Telecommunications (Security) Bill 2019-21, 2021-22

The Telecommunications (Security) Bill 2019-21, 2021-22 (“the Bill”) was introduced in the House of Commons on 24 November 2020. It has completed both Commons and Lords stages, and is now due to return to the Commons for consideration of Lords amendments on Monday 8 November 2021.

The Bill follows a cross-government review of UK telecoms supply chains led by the Department for Digital, Culture, Media and Sport from November 2018 and reporting in July 2019. The review focused on the supply chain arrangements for UK telecoms networks (where and from which companies UK telecoms networks source their equipment) and included an assessment of the wider security regulatory framework for telecoms. It concluded that current regulation needed to be “significantly strengthened” to incentivise operators to prioritise security.

The Bill is set against a backdrop of security-related concerns with the involvement of the Chinese technology company Huawei in telecoms infrastructure in the UK and abroad.

As well as the Telecommunications (Security) Bill, the Government introduced the National Security and Investment Bill 2019-21 on 11 November 2020 to address concerns that foreign investment could be used to undermine the UK’s national security. This Bill received Royal Assent on 29 April 2021.

The National Security and Investment Act 2021 provides the Government with new powers to scrutinise and intervene in business transactions, such as acquisitions, for national security reasons. For further details, see the Library briefing: National Security and Investment Bill 2019-21.

Aims of the Bill

The Telecommunications (Security) Bill would bring in a new regulatory framework for telecommunications security. This aims to ensure that public telecommunications providers operate secure and resilient networks and services and manage their supply chains appropriately.

The Bill would place stronger duties and responsibilities on telecoms providers, and provide stronger powers for Ofcom, the UK telecoms regulator, to enforce those duties. The Bill includes new powers for the Secretary of State to set telecoms security requirements in regulations and codes of practice.

The Bill would also give new national security powers to the Secretary of State to impose directions on telecoms providers with regard to “high risk vendors”. The Government stated that the Bill would “give the UK one of the toughest telecoms security regimes in the world”.

Response to the Bill

The Bill has received broad support from across the House. There is general consensus that cyber-attacks on the telecommunications infrastructure pose a significant threat to national security and that legislation is needed to strengthen the security framework. Some members have commented that the Bill should have been introduced sooner.

Key trade associations have issued brief statements of support for the Bill. This has been described as a “guarded welcome”. The telecoms company Huawei has reportedly expressed unhappiness with the proposals.

Progress of the Bill

Second Reading of the Bill took place on 30 November 2020. The Committee Stage then ran from 14-26 January 2021. Technical amendments were moved by the Government and agreed. No other amendments were made.

Opposition amendments covered three major themes: national security, supply chain diversification and parliamentary scrutiny. There was suggestion that a number of these amendments would be returned to at a later stage.

A carry-over motion for the Bill was passed, enabling its continued progress into the next parliamentary session. The Bill’s remaining stages in the Commons took place on 25 May.

The Bill was sent to the Lords on 26 May and Second Reading took place on 29 June. It was then debated in Grand Committee over two sittings on 13 and 15 July and progressed to Report Stage unamended. Five amendments were agreed at Report Stage, which would bring effect to three substantive changes to the Bill:

• A Government amendment that would apply a negative resolution procedure to the power to issue codes of practice.
• A non-Government amendment that would require the Secretary of State to report on the impact of the Government’s diversification strategy and allow for a debate in the Commons on the report.
• A non-Government amendment that would require the Secretary of State to consider whether to issue a designated vendor direction/similar action where a Five Eyes partner (the US, Canada, Australia and New Zealand) has banned a telecoms vendor on security grounds.

The Bill passed Third Reading in the Lords without division. These amendments will be considered in the Commons on 8 November 2021.

The Bill, Explanatory Notes and Delegated Powers Memorandum have been published on the Bill’s page on the Parliament website. The Bill’s Impact Assessment, as well as summary factsheets, have been published by DCMS.