Question to the Department for Digital, Culture, Media & Sport:

To ask the Secretary of State for Digital, Culture, Media and Sport, whether the provisions for designated vendors in the Telecommunications (Security) Bill supersede the existing provisions for high risk vendors as identified by the National Cyber Security Centre.

The National Cyber Security Centre (NCSC) provides advice to public communications providers on the risks presented by high risk vendors and on the measures that the NCSC recommends they adopt as a result. The NCSC will continue to provide advice to industry, as well as to government, after the Telecommunications (Security) Bill comes into force.

The Government does not currently have the power to impose binding controls on public communications providers’ use of high risk vendors. The Bill will provide the Government with such powers.

In 2020 the Government made a series of announcements, in relation to the use of high risk vendors in the UK’s telecoms networks. Subject to consultation with affected vendors and telecoms providers, the Bill will enable the Government to implement those announcements in law.