seems peculiar that information about this has been less than forthcoming.
The Intelligence and Security Committee issued a report on China last year. Paragraph 98 of that report said:
“Targets are not necessarily limited to serving politicians either. They can include former political figures, if they are sufficiently high profile. For example, it is possible that David Cameron’s role as Vice President of a £1bn China-UK investment fund”
was
“in some part engineered by the Chinese state to lend credibility to Chinese investment”.
As I understand it, in January 2023, prior to his appointment as Foreign Secretary, the noble Lord, Lord Cameron, went to Sri Lanka to drum up investment for Port City Colombo, which is a belt and road project launched by President Xi that many believe will become a military base for the Chinese navy. It would help to protect the reputations of the noble Lord and the UK Government if there could be some clarity on whom he met and what sort of conversations took place. Can the Minister assist in providing the necessary transparency and reassurance so that this matter can be put to bed? Can she tell us whether these matters have been investigated?
We have heard assurances from Ministers that the closed electoral register has not been hacked, but anyone taking broader interest in this issue will be aware that the danger is not just about a single cyberattack event, but rather that data is gathered in large quantities over time and can be used to train AI or be interrogated by AI with impacts that we do not yet understand. What are the Government going to do, across all departments and institutions, to protect against this threat? The threat is evolving, from spying and influencing to the disruption of elections and critical infrastructure. As the threat has changed, surely our response needs to change in turn.
Lord Fox (LD)
We welcome this Statement, which we hope is a significant step towards a more strategic, cross-party approach to this issue. I take the opportunity to acknowledge our friend the noble Lord, Lord Alton, who has earned the opprobrium of the Chinese Communist Party thanks to his tireless campaigning. He should accept this as a badge of honour, albeit one that comes with ominous concerns. Over the last 24 hours, the Foreign Secretary issued a statement and called Beijing’s actions “completely unacceptable”. He added that:
“Such action from China will not be tolerated”.
Given that this is what the Government believe, the response to date seems feeble. This feebleness was highlighted by many of the Minister’s colleagues in the Commons, and not just Sir Iain Duncan Smith. But perhaps the reason for this caution was voiced by an unnamed Cabinet Minister quoted in the press as saying that the Government do not want to start a trade war. However, in response, China has said that it “strongly condemns” the UK’s “egregious” move to sanction Chinese hackers, adding that it would
“take the necessary reaction, as a matter of course, to the U.K.’s moves”.
What is the Cabinet Office assessment of the risk to the UK economy? How are the UK Government preparing to resist any retaliation?
During yesterday’s Statement, Deputy Prime Minister Oliver Dowden noted that it is no surprise that China
“should seek to interfere in electoral processes”
in successful democratic countries. The Deputy Prime Minister may not have been surprised, but the integrated review—even its refresh—does not anticipate this level of attack. What we have today is inadequate, so I suggest that the Government use this to instigate a process of significant and proactive cross-party consensus that we can take forward and have a cross-sectoral plan for our relationship with China.
The hack of the Electoral Commission is very worrying; can the Minister explain why it took so long for it to be disclosed? According to the NCSC, this data is highly likely to be used by Chinese intelligence services for a range of purposes, including large-scale espionage and transnational repression of perceived dissidents and critics in the UK. How will the UK Government protect those here in the UK-Chinese community who may be subject to long-distance repression?
Yesterday the Opposition’s spokesperson, and their spokesperson here today, rightly highlighted China’s voracious appetite for data and its potential uses as computing power improves. Even if data cannot usefully be manipulated and weaponised, it is used as a very useful training tool for artificial intelligence models, as we just heard. I echo the question asked yesterday: what are the Government doing to protect complex and valuable public datasets from being stolen in this way? Two, for example, are health data and criminal records, but is not just our existing datasets we should worry about; the Chinese have the capability to build their own. For example, years after the decision to remove it, Huawei remains integral in our telecoms infrastructure. The Hikvision ban extends only to so-called sensitive sites, despite the fact that we have pushed hard to ensure that it extends to all public buildings.
This is just the tip of the data-gathering iceberg that exists already in this country. For example, last week, the Council on Geostrategy published a new policy paper highlighting the risks from Chinese cellular modules—so-called IoT modules. This raises an issue around the role of devices that sit inside almost every internet-enabled device, creating another whole cyber danger area. Then there are electric cars, which are little more than data hoovers, sending information back to China.
China has data and technology strategies that directly link to its strategic and security aims. They are decades ahead of our defences. We have to work together, and quickly, to develop the necessary responses. Despite the very good work that has been done by our own agencies to protect us, so much more is needed.