Digital connectivity is an increasingly vital part of our lives. During this period of global crisis, it has brought home the profound importance of a reliable connection. The 4G technology has enabled rapid internet connection over mobile phones: alongside superfast broadband at home, it has allowed people to do everything from Zoom calls to downloading movies. But the Government need to look to the future. That means developing world-class, next-generation digital technology through 5G for mobile and gigabit-capable for fibre. It is only by doing this that we will remain at the forefront of the technology revolution.
In order to realise the full benefits of those technologies though, we have to have confidence in the security and resilience of the infrastructure on which they are built. Keeping the country secure is the primary duty of Government to their people. This consideration precedes all others. There is, of course, no such thing as a perfectly secure network, but the responsibility of the Government is to ensure that it is as secure as it possibly can be. That is why we conducted the telecoms supply chain review to look at the long-term security of our 5G and full-fibre networks.
The review set out plans to implement one of the toughest regimes in the world for telecoms security: one that would shift from a model where the telecoms industry merely follows guidance to a model where standards would be enforced by legislation; one that would require all operators to raise security standards and combat a range of threats, whether from cybercriminals or state-sponsored attacks; and one that gave the Government the necessary powers to keep our approach up to date as the technology develops.
A critical aspect of that was how we address so-called high-risk vendors—those which pose greater security and resilience risks to the UK’s networks—so in January we set out to the House our conclusions on how we would define and restrict high-risk vendors, keeping them outside the network’s core and away from critical infrastructure and sites. We have been clear-eyed from the start that Chinese-owned vendors Huawei and ZTE were deemed high risk, and we made clear that the National Cyber Security Centre would review and update its advice as necessary.
Clearly, since January, the situation has changed. On
The National Cyber Security Centre has reviewed the consequences of the US actions and has now reported to Ministers that it has significantly changed its security assessment of Huawei’s presence in the UK’s 5G network. Given the uncertainty that this creates around Huawei’s supply chain, the UK can no longer be confident of being able to guarantee the security of future 5G equipment affected by the change in US foreign direct product rules. To manage the risk, the NCSC has issued new advice on the use of Huawei in UK telecoms networks.
This morning, the Prime Minister chaired a meeting of the National Security Council. Attendees at that meeting took full account of the National Cyber Security Centre’s advice, together with the implications for UK industry and wider geostrategic considerations. The Government agree with the National Cyber Security Centre’s advice: the best way to secure our networks is for operators to stop using new affected Huawei equipment to build the UK’s future 5G networks. To be clear: from the end of this year, telecoms operators must not buy any 5G equipment from Huawei. Once the telecoms security Bill is passed, it will be illegal for them to do so.
However, we also recognise the range of concerns voiced in the House regarding Huawei’s role in our 5G network. I have listened carefully to those concerns, and I agree that we need clarity on our position and to take decisive action. I have previously set out our plans to safely manage the presence of high-risk vendors in our 5G network, and of course our ambition right from the beginning was that no one should need to use a high-risk vendor for 5G at all, but I know that hon. Members sought a commitment from the Government to remove Huawei equipment from our 5G network altogether. That is why we have concluded that it is necessary, and indeed prudent, to commit to a timetable for the removal of Huawei equipment from our 5G network by 2027. Let me be clear: this requirement will be set out in law by the telecoms security Bill. By the time of the next election, we will have implemented in law an irreversible path for the complete removal of Huawei equipment from our 5G networks.
We have not taken this decision lightly, and I must be frank about the decision’s consequences for every constituency in this country. This will delay our roll-out of 5G. Our decisions in January had already set back that roll-out by a year and cost up to £1 billion. Today’s decision to ban the procurement of new Huawei 5G equipment from the end of this year will delay that roll-out by a further year and will add up to £500 million to costs. In addition, requiring operators to remove Huawei equipment from their 5G networks by 2027 will add further hundreds of millions of pounds to the cost and will further delay the roll-out. That means a cumulative delay to 5G roll-out of two to three years, and costs of up to £2 billion. That will have real consequences for the connections on which all our constituents rely.
I have to say that to go faster and further beyond the 2027 target would add considerable, and indeed unnecessary, further costs and delays.
The shorter we make the timetable for removal, the greater the risk of actual disruption to mobile telephone networks.
The world-leading expertise of NCSC and GCHQ has enabled us to publish one of the most detailed analyses of the risks to the 5G network. The UK is now acting quickly, decisively and ahead of our international partners. Our approach reflects the UK’s specific national circumstances and how the risks from the sanctions are manifested here in the UK. It has not been an easy decision, but it is the right one for the UK’s telecoms networks, for our national security and for our economy, both now and in the long run.
We also need to look at other networks. Although they are fundamentally different from 5G, they need to be as secure and resilient as our new mobile technology, as many Members of this House have pointed out in the past. Reflecting again the advice of the National Cyber Security Centre, we will need to take a different approach to full-fibre and older networks—one that recognises they are different from 5G in their technology, security and the vendors supporting them. Given that there is only one other appropriate scale vendor for full-fibre equipment, we will embark on a short technical consultation with operators to understand their supply chain alternatives so that we can avoid unnecessary delays to our gigabit ambitions and prevent significant resilience risks. That technical consultation will determine the nature of our rigorous approach to Huawei outside of the 5G networks.
All of those things have implications for the telecoms security Bill. I am fully aware of the commitment I made in this House in March to introduce it before the summer recess. As I am sure Members will appreciate, today’s decision will substantially change what is in the Bill. We will introduce the Bill to the House in the autumn. It is in all our interests for the legislation to be introduced and passed as soon as possible, because—this is the key point—we have to ensure that our telecoms security advice is on a secure statutory footing.
As the House knows, one reason we are in this situation is a global market failure. Put simply, countries around the world—not just the United Kingdom—have become dangerously reliant on too few vendors. We have already set out a clear and ambitious diversification strategy. That strategy will include wide-ranging action in the short, medium and long term, with the aim of driving competition and innovation to grow the market and deliver greater resilience across all our networks.
The strategy will focus on three core elements. First, we need to secure the supply chains of our incumbent non-high-risk vendors by putting in place measures and mitigations that will protect supply chains and ensure there is no disruption to our networks. Secondly, we need to bring new scale vendors into the UK market by removing barriers to entry, providing commercial incentives and creating large-scale opportunities for new vendors to enter the UK markets. Thirdly, we need to address the existing structure of the supply market by investing in research and development and building partnerships between operators and vendors that will mean operators using multiple vendors in a single network will become the standard across the industry.
Success will require a shared commitment between Government and industry to take the necessary steps to address this issue. We are already engaging extensively with operators, vendors and Governments around the world to support and accelerate the process of diversification. We recognise that this is a global issue that requires international collaboration to deliver a lasting solution, so we are working with our Five Eyes partners and our friends around the world to bring together a coalition to deliver our shared goals.
In addition, I know that many Members of this House have considered the Government’s policy on high-risk vendors in the context of the United Kingdom’s wider relationship with China. Let me assure Members that this Government are clear-eyed about China. We have been robust in our response to the imposition of new security laws in Hong Kong, including through our generous offer to British national overseas passport holders. We want a modern and mature relationship with China based on mutual respect where we can speak frankly when we disagree, but also work side-by-side on the issues where our interests converge. Today’s decision, however, is about ensuring the long-term security of our telecoms network, specifically in the light of those new US sanctions.
The security and resilience of our telecoms networks is of paramount importance. We have never compromised, and will never compromise, that security in pursuit of economic prosperity. It is a fact that the US has introduced additional sanctions on Huawei, and as the facts have changed, so has our approach. That is why we have taken the decision that there can be no new Huawei equipment from the end of this year, and set out a clear timetable to exclude Huawei completely by 2027, with an irreversible path implemented by the time of the next election. Telecoms providers will be legally required to implement this by the telecoms security Bill, which we will bring before the House shortly. This important decision secures our networks now and lays the foundations for a world-class telecoms security framework in the future. I commend this statement to the House.