Integrated Review of Security, Defence, Development and Foreign Policy Debate

Full Debate: Read Full Debate
Department: Foreign, Commonwealth & Development Office

Integrated Review of Security, Defence, Development and Foreign Policy

Lord Craig of Radley Excerpts
Thursday 22nd April 2021

(2 years, 11 months ago)

Lords Chamber
Read Full debate Read Hansard Text Read Debate Ministerial Extracts
Lord Craig of Radley Portrait Lord Craig of Radley (CB)
- Hansard - -

My Lords, recent thinking and experience points to a growing third part to our defence and security, that which lies between active overseas participation and defensive preparation: the grey zone of hostile acts that fall short of open warfare but which are nevertheless profoundly troublesome and which must be countered in that grey zone.

One aspect of this has been the setting up of the National Cyber Force as an offensive unit. This introduces a new doctrine of offensive actions as well as, and apart from, the traditional role of intelligence gathering in all its methods, from SIGINT to HUMINT. I have raised this topic before, and the noble Baroness, Lady Goldie, kindly wrote to me to explain the new arrangement for control of the National Cyber Force. She said that the National Cyber Force commander

“will report to both Defence and GCHQ. The first Commander of the National Cyber Force is currently a civilian employee of GCHQ. They are not being named as, while National Cyber Force is publicly avowed, it is not public facing.”

There seems to be a distinct lack of a clear chain of command in this response. Perhaps that is not so surprising, since the new force is yet to bring together and blend what were clearly distinct areas of responsibility for two different Secretaries of State.

Nevertheless, a committee-type structure to run or oversee live operations, with all their potential hazards, is a recipe for mismanagement and divided, unclear responsibility. That is not satisfactory. While I recognise that we are at the early stages of setting up this new force, I was and still am concerned about the chain of command and responsibilities of the two Secretaries of State involved. It might at first blush be reasonable to assume that the offensive use employed is directly either a defence or a Security Service action. But if it is not already—very soon in cyber strategy terms—such a distinction will become blurred or non-existent.

While the examples quoted by the Government for offensive cyber action are clear-cut, there could, as capabilities mature, be abilities to disrupt national infrastructures, for example. While the possible targets should and must remain secret, the legal, human rights, ethical and political considerations cannot be ignored. Will the Intelligence and Security Committee be given an overwatch role on offensive cyber force operations? There is surely such a role for Parliament, and this should be clear from the outset.