Skip to main content

Product Security and Telecommunications Infrastructure Bill

Volume 707: debated on Wednesday 26 January 2022

Second Reading

I beg to move, That the Bill be now read a Second time,

We are living in the digital age. It is not only our computers and smartphones; Brits young and old have an average of nine connected devices in their house, from smart speakers and TVs to baby monitors and doorbells. We are more connected than ever, and we need to make sure that those connections are fast and secure. The Bill will achieve both those aims. It will take our roll-out of gigabit broadband and 5G to the next level while boosting the protection of citizens across the UK.

If there is one thing we have learned from this pandemic, it is how central technology is to our everyday existence. We need technology to work remotely; we need it to reach our children and to drive scientific breakthroughs and business innovations; we need tech to be interoperable—I struggled to say that—because we are living in a world where our baby monitors, kettles and doorbells will all be able to talk to one another; and we need tech that is secure.

Underneath all that, we need the digital infrastructure to support all those connections—the ones that we make minute by minute, hour by hour and day after day. Such networks are vital for the UK’s future prosperity. We cannot stay at the heart of the global economy if our connections are not world class, which is why the Government have made huge investments in digital infrastructure.

Unfortunately, my constituency has one of the slowest broadband speeds in the UK. In one area in particular, Cilycwm, a WeFibre gigabit scheme has been sitting on the Department’s table for eight or nine months. Will the Department come to a determination quickly so that we can move forward with that scheme?

I certainly will. As I am sure the hon. Gentleman is aware, we are moving forward at an absolutely rocketing pace, but I will have a look at the situation in his constituency. I assure him that nothing sits on the Department’s table—it has all gone out to the providers and those going through the procurement process—but I will check on where things are up to in his constituency. If he could contact me with some details after the debate, that would be helpful.

Because the Government have made huge investments, at least 97% of premises now have access to superfast broadband, which is fast enough for a family to stream five different Netflix films in five different rooms in the same house at the same time.

The Secretary of State has just talked about the ability to activate fast broadband in five different rooms, but constituents in my Luton South constituency do not have five devices on which to watch five different Netflix films. Should the Government not be doing more on that basis?

We are. The roll out of superfast broadband and gigabit broadband, in respect of which we have covered 65% of the country in just a few years, is levelling up in practice. It is about making sure that anybody who wants access can have it. We are working with Ofcom and the providers to look at left-behind areas in terms of levelling up and how we can increase access to laptops and—this happened particularly during the pandemic, in the first lockdown—how children in particular can access the internet so that they have the same equal access and opportunity as everyone else.

As we have upgraded our networks, we have invested more than £4 billion in our cyber defences since 2016, including by setting up the National Cyber Security Centre. As we all know, the nature of tech is incredibly fast-paced and constantly changing and growing. Monthly broadband usage has doubled since 2018 and continues to rise year on year. But the more we log on, the more open we are to cyber-threats, particularly as new technology—including cutting-edge consumer products such as smart baby monitors—is not always secure by design. To stay ahead of the game we need to keep investing in tomorrow’s networks and to secure ourselves against future threats, which is why we have introduced the Bill.

Let me explain the Bill’s impact in our telecoms networks before I turn to its measures on product security. In 2019, the Prime Minister promised voters a “broadband revolution” and vowed to deliver fast, secure and reliable broadband to everyone in the country. That was an important promise in 2019 but it is even more vital today as we build back from a devastating global pandemic.

We are delivering on our promise. Under this Government, nationwide gigabit coverage has jumped from just 11% at the end of 2019 to 65% today. We have set ambitious targets for the rest of the roll-out and aim to reach a minimum of 85% of homes by 2025 and to get as close to 100% as we can as soon as possible. We are constantly looking for ways to go further and faster with that roll-out. For example, we have already legislated to address the problem of absent or unresponsive landowners, who can hold up the deployment of gigabit broadband in blocks of flats, and we are currently consulting on proposals to amend the building regulations to ensure that all new homes have gigabit from the outset.

At the same time, we are working hard to improve our mobile phone networks, so that people can enjoy world-class connectivity not just when they are at home or work, but when they are out and about. We have agreed a £1 billion deal with the industry to roll out the shared rural network, which is already delivering improved 4G coverage across the UK. Both the operators and the industry remain confident that they will reach 95% of the country by the end of 2025, and we are aiming for the majority of the population to have the next level of cutting-edge 5G mobile coverage by 2027.

Many of my constituents in Northolt are not able to access faster broadband through a fibre connection. I have repeatedly pressed Openreach on this, and it admitted that one of its cabinets had not been upgraded as it did not meet the commercial criteria. Just last week, I also pressed Virgin Media, which said that it had installed broadband in on Islip Manor Road but not on Islip Manor estate, next door. Will the Secretary of State confirm when, under the Government’s plans, all my constituents in Northolt will be able to access a decent broadband connection?

The hon. Member’s question is quite detailed, right down to street names, so I will take it away and we will speak to Openreach. The Department will see what we can do and come back to him, although that is not a promise that we will suddenly be able to connect Northolt. I am interested to hear about individual constituencies, because it is useful to us to know that information. We have not said that everybody is going to have superfast or gigabit broadband tomorrow; we have set dates by which to reach our targets. We will do our very best for the hon. Member, if he lets me know the details of the case he mentioned.

Things like 5G and gigabit have the potential to be truly transformational for people and businesses. They are vital for innovation, and can unlock huge economic and social benefits across every single corner of the country—not just driving our recovery from covid, but boosting our generational mission to level up the UK. We therefore need to ensure that the legal framework underpinning our digital infrastructure encourages and enables the deployment of the latest networks. In 2017, we made changes to that legal framework, implementing reforms to the electronic communications code that regulate installation agreements between landowners and telecoms operators.

My right hon. Friend is making an important point about ensuring that we have the infrastructure that we need for the 21st century, not the 20th century. But one of my constituents’ concerns—I know that the constituents of my hon. Friend the Member for Hyndburn (Sara Britcliffe) have a similar concern—is that when private sector providers come in and install new equipment such as telegraph poles, dishes and things like that, if they do not properly engage with residents and the local community, that can blight some of our streets and add unnecessary infrastructure. Does my right hon. Friend agree that when we encourage providers to install such equipment, they should engage with communities and residents, so that we carry people with us?

Community engagement and engagement with individual households is vital. People need to know that the connectivity is there. I will look into my hon. Friend’s point and take it further.

In a similar vein to the hon. Member for Burnley (Antony Higginbotham), I have received a number of concerns from site providers in my rural constituency that have hosted telecommunications infrastructure, in some cases for a decade or more. When the code was last before the House, we were led to believe that the rent reductions would be minimal. However, it has transpired that in some instances, rent offers have been reduced by about 90%. I am interested to know whether the Secretary of State has any comments on that point, and whether there is a way of rebalancing things. We want to ensure that this infrastructure is there to benefit the community, but we do not want site providers to have to sacrifice what is, in many cases, very valuable agricultural land.

I am coming to the first point raised by the hon. Member. On his second point, which was about rebalancing, I am afraid that he is probably going to be disappointed.

I strongly welcome massive private-led investment in proper broadband, which is what we all need. Could the Secretary of State give guidance to the companies doing it that it is not helpful if they bury cables under main roads, requiring the roads to be dug up again every time they want to improve or mend a cable? Could we not do better, either in ducts or by the side of the road?

An interesting point. I will certainly take that back to BDUK, Openreach and others. We need to ensure that the legal framework underpinning our digital infrastructure encourages and enables the deployment of the latest networks. In 2017, we made changes to that legal framework. Implementing reforms to the electronic communications code—this goes to the point made by the hon. Member for Ceredigion (Ben Lake)—requires installation agreements between landowners and telecom operators. The aim was to make it easier for digital networks to be installed, maintained and upgraded, and now we will go even further. The Bill will update the electronic communications code to deliver on the Government’s ambitions for digital connectivity and levelling up. Specifically, it will do three things: make the most of existing infrastructure; encourage stronger and more collaborative relationships between telecom operators and site providers; and build on previous measures to tackle the issue of non-responsive landowners.

In my constituency of St Albans there is the Highfield Park Trust, run by a group of volunteers. Since the 2017 reforms, it has lost 98% of its income from hosting a mast because of the telecoms company using its new powers to renegotiate the lease. Does the Secretary of State agree that that poses a real risk to the roll-out of 5G, because in some instances small site owners might decide that it is not worth their while anymore and just evict the telecoms companies? Is she willing to look at the issue again, and at the power imbalance that has arisen from the 2017 reforms?

In 2017, the prices were too high and they affected the overall roll-out. The new pricing regime is more closely aligned to those of utilities such as water, electricity and gas, which are fair. In order for us to roll out 5G to future-proof our digital economy and our telecoms, and to reach the targets of ensuring that we have 4G/5G coverage and 100% gigabit roll-out as soon as possible, we need to ensure that telecom providers can access land to establish both masts and the facilities that we need to make it happen. It has to be fair. We are not revisiting the code of 2017; the Bill does not do that. It will stay as it was, and there will not be a revision to the pricing regime. It is important that I make that clear straightaway.

The Secretary of State highlighted that the prices were once too high. Now we have had multiple complaints that the prices are too low. Clearly, the question of valuation is at the heart of the matter, so why did the Government explicitly exclude valuation from the scope of the consultation that preceded the Bill?

We have listened to landowners. We have not introduced the legislation without involving them in its development. We have included measures in the Bill that make it easier for landowners and operators to use a dispute resolution if landowners feel that they are not getting a fair price. That means greater collaboration, and it makes preposterously low offers less likely. Hopefully, a fair and reasonable price would be agreed. If landowners were not happy with it, it would go to independent arbitration. If they were then unhappy with that, they would have recourse to the courts, which we know would look very dimly on a situation where the telecom providers had been neither reasonable nor fair to landowners. We think that that is a fair and reasonable process.

Making the most of existing infrastructure can play a key role in upgrading services and increasing competition. Under the Bill, operators will have the automatic right to upgrade or share apparatus installed before the 2017 reforms. That will be subject to specific conditions to ensure that the work does not negatively impact landowners. The measures have been considered carefully to deliver significant benefits, while ensuring that there will be little impact on landowners. The Bill also rationalises the way that certain older code agreements are renewed so that they reflect the code as reformed in 2017. This means that there will be greater consistency in how agreements are renewed across the UK. On that basis, the 2017 coding agreements will not be revisited.

All those things will make much better use of existing infrastructure, reducing the need for new installations. That means less disruption with fewer street works and fewer mast installations in both rural and urban settings—something that, I am sure, will welcomed in all parts of the House. We will take away that community disruption. In response to my right hon. Friend the Member for Wokingham (John Redwood), I will take away his point about cables being laid under roads. In the area where I live, it is done under the pavement right outside my house. I would imagine that there is a good reason why that has to happen in some areas, but I will get back to him with what it is.

Secondly, we want to build stronger, more constructive relationships between network operators and potential site providers. We are introducing measures to make it easier for those two parties, when negotiating agreements to install telecoms apparatus, to use an alternative form of dispute resolution if a disagreement arises such as I have set out. This will encourage constructive dialogue between networks, operators and potential site providers. It will help new agreements be reached more quickly and address situations where landowners may feel compelled to accept terms offered by operators.

Finally, we are creating a new court process to address situations where landowners are not responsive. This process will provide a quick and inexpensive route for operators to gain access to certain types of land. Again, these measures have been developed to strike the balance between protecting landowners and ensuring that everyone across the UK has access to reliable and quick digital infrastructure.

We need this infrastructure because of the sheer demand on our networks. Just think of all the devices that are in use at this very moment. Millions of people will be switching on their smart TVs to stream a film or a series box-set, unlocking their phones or tablets to call a friend or a relative, or asking their smart speakers to play music or give information. Around this Chamber, right now, many wrists are sporting smartwatches that keep us up to date with the latest news or alert us to the fact that we have a new message from those infamous WhatsApp groups. [Laughter.] Sorry—I just couldn’t resist.

But with every connectable product that enters our lives, the risk of cyber-attack grows. In the first half of 2021 alone, we saw 1.5 billion attacks on connectable products—double the figure for the same period in 2020. Most of us assume that if a product is for sale in the UK it is safe and secure, but thousands of people in the UK have been victims of cyber-attacks. Many of them have lost significant amounts of money or have had their private data hacked and shared, and they have lost trust in the idea that they can connect with one another and go about their daily lives with confidence. This is not just damaging on a personal level; it also has serious implications for our national security. Cyber-criminals now have the ability to use compromised connectable products to attack large infrastructure. We saw this with the 2016 Mirai attack, which targeted anything from baby monitors to medical devices to home appliances to disable internet access across much of the US east coast.

In the past few years, this Government have made significant progress to strengthen the UK’s cyber-security. In 2018, we published a code for manufacturers to improve the security of their own consumer devices. We led the world on this, and that code has since been used by countries such as Australia and India to inform their own product security principles. However, the cyber landscape is constantly evolving and our approach needs to evolve with it if we want to stay safe.

We have reached the point at which legislation is required to protect citizens and networks from the harm posed by cyber-criminafls. Packaged together, the telecoms and product safety measures in the Bill will work in tandem to do just that, creating a reliable, fast broadband while supporting the growth of more secure consumer connectable products.

The Bill will enable the Government to specify a number of mandatory security requirements for smart devices. They will be set out in regulations, but manufacturers are already on notice regarding what the initial three requirements will be. The first is a ban on universal default passwords. Too often, consumer connectable products come with easy-to-guess passwords as their default setting, such as “password”, “admin” or four zeros. That makes them vulnerable to hacking, and risks compromising a user’s privacy and security right from the get-go. Under this new security requirement, all passwords that come with a new device will need to be unique and not easily guessable.

The second mandatory requirement is for manufactured consumer connectable products to provide a public point of contact so that security researchers and others can easily report when they discover security vulnerabilities, flaws and bugs in their devices. Manufacturers can then quickly identify and address any shortcomings in their products. At present, nearly 80% of firms have no such system in place.

Finally, manufacturers will be required to be completely transparent about how often, and for how long, their products will receive security updates and patches. According to the current guidance that is being commonly issued, if we update our computers regularly when asked to do so and use two-step verification, 90% of cyber-attacks can be avoided. The requirement for manufacturers to be transparent about how often their product will receive security updates is intended to help consumers to know at which point they will need to do that.[Official Report, 4 February 2022, Vol. 708, c. 5MC.]

Businesses will have to give customers that information at the point of sale, and keep them updated throughout. If a product will not be covered by security updates, that must be disclosed. That will enable consumers to have all the facts that they need to make an informed decision about their purchase, to understand when the product they buy could become vulnerable, and to base their decision on whether or not to buy on that information. When the security requirements have not been complied with, businesses will not be allowed to make these products available in the UK. We will be able to monitor, investigate and take enforcement action against non-compliant businesses.

We have been setting consumer standards of this kind for decades. Every product on our shelves has met all sorts of minimum requirements, whether to ensure that it is fire-resistant or to ensure that it is not a choking or suffocation hazard. It should be no different in the digital age. The Bill allows us to protect people across the UK even as the world around us changes. It allows us to keep pace with technology as it transforms our everyday lives. Combined with the measures on the telecoms infrastructure, it will do a huge amount in the coming years to benefit our constituents and society at large.

I hope that Members will show their support for the Bill, and that the benefits can be realised as quickly as possible. I commend the Bill to the House.

I do not think there could be a better birthday present than being in the Chamber today and listening to this Second Reading debate. Happy birthday, Jeff Smith!

May I extend those congratulations to my hon. Friend the Member for Manchester, Withington (Jeff Smith)? I think he is 21 again.

Once again, I congratulate the Secretary of State on her continuing blind loyalty to the Prime Minister. Last week she threw Big Dog a bone with her vendetta against the BBC to distract from the Prime Minister’s partying antics. How is that going? This week she has continued her role as dog-walker-in-chief, trying to tidy up Big Dog’s mess after the latest revelations about his lockdown-breaking birthday party antics. She might have picked it up and put it in a plastic bag but, as the saying goes, even she cannot polish this one! [Laughter.] We are lightening the load today, because this is a very technical Bill and we all need lifting.

It is just as well you are in the Chair, Mr Deputy Speaker!

We have here another infrastructure Bill. As with every big infrastructure project this Government oversee, from the northern rail betrayal to the disastrous green homes schemes, the broadband and 5G roll-out has been beset with piecemeal, short-term thinking. The Government try to get British infrastructure built on the cheap, relying on the private sector, which more often than not means foreign state-run companies. On the broadband roll-out, the Government have wasted a decade and squandered the world-leading position left by the last Labour Government. This Government’s legacy over 10 years has seen huge delays in the superfast broadband roll-out, and a widening in the digital divide. Why were we not, 10 years ago, investing in a public-private partnership, so that home-grown British businesses could develop our own 5G network? Instead of looking towards the future, and building up British capacity and resilience, the Government have left us reliant on Huawei and other foreign state-backed companies for our 5G, with all the security complications that that entails.

This Bill deals with a couple of specific aspects of the broadband and 5G roll-out: part 1 places security requirements on manufacturers of smart devices and part 2 amends the electronic communications code, which governs the rules on how rent is set for community groups and others to host phone masts on their land.

The hon. Lady is no Stalinist. Given that the underlying principle of part 2 of the Bill is the Stalinist principle that property is theft, will she be opposing it on Second Reading?

I must object to that suggestion that I am a Stalinist. I am, however, someone who believes that there should be a fair —

Oh, no Stalinist. I am someone who believes that there should be a fair valuation, and a fair and balanced approach taken to those who put masts on their land in good faith, expecting that income to come in the future. I will say more on that shortly.

We support the measures in part 1. Smart devices have increasingly become targets for fraud, surveillance and other forms of cyber-attack. We have some concerns that these measures have not come sooner and do not go further. In 2016, the Government promised that

“the majority of online products and services coming into use”

would be

“’secure by default’ by 2021”.

Why are the Government only just bringing this legislation in, given that previous commitment? These requirements should and could have been mandatory from the start, as opposed to our spending four years with a voluntary code. I have real concerns that we are always behind the technology curve. These devices are already being used in ways beyond the scope of this Bill—for example, by stalkers and abusive partners in tracking those they are abusing, as well as in fraud and criminal activity. There is nothing in this Bill about that, let alone measures to address new waves of technology that are already making their way into people’s homes and lives, such as virtual reality.

Moving to part 2, our main concern with this Bill is that it is likely to slow down, rather than speed up, the broadband and 5G roll-out.

I was very interested in the hon. Lady’s comment about virtual reality. Does she think we need to change the legislation now to deal with the metaverse, which is meant to be a great opportunity of bringing together various technologies in something new?

I do. I share the right hon. Gentleman’s concern about the metaverse; we are constantly considerably behind the curve on legislating for the regulation of some of these issues, and of course that will not even be covered by the forthcoming Online Safety Bill either. The pandemic has demonstrated more than ever the importance of broadband to our prosperity, but the Government’s failure to deliver the roll-out is hampering creative industries, businesses and those attempting to work from home.

The Government have consistently rolled back on their commitments. The Secretary of State mentioned that the Prime Minister originally promised full-fibre broadband to every household by 2025. He then downgraded that pledge to universal gigabit-capable broadband to every home. The commitment is now that at least 85% of UK premises will have access to gigabit broadband by 2025. That is downgrade after downgrade, which sells our capacity short.

The National Audit Office expressed serious reservations that even the watered-down target would be met. The main barrier is the Government-funded roll-out to harder-to-reach areas. The unequal roll-out of next generation gigabit broadband will mean that the same households that do not have superfast or, in many cases, as we have already heard, any functioning broadband at all, will continue to fall behind—for years, if not decades, to come. As the Public Accounts Committee said last week, the Government have no detailed plan in place for reaching communities where it is not commercially viable to do so, and there is little in the Bill to address that key issue.

The Bill does make further changes to the electronic communications code, which governs the agreements between telecoms companies and the landowners who host their masts. The code was last updated as recently as 2017, but those changes have not had the desired effect of speeding up roll-out.

Despite promises that rent would not reduce by more than 40%, many community sports grounds, churches and local authorities that host phone masts have had their rents cut by up to 90% or even 95% in some of the cases that we have already heard about today. That will be further exacerbated by the Bill, which hands more power to the telecoms companies in court and disincentivises people from coming forward to have phone masts put on their land in the first place. [Interruption.] The right hon. Member for New Forest West (Sir Desmond Swayne) looks like he is itching to come in on that point.

The hon. Member for St Albans (Daisy Cooper) intimated that people would want to take their land back as a consequence of the changes. I hope that she has identified that that is not possible. People will not get their land back unless they are going to develop it, and even then, they would have to go to court to get it.

The right hon. Gentleman is absolutely right that the Bill and the previous code mean that those cricket grounds, sport clubs and churches in all hon. Members’ constituencies that had phone masts put on their property in good faith to give them income that they would not otherwise have, which in many cases keeps them going, have been offered dramatically reduced rents but are forbidden by law from taking the masts down. They are between a rock and a hard place. It will put many of those community groups, and the roll-out, at risk.

There is a real risk that the Bill will hamper, rather than support, faster broadband and 5G roll-out, so what assessment has the Secretary of State made of the effect of the 2017 changes on rent levels and on the speed of roll-out? Given that previous reforms to the code have resulted in no demonstrable improvement, what makes her think that strengthening the hand of telecoms firms will speed up the roll-out, rather than simply allowing them to increase their profits further? I think that is the thinking behind the now not-selected reasoned amendment tabled by the right hon. Member for New Forest West, with which I have a great deal of sympathy.

The Opposition support the broad approach of the Bill, but the security measures are too little, too late and are behind the technology curve rather than in front of it.

I am listening to the hon. Lady with interest and I think that security is an issue on which we can work across the House. What specific measures from the 2018 “Secure by Design” guidance does she think should be included in the Bill but are not at the moment?

I am coming to the end of my speech, but there are a number of issues that could have been included in the Bill, some of which I have outlined. There are security issues, and there are new waves of technologies that are not in the Bill’s scope; as the Secretary of State rightly pointed out, they are coming on us really quickly. Bills like this one tend to come three or four years behind the technology, rather than ahead of it. That is what I would like us to work together to address.

In conclusion, we fear that these telecommunications infrastructure measures could further hamper the Government’s pretty woeful record on broadband and 5G infrastructure.

I have been asked to vote for some pretty awful stuff over the past couple of years, but this has to be the most profoundly un-Conservative measure. It will compound the damage that was done to rights of property in 2017, and the proposal to amend the Landlord and Tenant Act 1954 will extend that damage to other walks of our national life, fundamentally undermining our position as a stable and predictable place in which to invest.

The digital roll-out has been stymied by changes that have brought about the very reverse of what was originally intended with the changes to the code in 2017. As a consequence, our constituents have been intimidated and bullied.

I have a constituent who refused a survey—she did not want a mast, because it would compromise her existing enterprise—but caved in when she was threatened with court action. Then, when she refused the terms of the mast, she was presented with statutory orders requiring access for both a temporary and a permanent mast. Of course, getting legal advice comes at an enormous cost. Happily, New Forest national park authority has thrown out the applications for both masts, but the battle, the uncertainty and the cost continue.

I have a group of constituents in a block who have let their collective roof for an antenna over the past few years and received an income, but have now received a demand with menace for a dramatic reduction in the income. They are having to deal with a demand for a 30-year lease of their entire roof. It is really quite extraordinary how the terms of trade have been rigged against landowners.

The Secretary of State presented the matter as if the problem were the landowners—as if we have to find ways of getting landowners to become more reasonable. When I had a meeting with the Minister for Media, Data and Digital Infrastructure, she reassured me with the alternative dispute resolution process, which we have heard about from the Secretary of State today. The problem with that procedure is that it is not mandatory. The telecom companies know that they do not need to engage with it, because they can afford to go to court and their victims cannot. That is the difficulty—that is the outrage that we have created.

It is no wonder that the whole roll-out has stalled and that no one wants to give access for a mast, because the income is not worth it and the consequences are frankly deplorable. Small farms, churches and small sports clubs used to have an income, but it has now crashed and they have all the uncertainty and inconvenience of continuing to host a mast. As I pointed out in an intervention on the hon. Member for Manchester Central (Lucy Powell), there is no prospect of getting their land back without court action and development.

Sports clubs, parish halls, village halls and the like have seen a real depreciation in their income because of non-use as a result of covid, so does my right hon. Friend agree that this is precisely the worst possible time for an enforced reduction in their income? Many of them will have hard-baked an expectation into their future financial forecasts.

Of course, and these are the very people—the hearts of our community—who are now identified as the villains whom the Bill creates more power to bring to heel. It is the most monstrous piece of legislation that has been brought before us, and we should deal with it accordingly. We had a functioning market in 2016, and in 2017 we brought in measures. Whitehall has destroyed that market, egged on by rapacious telecom companies, and this Bill will make it even worse.

In 2016, the need for regulation on product security became undeniable when huge swathes of the internet went down. This included websites such as Netflix, Amazon, Twitter, Reddit and Airbnb. The attack was conducted by a botnet, an interconnected series of programmes running on a huge number of hacked devices, which overloaded the web providers with requests for access. However, unlike previous or more conventional attacks, this one did not emerge through laptops and computers. This attack came through domestic appliances. I am sure that this will sound completely ridiculous to the many people gripped by this debate: the revenge of the malevolent toaster.

The internet of things is a term given to physical objects that either have processing power or are connected to the internet, such as home security measures or even lighting. When we think of cyber-security, it is natural to think of the precautions we take when using our phones and computers, especially around personal data and online transactions. What is less well known is the risk that poor product security can have. Attacks on internet-of-things devices rose 100% in the first half of last year, and it is a worldwide problem. In the UK since the beginning of the pandemic, 49% of people have purchased an individual smart device and 57% have increased their use of internet-connected devices, yet worryingly, only one in five internet-of-things manufacturers is believed to have embedded strong security into their devices. I want to praise Which? for the excellent work it has done for consumers in investigating this sector.

As we have seen in our inquiries into tech in relation to the Online Safety Bill, it is necessary for Government to intervene, as companies will often do the bare minimum to protect users. As with online safety, one of the core solutions to product security is the principle of secure by design. It is good to see the UK Government acting to embed this principle in law, following on from the Scottish Government’s cyber resilience strategy’s aim to enshrine security by design as a foundation principle of Scotland’s cyber landscape. On the SNP Benches, we are glad that the UK Government have finally taken action on this, but there are some areas where the Bill falls short, and there is the potential to make some aspects of product security less effective.

One area of concern is that the Bill will require manufacturers to declare security flaws in their products publicly, without having a mechanism in place for automatic fixes or requiring that a fix be in place when the flaw is announced. This could make users less, not more, secure. The requirement could in effect alert hackers and malicious users to flaws without giving users the tools to fix the weaknesses, thereby ringing a bell for hackers to target those products. It has been highlighted that a majority of users will likely not have the skills to implement patching, so the benefit of the disclosure mandate, without automatic patching in place, would be without value. The Minister should look to implement requirements for automatic patching or for manufacturers to put solutions in place before the time of a public flaw disclosure.

Another oversight in the Bill is the exclusion of certain types of products, leaving millions out of scope. Internet-connected ovens, which have been targeted by malware, shutting down entire businesses, medical devices, routers and second-hand products, are all excluded from the scope of the Bill. The Bill should clarify which products are in or out of scope. Additionally, the Bill does not cover laptops or desktops, due to the existence of a developed antivirus and security software market. However, a mere 58% of people in the UK use antivirus software. Martin Tyley, head of cyber-security at KPMG UK, has called for the inclusion of laptops and desktops in the scope of the Bill, to protect the increasing number of home workers who have been targeted since the pandemic began. Even with its current flaws, which I hope the Government will be able to iron out, the Bill attempts to tackle an important aspect of cyber-security. However, this should be part of an holistic IT security approach that is taken to defend the UK’s cyber-security landscape.

I would like to mention the enforcement mechanism in the Bill. Section 26(5) makes it clear that the Secretary of State will not be able to bring proceedings in Scotland, but the Bill will still establish enforcement mechanisms and a body to carry out enforcement actions under it. As the Scottish courts and legal system will have to manage enforcement action brought in Scotland, and oversight of the Scottish legal system is devolved, it is only right that the Scottish Government have a role in developing the enforcement mechanism. Therefore, I ask the Minister to consider amending the Bill to include a duty to consult the relevant Scottish Ministers when developing the enforcement mechanism and the security requirements that are to be enforced, so as to account for the requirements of the Scottish legal system.

I also seek clarity from the UK Government on what impact the passage of the Bill will have on the powers of the Scottish Government to regulate products in Scotland. We welcome, in principle, reform of the code. We are working with civil society partners to identify ways in which the Bill can be improved in its passage.

I would like to raise one further issue. BT has highlighted Openreach’s commercial plan to upgrade 6 million properties, all of which will need agreement in order to upgrade them from the copper network. Without more ambitious reform, Openreach risks not being able to access up to 1.5 million flats, even in cases where residents want full fibre. According to BT, the Bill as it stands will not support improved connectivity to flats or rural areas, where most of the network is built above ground.

The need for a fast roll-out must be balanced with the rights of landowners, such as farmers. As we have heard, some campaigners have raised concerns about the rapid drop in rents faced by businesses hosting masts—some by as much as 90%. On this and other issues raised, I look forward to the Minister’s answers.

It is a pleasure to speak in another debate on improving the nation’s connectivity. My hon. Friend the Minister is well aware of connectivity issues in places such as Ilfracombe in my constituency, as has been so well documented recently, so I very much welcome the steps that the Bill is taking to begin to address some of the issues that have slowed down infrastructure deployment.

I am chair of the all-party parliamentary group on broadband and digital communications. We produced our own inquiry into the electronic communications code in November last year, and we are so pleased to see some of our recommendations materialising in part 2 of the Bill, focusing on telecommunications infrastructure. It is on part 2 that I will focus my comments.

The Government set a manifesto commitment to improve the UK’s broadband connectivity—a manifesto that I was proud to stand on, having heard on far too many doorsteps back in 2019 about my constituents’ connectivity concerns. The telecoms sector has experienced lengthy delays in securing access agreements since the electronic communications code was reformed back in 2017, and the Bill clearly intends to help speed up the deployment of this vital infrastructure. It is therefore warmly welcomed, in the main, by me, industry and the APPG alike.

One of the asks from our inquiry was to have a clear distinction between fibre and mobile infrastructure. It is important that the code works for both, and mobile operators welcome the Bill, which will accelerate the deployment of 4G and 5G. The new code had led to significant delays in reaching agreements with landlords, particularly where operators need to renegotiate leases as they expire, or where additional equipment needs to be added in order to upgrade or share sites to improve the service. The Bill before us seeks compromise between industry and landlords, while noting concerns in rural Britain among organisations such as the NFU, so well articulated by my right hon. Friend the Member for New Forest West (Sir Desmond Swayne).

My right hon. Friend makes a noble point, to which I will allow our hon. Friend the Minister to respond.

I recognise the need to balance competing interests carefully. The single greatest barrier the fixed infrastructure sector faces in the code is obtaining wayleaves and protracted negotiations with unresponsive landlords. To deliver in rural constituencies such as mine, large numbers of wayleaves to cross private land will be needed, which is seen as a risk to Project Gigabit’s success in rural Britain. Landlord negotiations to gain access to multi-dwelling units have also been problematic. The industry warmly welcomes the provisions of the Bill that would fast track wayleave negotiations via the alternative dispute resolution scheme, which will help to level up islands of poor digital connectivity, which too often centre on social housing stock.

Sharing historical wayleave agreements and the underground duct network is also warmly welcomed, although concerns remain about whether the Bill is intended to address the problem of accessing poles situated above ground on private land, which is a particular concern in rural communities, where much of the network is built overhead on poles. I hope that clarity on that point will be given as the Bill proceeds. There is also concern that the Bill does not address automatic upgrade and sharing rights of existing infrastructure, either inside blocks or flats, or overground on poles.

The pandemic has clearly showed how vital connectivity is to all our communities, as those without good broadband have struggled with so much during the pandemic. Too many schoolchildren have explained to me the problems of the circle of doom, so I thank Openreach again for coming to the aid of some of my more rural primary schools and expediting their broadband connection; but I remain concerned that this piecemeal approach to connectivity and the focus on competition in urban conurbations is reducing fibre access altogether in rural Britain. If we are truly to level up our rural communities, speeding up our digital roll-out to them is vital.

Given that my constituency resides at position 607 out of 650, I am sure the Minister is not surprised to find me here again, asking for more to be done across the north, and indeed the whole, of Devon. In this day and age, fibre broadband is a utility, and there should be universal provision. Rural constituencies such as mine should not be left behind to facilitate market competition in our towns and cities. The Bill is a great step forward, and I hope that some of the industry’s concerns will be addressed as it proceeds. The Secretary of State has clearly noted my campaigning, as has the Minister, so I very much hope it will be rewarded with faster rural roll-out than is currently planned in North Devon, before any other visitors to my lovely constituency find themselves in an all-too-readily-available North Devon notspot.

I start by declaring my interests. Much of my previous career was spent in the cyber-security industry, and in the four years before being elected to Parliament, I led commercial strategy and public policy for BT’s cyber-security team. BT was one of the companies that helped to design the Secure by Design code of practice, some of which we are putting into law through the Bill. Also, I have recently undertaken cyber-security work for MHR, which is set out in my entry in the Register of Members’ Financial Interests, although the company does not produce consumer devices, connected or otherwise.

In some ways, cyber-security was good preparation for politics—for example, waking up to nightmare headlines such as,

“Attack of the refrigerators! The cyber-threats lurking in your home”


“Is your smart TV too wise? The FBI warns your screen is watching you”


“HACKED IN THE HOME: Your entire home could be HACKED with these simple mistakes, cyber-experts warn”.

Perhaps the most disturbing one I have seen is:

“Hacker who stole nude self-portraits of George W. Bush jailed for four years”.

I am all for being tough on crime, but surely in that case the perpetrator had already suffered enough.

Alarmist headlines aside, the Bill is very much needed to protect our constituents. The average UK household has nine connected devices, and the security on most of them will be poor. Information about how secure the devices are, or how long they will receive security updates for, is unlikely to have been provided when they were sold. What are the risks? There is a huge impact on our constituents’ privacy. Your TV really could be watching you. Two years ago, footage stolen by hackers from home security cameras in Hong Kong was sold to pornographic websites—a huge invasion of people’s intimate private moments. There are numerous reports of baby monitors being hacked by paedophiles.

There is also the danger of hackers using a fairly innocuous connected device as a gateway to jump to other devices and steal valuable information. An infamous example from the business world is the attack in 2013 on Target, one of the top five retailers in the US. Criminals gained access to its network through a supplier connected to an external vendor portal. They then stole the details of 40 million customer credit and debit cards. The supplier just provided air-conditioning. The total cost of the cyber-attack was more than $200 million. That is one hell of an expensive air-conditioning bill. There was also an attack on a casino, where hackers gained entry to the network through the thermometer of a fish tank.

Once they have a foothold in the home, hackers can access other devices that are not properly secured. There is a real danger that sensitive information relating to a constituent’s health or their financial information could be compromised, but how common is that really? Is it just a case of a few alarmist headlines? The consumer watchdog Which? ran an interesting experiment last year. It set up a smart home with a range of consumer devices, from kettles to thermostats, televisions and security devices, all connected to the internet. It experienced 12,000 hacking or scanning attempts in a week. At one stage, it experienced up to 14 hacking attempts an hour. We have a problem, therefore, but not a problem of which many people are aware. A recent report that surveyed 2,000 UK consumers found that people were largely unaware of the risks. Some 48% of respondents were not aware that hackers could hijack their connected devices.

Unsecured consumer devices are also a real risk to our digital infrastructure. Hackers who control connected devices can harness their collective power into a botnet—a network of devices that can be used to launch denial of service attacks on our digital infrastructure. The Secretary of State referred earlier to the Mirai botnet. What is interesting is that it is thought to be the first botnet to harness the power of insecure consumer devices or the internet of things. At its peak, it had about 600,000 devices—baby monitors, radios, cameras—at its beck and call. You and I would not necessarily have noticed it, Mr Deputy Speaker, until the day it launched an attack on the domain name service provider Dyn in 2016. In doing so, it took out Netflix, PayPal, Amazon, Visa, Reddit and Airbnb for the best part of a day.

Contrary to some of the claims we have heard from those on the Opposition Benches, the UK has always been a world-leading cyber-power. Back in 2011, we were one of the first countries in the world to publish a cyber-security strategy. It recognised the risks and opportunities that cyber-security brought to nation state relationships, critical infrastructure, business, consumers and society as a whole. We have always been out in front when it comes to protecting people, businesses and critical infrastructure.

In the 2016 refresh of the national cyber-security strategy, the Government moved from relying on a market-based approach to protect consumers, to a more active role through the UK’s active cyber defence programme, which makes the infrastructure of the UK’s internet more difficult for cyber-criminals to exploit. It does that through measures such as improving the security of internet protocols—the method by which data is sent from one computer to another—and domain name system filtering that blocks access to sites known to host malware, such as phishing sites. The 2016 strategy also committed to publishing guidance on how to improve the default security of consumer products. There are three measures on that in the Bill. As we know, it forms the basis of similar codes used in India and Australia, but it also forms the basis of the first global technical standard for consumer cyber-security products. So far from being behind, the UK is the leading country in the world on this issue.

As has been set out, the three measures put forward are: banning default passwords; implementing a vulnerability reporting scheme; and informing consumers how long a product will receive security updates for at the point of sale. They are really necessary because, I am sorry to say, we have not seen the response from industry that we should have. Too many manufacturers are still not taking responsibility for ensuring their products have the basic security that our constituents need. Too many still shunt their security responsibilities on to the users of their products.

We need to call time on this. The digital economy is growing and holds huge opportunities, but those who benefit from its growth should also be investing in the safety and security of its users. We are still, in my view, only on the cusp of the fourth industrial revolution, the fusing of our digital and physical worlds. Cyber-security needs to be a part of that revolution to ensure that the inevitable risks are outweighed by the opportunities.

As the shadow spokesperson, the hon. Member for Manchester Central (Lucy Powell), said, this is a technical Bill, but it is hugely important and will make a real difference. It will build on the incredible speed of the gigabit roll-out programme—up to 65% from just 11% two years ago. That is, whether she likes it or not, the fastest roll-out in the world, delivered under the Minister, and indeed under her predecessor—but I will leave that to the rest of the House to judge. She is right, however, to say that we should be doing everything we can to go as fast as we possibly can. I humbly submit that setting the large number of broadband providers that operate in this country in competition against each other to get as much of the country connected as possible, is one of the ways that is delivering that incredible roll-out speed and I think she should welcome that.

None the less, it is important to make sure that the operators that seek to deliver the roll-out are able to access the land they need. My right hon. Friend the Member for New Forest West (Sir Desmond Swayne) made a passionate speech, possibly one that none of us was expecting in this kind of debate, in defence of landowners. Landowners are a crucial part of getting the roll-out right, but I say gently to him that there has been an incredibly successful lobbying campaign on behalf of those landowners, who, for a very long time, have had a very good deal. The 2017 proposals to cut the amount of money they receive, bringing it in line with other utilities—we could argue about whether broadband is technically a utility—was absolutely the right thing to do. It is what will speed up the roll-out programme.

I will let my right hon. Friend intervene in a minute. He talked about the benefit to landowners. When we get the roll-out right and get masts at as many locations as possible, the benefit accrues not to landowners primarily but to all the communities that live around them. That is where we should be focusing, not primarily on the small number of landowners who are concerned.

I am only interested in the lobbying of my constituents who have been so harshly affected. We have heard the stories of the 90% and 95% reductions in income. This has made things very much less expensive for the companies concerned. Where has that money gone? It has certainly not been invested in the programme.

My right hon. Friend does not make a wholly unreasonable point, but ultimately that money is going into an incredibly rapid roll-out of 5G. In rural areas in particular, we are seeing the industry putting in half a billion pounds of its own money alongside half a billion pounds of Government money to get to some of those hardest to reach places, so I fundamentally do not accept his premise, which is that the industry is not investing as it should. I would like the Government to go even further to see even more investment. He is right to focus on some of the small areas that rely on this income. However, that cannot be the main economic driver for the roll-out of 5G.

Does my hon. Friend accept that the reverse seems to be happening and that the roll-out seems to be slowing down? Does he also accept that this is a rather mature market of providers in an increasingly profitable arena, with ever-greater demand for their services from a growing population? Therefore, it may be worthwhile revisiting this de-incentivisation—obviously that was not the intention but it seems to be the result—to see whether restoring the proper remuneration that people had expected may speed up this much-needed roll-out.

Ultimately, I think reducing it in the predictable and long-announced way is what will speed up the roll-out. However, to give my hon. Friend and my right hon. Friend the Member for New Forest West, who is no longer in his place, a little succour, the industry should be on notice that if the currently voluntary dispute resolution system does not work and does not deliver fair settlements, perhaps the Government will think about giving the system some more teeth. There is a balance to be struck, and this Bill strikes it in the right way. However, there is another step that one could take.

My hon. Friend is being characteristically generous with his time. We had this sort of debate about the water companies and sewage. Unless their toes are held to the fire, they will exploit a system—I do not criticise them for so doing—for as long as they can. If the Government were more robust in bringing this forward as a clear commitment and making it binding and obligatory, that might help unblock the logjam.

Ultimately, I simply say, from a Conservative standpoint, that I would like regulation to be as light touch as possible. This is the right step down that road. It may be necessary to be more robust, but we are not there yet.

Moving on to “secure by design”, my hon. Friend the Member for Rushcliffe (Ruth Edwards) asked the Opposition which of the other 13 points they would bring in. This Bill introduces three of them, and they are immensely welcome, but they are the lowest hanging fruit when it comes to cyber-security. I would not jump immediately to all 13, and the world has somewhat moved on since the 2017 report to which she referred, but there is a clear direction of travel. I welcome how the Government are introducing the proposal, but the industry should be looking at what more there might be to do.

Finally, my hon. Friend also talked about cyber-security in a much broader sense than this Bill. A huge number of businesses will rely on cyber-security professionals in future to ensure that they are provided with the kind of security that they need and that which their insurance companies’ policies might require to guard them against the potential costs of hacking. In due course, some of the people operating in that profession will require greater regulation. The UK Cyber Security Council, which the Minister oversees, is welcome, but further regulation, perhaps in the manner of the Bar Council, is what will allow the cyber-security profession to grow, flourish and continue to preserve Britain’s place as a world-leading cyber-power, which we all want. This Bill helps us to get ever closer to that goal, and I commend it to the House.

I applaud the Government for the energy they are putting into trying to improve our connectivity. There are undoubtedly still notspots in my rural constituency. Having Zoomed constantly in my River Severn village throughout the pandemic, I find that the pizza wheel of doom—when the tinternet is struggling and people freeze in strange positions—is no longer funny; it is just annoying. I recognise that improvements are needed, and I see what the Government are trying to do, but many of my constituents are experiencing a David and Goliath situation, which I am worried about. That is where I will focus my comments.

Trying to deal with the might of the telecommunications companies is a pretty scary feat for any constituent, even before some of the tactics that I have sadly seen deployed. In my short tenure as Stroud’s MP, since the 2019 election, I have dealt with a number of mast issues; some people are amazed by how many mast issues have come up locally. I will summarise a couple. The Minister has been kind enough to look at case studies in my area. There have been issues with masts in Painswick village, where, sadly, Stroud District Council infamously missed a deadline that effectively led to permission being given by default on a controversial site. That matter rumbles on and has caused a lot of upset and stress for neighbours and the landowner. I understand other councils in the country have faced this issue.

There have been local applications in little villages in areas of outstanding natural beauty that effectively rely on terrifying elderly landowners. A village clubbed together to get professional advice to support a landowner to deal with that. A Stroud farmer currently receives a £10,000 annual rent payment for an existing mast but has been offered a significantly lower amount. We know that farmers struggle to make ends meet and that the Government are telling them to diversify, so these incomes can be fundamental to getting food on their own tables, let alone putting food on ours. Negotiation is limited—this farmer is a big, burly guy who does not feel bullied and told the company to take the mast away—but it goes on and on, and he does not feel like he is in a strong position.

If the Bill relies on the courts for remedy, I believe the roll-out will continue to stall. Courts are the remedy only for those who can afford it. Disputes have drastically increased, as have stress, frustration and anger, since the 2017 changes, and I fear it will get worse. The electronic communications code—this is a bit more technical—grants code operators the right to access land to install and maintain apparatus and to seek such rights to be imposed by the courts where agreement cannot be reached. One key change introduced in 2017 was to modify the pricing mechanism that the court should apply; as we heard, there has not been a proper look at pricing and valuation, even in the consultation on the Bill. The pricing mechanism was changed from market value to realign it along similar principles to compulsory purchase—we all know how painful compulsory purchase has been for many of our communities, not just Stroud—with statutory assumptions to place the valuation in the no-scheme or network world. That change was against the findings and recommendations of the Law Commission, and effectively of Nordicity and Analysys Mason, which is beyond my pay grade but I am told is important.

We are now in a situation where code operators typically portray landlords as a grasping group who cause delay to hold them to ransom for more rent. That is not my experience. Where code operators seek to acquire new sites, there are a range of different reasons why challenges are put up by constituents, local villages and local communities. I will give a few of the common themes I have come across. High on the list is the potential effect on, or conflict with, the landlord’s own use of the wider landholding and other tenants’ activities. The potential impact on the landlord’s own future development aspirations and the visual impact of unsightly and often poorly designed electronic communications apparatus on the wider landholding or host building are high up the list before rent comes into it, along with: adverse impacts on neighbours or disputes with neighbours about a mast going up; adverse effects on the marketability of other land or buildings; adverse impacts on the investment value; structural issues and future maintenance of a building or structure on the site; the extent of extended health and safety or drop or fall zones; and the implications of further development granted as permitted development. All those are on the list. It is not just about rent or money.

Stroud constituents inform me that the code operators have sadly proved generally insensitive and unsympathetic to addressing such issues. Instead they have interpreted the ECC changes as granting them rights over any third-party land almost for free and on terms that they can dictate, so that they can do almost anything at any time. It is that mindset of entitlement over private rights, and the blinkered belief that digital communications are the only important thing, that are influencing decisions.

The code operators are looking to acquire large numbers of sites and to renew hundreds of leases. Given the process-orientated targets internally, no doubt the resource is driven by objectives and milestones, and less by humans—the people it affects. I fully accept that we are thinking about humans all over the country when we are trying to improve connectivity, but I worry about the balance. Bullying local people is not acceptable. No matter how much my Stroud constituents want faster this, that and the other—and, in many cases, how much we need connectivity actually to work—they do not want their neighbours to be bullied and they expect Government legislation to protect the weaker party. By any analysis, it is usually the constituent landowner, not the telecommunications organisation, that is usually the weaker party.

Local councillors tell me that they feel pretty impotent on this issue. Constituents do not feel that their local councils have any power, so there is a disconnect between who they feel protected by and the changes with the legislation. I will give the House a bit of an overview of the process that constituents have outlined. Mr Deputy Speaker, please shout or nod at me if you want me to wind up, because I realise that I am taking some time, but these are important points.

The process starts with a landlord being approached by a site acquisition agent—not necessarily a well-known company—seeking access to land to undertake a survey. That request is then accompanied by a threat, effectively, to gain access via an application to the upper tribunal, and this is pointed out as almost impossible to resist, with the likely cost of a vast sum of money to the landowner in the case of resistance. I am thinking not about my big burly farmer, but about the elderly landowner who is worrying about this. Access is often granted unwillingly, which confuses neighbours and starts arguments locally. A survey is then undertaken and the landlord is sent a set of heads of terms, sometimes with an imploding offer of capital payment if they are agreed within a short period. Without any real attempts to negotiate or listen to concerns raised, notices are then served under the ECC, which cock the gun for reference to an upper tribunal again for the imposition of an agreement.

I thank my hon. Friend for so clearly summing up the process of what the Secretary of State called “community engagement”.

I only wish I was as beautifully dramatic and exciting as my right hon. Friend when I spoke. I am conscious that I am reading a list to the Chamber, but it is an important list because it shows the experience of so many constituents. It may be dull, but it is scary, and it is a very worrying time for our constituents.

If residents and businesses are lucky—some of my constituents have been—it is usually at around this stage that they instruct professional support, because they are so worried. They start to think about how to object to the application. It is pretty late in the game—a long way down the track—but often people do not realise that it is an option and a lot cannot afford it. However, I am being told that people are successful in getting the applications refused in most cases where professional support is provided.

The lack of investment by the code operators in good-quality design, and the lack of mitigating features such as screening or structural landscaping, reflect the arrogant assumption that they can simply pass on societal costs of their development to the public at large, while simultaneously claiming that planning is a barrier to deployment. All those things are often lost in that long process before we get help to understand what really should be brought into the planning applications.

It is clear that, where planning permission is granted, landlords come under the real threat of a reference to the upper tribunal, and given the extremely high costs of litigation, quite a lot of people will fold at that point, regardless of the merits of their case. I have to believe that the code operators do not set out to behave in an egregious manner. I have met so many staff from telecommunications companies who come to consultations, and they are good people who want to find solutions, but time and again, these are programmes that the agents, acting on their behalf, are running through. My fear is that the totality of the changes we are looking at now, far from redressing the balance of power, will tip the scales further in favour of the code operators. As a consequence, the proposed changes in the Bill will actually exacerbate the marketplace issues being experienced, even if they try to resolve some of the legal anomalies.

I fear that we have lost sight of the mission, which is how best to deploy networks in the most appropriate places. We are trying to fix the issues we have experienced since 2017 with a piece of misused and, in effect, abused legislation that was supposed to be used as a last resort, but is now very much used de rigueur by the companies. I do not think that is the way to make improvements for the landowners and the companies, nor is it a way to roll out the improvements the country wants to see.

I want to know from the Minister how the Bill addresses what has become the main issue with the framework, which is the way costs fall on landowners and have in effect become the latest bludgeon to beat them with. The cost of seeking advice is high and will often far outweigh any consideration that is offered, even over a 10-year period. Whatever the merits of the landlord’s position, to contest any matter in the courts is very costly, and the extreme costs associated with losing mean that few but the largest with much at stake will be able to take that step, as I have mentioned. However, I think we have to keep hammering the point home.

I want to know, given that we have the experiences of things such as the water companies and the environmental fights happening all over the country, and given that we know that the Human Rights Act 1998 and article 6 provide the right to a fair hearing, why we are not seeking to strengthen the alternative dispute resolution option and thinking about making it mandatory. I disagree with my hon. Friend the Member for Boston and Skegness (Matt Warman), who is learned, in that I do not see why we should wait to see if the measure fails before we make improvements that will support everybody to achieve the goals.

Finally, I was really disappointed that we have not worked harder to think carefully about the valuations. The information coming forward is that it is not about a slight chunk off what there is already or even an attempt to rebalance the ability to look at utility companies; the offers coming out to people with masts on their land is a dramatic change. It does not feel fair and will not achieve the goals, and I would like to hear from the Minister whether we can take another look at the valuation structure.

This has been a negative speech, but I thank the Government for the work they are doing. However, I think we can do better for everybody involved, and by doing better we will achieve some serious connectivity throughout the country, particularly in rural areas.

I am conscious that I am the last Back-Bench speaker in the debate, and I see a number of hon. Members who have shown a late curiosity in it over the past few minutes, so I will try to keep my remarks as pithy as I possibly can.

I will confine my contribution to part 2 of the Bill, on the changes to the electronic communications code and, in particular, the Government’s measures to improve digital connectivity and meet their target of delivering gigabit-capable broadband to 85% of UK premises by 2025. I think it is fair to say that we have made real strides in that direction, underpinned by the universal service obligation. Locally, we have Connecting Cheshire, the BDUK delivery partner, working to ensure that that is being met; the gigabit broadband voucher scheme, which I know many of my constituents have taken advantage of; and more recently the addition of Cheshire to Project Gigabit, which will hopefully mean that we secure more of the significant funding that has been committed to that project.

I argue that Eddisbury is a good test bed from which to judge the success of the Government’s commitment. It is the 92nd largest constituency geographically, and 57.9% of it is classed as rural. It is 599th out of 650 constituencies for superfast broadband coverage. Some 23.5% of my constituents are aged 65 and over, against the national average of 18.6%. As we know, isolation is an issue for that age group, and therefore digital connectivity is particularly crucial. We also have a high number of small businesses scattered across the constituency. Some are run by people from their home, not least the many farmers in Eddisbury, or from a local commercial building, so the roll-out of gigabit-capable broadband is fundamental to the whole of my constituency and the local economy moving forward.

For all those local residents and businesses, reliable and resilient broadband and mobile coverage of a more than decent speed has become ever more essential, accelerated, as we know, by the covid pandemic. Simply put, as my hon. Friend the Member for North Devon (Selaine Saxby) said, it is now one of life’s necessary utilities. It is therefore pleasing to report that in Eddisbury we have seen significant improvements in our broadband infrastructure. I pay tribute to my hon. Friend the Member for Boston and Skegness (Matt Warman), who did some sterling work to try to make those figures move in a very positive direction. We now have 89.7% of premises with superfast broadband availability. Some 56.2% are gigabit capable, which is up 15% in the last year alone, and I think up from just 7% in 2018.

However, as we have heard, there is still much to do, particularly in the many villages and rural areas of south Cheshire. For example, 9.4% of premises in Eddisbury receive broadband speeds of under 10 megabits per second, compared with 6.4% across the whole of the north-west. Since my election in December 2019, I and my staff have dealt with more than 100 cases of poor connectivity raised by frustrated constituents. The local survey that we carried out on the issue revealed that 55% of those who took part felt that their broadband provider did not meet the level of internet speeds that it had advertised in its plan. Respondents also fed back frustration about the real difficulty, and exasperating delay, in reaching agreements that allow for fibre cables to be laid across private land to connect properties—a frustration that the Bill seeks to address.

To give the House a short local example, there are 12 properties in a semi-rural location that sit between two areas where fibre has already been installed. Their broadband is delivered through copper telephone lines at very slow speeds of between 1 megabit and 5 megabits per second. In 2019, BT Openreach considered installing fibre as part of a wider project in the local area, but subsequently withdrew because of the incessant delays in obtaining wayleaves. To compound the problem, Openreach has estimated the cost of installing fibre via trench in fields adjacent to the lane that the properties are located on to be £55,000—a sum well beyond the amount that could be raised through the gigabit voucher scheme. In any event, both BT Openreach and Connecting Cheshire have, for some as yet unexplained reason, deemed that the 12 properties are not eligible for the vouchers. As a consequence, we have a stalemate. My team and I are doing all that we can to unlock the impasse, including on potential top-up funding and inclusion in the Airband project. I ask the Minister what assistance she and her team may be able to provide to ensure that those in the properties get the broadband that they want, although it may well be that without this legislation a solution may be a long way down the track.

I support the proposed reforms to the electronic communications code that include the introduction of a faster procedure to allow telecom operators to get temporary rights to access and install infrastructure on land, as well as the sharing of equipment as part of any upgrade. In doing so, I am of course mindful of, and have sympathy with, the concerns raised by a number of Members, including my right hon. Friend the Member for New Forest West (Sir Desmond Swayne) and my hon. Friend the Member for Stroud (Siobhan Baillie), off the back of the 2017 reforms that resulted, in some cases, in reductions in rents for hosting infrastructure, which can affect the resolution timeframe.

As we have heard, those issues were not revisited in the 2021 consultation, and I think that many of us would like some reassurance from the Minister that the Government will continue to monitor the issues of both valuation and dispute resolution in order to understand the consequences of the changes in the code arrangements. That will ensure that my landowner constituents feel they are getting the right value for their commitment, while my local residents can expect to have their gigabit broadband as quickly as possible.

Overall, this is an important Bill, bringing about the ever more pressing digital connection of our entire country. In Eddisbury we are taking significant steps in that direction, but there remains much more to do, and to that that end—with the help of the Bill— I will continue to do all I can to make it happen.

It is a pleasure to close this Second Reading debate. The first job of any Government is to keep their citizens safe, and I am glad that the security elements of the Bill were developed in conjunction with the National Cyber Security Centre and the Department. Her Majesty’s Opposition have the utmost confidence in our national security services, which go to such incredible lengths to keep us all safe in an increasingly difficult online world.

A number of speeches have been made by Members on both sides of the House, but let me deal first with what was said by my hon. Friends the Members for Ealing North (James Murray) and for Luton South (Rachel Hopkins), both of whom spoke about the notspots in their constituencies and the increasing problems with access to tech. People may have the “plumbing” that can provide a good standard of broadband, but they may not have, indeed may not be able to afford, the equipment that would give them access to it.

We in the Labour party put security at the heart of everything we do, and it is owing to that desire to see people in this country safe in cyber-space that we will not oppose the Bill. However, there are issues that we feel should be addressed in it, some of which have already been mentioned today.

The product security measures in part 1 contain proposals that Labour fully supports. They include a ban on devices that come with easy-to-guess passwords such as “default” and “admin”, and oblige firms to make such vulnerabilities public knowledge, with those failing to comply being threatened with large fines. That is especially prudent as it institutes common-sense rules for sellers to follow, and ensures that consumers are more engaged in cyber-security. Basic cyber-hygiene is paramount, and measures such as changing default passwords would do a great deal to improve devices’ security by, in theory, adding an additional layer of protection. However, we agree with many in the industry that certain measures could have gone further, and we will continue to hold the Government to account in the areas where we believe that to be the case.

While the pursuit of increased security on devices is laudable, there are concerns about the practicality of such changes. If each device is now legally bound to have a private password, who will be responsible for managing it? Given the plethora of smart devices that we all use, I am sure that we have all forgotten a password or two; I certainly have. If a device needed to be repaired and the user had forgotten the password, how would the specialist repairing the phone gain access? Many in the industry believe that that could potentially lead to a situation in which manufacturers might have to provide “super-user accounts” or “backdoor access”.

The Bill also introduces the mandating of manufacturers to tell consumers at the point of sale about the product’s lifespan and for how long it will receive security updates. While we can all agree that more transparency is a good thing for customers, if security updates are available for a few years—as is the case with Android phones, for example—surely that will lead to built-in obsolescence, meaning, in this case, smart devices being excluded from key security updates after a relatively short lifespan.

The point is that the companies providing the devices will stop giving out security updates anyway. All that the Bill is doing is ensuring that users are informed of when that will happen. It is not forcing in any obsolescence; it is merely giving consumers choice by enabling them to know when those security updates will be stopped.

I take the hon. Lady’s point, but not everyone can afford simply to keep on replacing their technology. [Interruption.] I gave way to the hon. Lady, so she should at least give me the courtesy of allowing me to respond. It is quite simple, is it not? [Interruption.] Government Members do not like it, do they? Perhaps this is not an issue in her constituency, but I bet it is. If a company says, “You will not receive security updates after X amount of time”, people will naturally assume that they have to replace their device. We have heard from Members from across the House today that not everyone can afford to keep replacing devices based on the security that is put in front of them.

All I am asking of the Minister is to work with the industry to ensure that if updates could be taken over a longer period, it is not simply a binary issue of saying, “This device will no longer be updated.” It is as simple as that: we are just trying to make sure that people can afford to keep the devices they own. In many cases, people will save for years to pay for devices or do it through hire purchase.

I will not, no, because the hon. Lady does not like the answer—that is the problem, is it not?

We must also consider the wider view that part 1 of Bill is limited in scope. However, it is clear to all of us here today that no one nation can legislate the internet. Part 1 does provide some desperately needed security responsibilities for the consumer, combined with giving them the necessary information to make informed choices about how they manage the basics of their own digital lives. The pandemic has only served to accelerate the shift to digital, and with that comes the question of increased security and safeguards online.

Now let us turn to part 2 of the Bill. I do not often say this, but I am in almost complete agreement with the right hon. Member for New Forest West (Sir Desmond Swayne)—that is an odd experience, after so many years in the House with him. A number of Members have spoken about constituency issues relating to the changes to the code in 2017, including the hon. Members for North Dorset (Simon Hoare) and for St Albans (Daisy Cooper). It is a good job I am a Welsh MP, because the hon. Members for Ceredigion (Ben Lake) and for Carmarthen East and Dinefwr (Jonathan Edwards) have also done so. I pay particular tribute to the hon. Member for Stroud (Siobhan Baillie), who spoke honestly about what many community groups, farmers, landowners, churches and many other organisations across her constituency are facing, and I agree with her.

We are asking the Government for a review, for it to be fair and for it to provide assurance to those organisations, many of which were the backbone of supporting communities up and down the land during the pandemic, whether through feeding us, taking us in collective worship or offering support to our children and young people. These community organisations deserve our support and we need to ask the Government to follow through on their commitment to undertake a review this year, which was part of the original commitment from a number of years ago. I pay tribute to the hon. Lady for saying that.

On part 2 and the current state of our country’s telecommunications infrastructure, we do have some concerns, as set out by my hon. Friend the Member for Manchester Central (Lucy Powell), the shadow Secretary of State. Having inherited a world-leading position from the last Labour Government, since 2010 the Conservatives have cultivated a culture of missed targets, stunted ambition, and ultimately, stagnation when it comes to our telecommunications infrastructure. The last Labour Government recognised the central role that connectivity would play in the economy of the future, and rightly placed the issue front and centre. As a result, we delivered first-generation broadband to about 13 million UK households by 2009, which shows that large digital infrastructure projects can be delivered at breakneck speed.

To put it simply, we had a vision that we made a reality. Ambitions can be delivered at this sort of speed only when there is real effort, action and long-term planning on behalf of Ministers. Unfortunately, we are not getting that from the current Administration. As has become the norm with this Government, bold and exciting-sounding targets are made in public, only to be quietly watered down at a later stage. The Prime Minister came into office promising full-fibre broadband “by 2025”. His Government then realised that they were not going to be able to deliver it, so they reduced the target to full gigabit broadband by 2025. Realising they also could not deliver that, they landed at the current target of 85% gigabit broadband by 2025. Several bodies, including the Public Accounts Committee, the Select Committee on Digital, Culture, Media and Sport, and many industry experts, now doubt that the Government are even going to achieve that. Dither, delay, disappointment—this has become the norm under this Conservative Government.

The primary concern is that this Bill fails to address the fundamental flaws introduced in the ECC. The code did not receive the necessary scrutiny, resulting in an imbalance between mobile operators and property owners. The Law Society’s analysis makes it clear that the Bill fails to address fundamental flaws in the code that are holding back the roll-out across the country. We are now concerned that the measures in this Bill may slow the 5G roll-out further by disincentivising small building owners and landowners, such as churches, community groups, sports clubs and farmers, from hosting phone masts.

This all began when the Government introduced the ECC in 2017, permitting telecoms firms to renegotiate rents for phone masts down by as much as 90%. Despite promising that the reductions in rent would, in reality, be no more than 40%, this has not held true and the rent reductions have far exceeded that figure. It was deeply disappointing to hear the Secretary of State say to the right hon. Member for New Forest West that there will be no review, despite there being promises to the contrary—yet another broken promise to the people of this country.

The Government have created a framework that allows telecoms companies to dramatically reduce their costs at the expense of businesses, sports clubs, farmers, small landowners and community organisations. I know the Minister will have heard at first hand from a number of organisations across the country that rely on this small but crucial source of income. It is therefore of the utmost importance that the Government review the Bill to make rental valuations for telecoms masts fairer.

We heard from the hon. Member for Stroud about the David and Goliath issue of a big telecoms company versus a church, sports club or scout hut. It surely cannot be in the Conservative Government’s interest simply to ignore all the groups across the country that are in desperate need of the regular income that has been ripped away from them for reasons they still do not really understand.

I finish with a couple of questions for the Minister. Will the Government stand by their 2017 commitment that rent reductions should be no more than an absolute maximum of 40%? Will she look to make a statement, or at least issue guidance, to establish a clear expectation of land valuation that removes the impasse between telecoms companies and site owners? Finally, will she commit to looking at the evidence base and undertake a full economic review of the code by the end of 2022, as was promised during the passage of the previous Bill?

The Opposition want to ensure that every community across the UK has the very best opportunities when it comes to connectivity, whether it be in people’s homes or to allow small businesses to start up right across the United Kingdom. We want the Government to share in that ambition and to keep their promise to deliver improved digital infrastructure. We ask the Minister to step up and deliver these much-needed improvements across the UK.

I thank all hon. Members for their valuable contributions to this debate. I am pleased that the Bill commands cross-party support, which underlines the commitment of this House to make sure that every household and business in our country can access faster digital connectivity and feel assured that our tech is secure. I pay tribute to my hon. Friend the Member for Boston and Skegness (Matt Warman) for laying the foundations for this Bill and for bringing his expertise to bear in today’s debate.

This Bill comes at an opportune time when cyber-attacks are on the rise and the pandemic has underlined the increasing importance of digital connectivity to how we live, work and socialise. The quality and security of that connectivity has an impact on people’s life chances today and even more so in the future, so we have to grip these issues now. That is why we have to view fantastic telecoms infrastructure as more akin to a key utility, notwithstanding the need for different regulatory approaches.

In that way, this should not be seen as a dry debate about technology. I appreciate the valiant attempts to spice up this debate, which is about people and how we give them and their communities the fundamental tools to live good lives and prosper. These networks are vital for the UK’s future competitiveness. We cannot stay at the heart of the global economy if our connections are not world class, which is something we want not just for pockets of our nation but for every community.

We must not see a digital divide emerge between well-connected urban areas and poorly connected rural areas. I know how passionate Members are about the connectivity of their regions, and I welcome their highlighting of the challenges. I pay particular tribute to my hon. Friend the Member for North Devon (Selaine Saxby), who is tireless in her pursuit of better broadband for her county. I encourage ongoing engagement with my Department so that we get high-quality intelligence about what is really happening on the ground as our operators roll out new networks and upgrade existing. I ask my hon. Friend the Member for Eddisbury (Edward Timpson) to write to me in detail with some of his concerns about particular streets in his constituency.

As tech becomes a central driving force for our economy and our society, we have to be able to trust it without ordinary citizens needing deep expertise in cyber-security. That is why we want to make connected devices more secure by design, whether baby monitors or malevolent toasters, as highlighted by the hon. Member for Ochil and South Perthshire (John Nicolson)—perhaps not as perilous a nightmare as that offered by my hon. Friend the Member for Rushcliffe (Ruth Edwards), who discussed pictures of nude US Presidents. Cyber-attacks continue to be a serious and current threat to businesses and states, but this is also increasingly a phenomenon that is affecting all sorts of organisations, from local authorities and public bodies to individuals. The hon. Member for Ogmore (Chris Elmore) raised an important point about the service of cyber officials and the tremendous work they do, and I echo his words.

My right hon. Friend the Member for New Forest West (Sir Desmond Swayne) made a typically zesty contribution, but I am glad that he has at least accepted that we ought to be debating these issues, as yesterday he was considering not allowing that. He is very concerned about lowered rents for landlords who are hosting telecoms infrastructure. We have discussed these issues in person. As he knows, the electronic communications code was changed in 2017. I should make it clear again—I know this will disappoint hon. Members—that we are not seeking to alter that pricing structure again. In our view, the prices being paid for rights to install communications apparatus prior to 2017 were much too high, and with digital communications becoming an increasingly critical part of daily life, that really needed to be addressed.

The argument has been made that delays in digital deployment are primarily a result of changes to the code in 2017 because the amounts offered by some operators are reduced, thereby disincentivising landowners from letting land be used. We do not think this is the case. We maintain that the 2017 valuation provisions created the right balance between public need for digital communications and landowner rights.

But that is not to say that the valuation changes did not create challenges, and the Bill is designed to make a positive difference to some of the David and Goliath situations raised by my hon. Friend the Member for Stroud (Siobhan Baillie). To help ensure that fair outcomes are reached, we are introducing changes to encourage more collaborative discussion. The alternative dispute resolution provision will offer a particularly useful means of tackling situations involving either unreasonably low offers or unrealistically high payments. I am none the less happy to continue this discussion as the Bill progresses through the House.

My right hon. Friend the Member for New Forest West suggested that the Government are on the side of rapacious telecoms operators over landlords. I wish to assure him that that is not the case. We are getting good digital infrastructure to as many people as possible, as quickly as possible. I challenge the idea raised by my hon. Friend the Member for North Dorset (Simon Hoare) that the telecoms operators are making a quick buck out of the networks they build. These are long-term investments, and the Government are pushing them very hard to deliver more, including by stripping high-risk vendors from their networks and rolling out infrastructure to communities that are not within easy reach.

I dare to suggest that some of the rarer and more emotive cases about community organisations receiving reduced rents are being used by certain lobbyists, some of whom are former Labour MPs, to obscure a larger, pretty hard-nosed commercial interest from companies that have bought up large numbers of telecoms sites and are concerned about receiving a lower return on their investment. Some of the same interest groups that oppose rent changes have written to me to express their support for better connectivity in rural areas. We should therefore not pretend that better connectivity does not rely on better access to sites and more realistic pricing for network operators who wish to deploy their services. Some hon. Members have pushed for the Bill to go further, particularly in relation to renewals and operator rights. Our policy aims align with that; we just need to make sure that the legislation is working as we hope. If amendments are required in Committee, we will actively consider them.

The hon. Member for Manchester Central (Lucy Powell) mentioned the recent report by the Public Accounts Committee on gigabit roll-out.

I thank the PAC for its detailed work. It expressed concerns about the absence of legislation, but here is the legislation, which the Secretary of State and I have championed since our arrival in the Department, building on the fantastic work of my predecessor. We have also launched a series of procurements in the hardest-to-reach areas and Building Digital UK will soon be established as an executive agency to drive that work. I am glad that the impact is already being seen in areas such as Eddisbury.

On the product security part of the Bill, I welcome the expertise of my hon. Friend the Member for Rushcliffe and I encourage her to engage in the new national cyber strategy, because we would benefit from some of her points. The hon. Member for Manchester Central expressed concerns about whether we are taking future technological developments into account. There are a number of secondary provisions in the legislation. Technologies are changing all the time and it is important that the legislation can change with it.

Finally, the Bill is not a silver bullet to address all the cyber challenges that we face. It is an important tool in our arsenal. The UK has established global leadership in the area and we are the first to develop domestic legislation that creates cyber-security requirements for consumer connectable products. The Bill will allow us to protect people across the UK, even as the world changes around us, and to keep pace with technology as it transforms our everyday lives. Combined with the measures on telecoms infrastructure, it will do a huge amount in the coming years to benefit our constituents and society at large.

I am sure that we can continue to work together to bring this important piece of legislation into law as soon as possible. We care passionately about connectivity for every community in our country and I am sure that the same spirit will continue as the Bill makes it passage through the House.

Question put and agreed to.

Bill accordingly read a Second time.


Motion made, and Question put forthwith (Standing Order No. 83A(7)),

That the following provisions shall apply to the Product Security and Telecommunications Infrastructure Bill:


(1) The Bill shall be committed to a Public Bill Committee.

Proceedings in Public Bill Committee

(2) Proceedings in the Public Bill Committee shall (so far as not previously concluded) be brought to a conclusion on Tuesday 29 March 2022.

(3) The Public Bill Committee shall have leave to sit twice on the first day on which it meets.

Consideration and Third Reading

(4) Proceedings on Consideration shall (so far as not previously concluded) be brought to a conclusion one hour before the moment of interruption on the day on which those proceedings are commenced.

(5) Proceedings on Third Reading shall (so far as not previously concluded) be brought to a conclusion at the moment of interruption on that day.

(6) Standing Order No. 83B (Programming committees) shall not apply to proceedings on Consideration and Third Reading.

Other proceedings

(7) Any other proceedings on the Bill may be programmed.—(Michael Tomlinson.)

Question agreed to.


Queen’s recommendation signified.

Motion made, and Question put forthwith (Standing Order No. 52(1)(a)),

That, for the purposes of any Act resulting from the Product Security and Telecommunications Infrastructure Bill, it is expedient to authorise:

(1) the payment out of money provided by Parliament of:

(a) any expenditure incurred by a Minister of the Crown under or by virtue of the Act; and

(b) any increase attributable to the Act in the sums payable under any other Act out of money so provided;

(2) the payment of sums into the Consolidated Fund.—(Michael Tomlinson.)

Question agreed to.


Motion made, and Question put forthwith (Standing Order No. 80A(1)(a)),

That if, at the conclusion of this Session of Parliament, proceedings on the Product Security and Telecommunications Infrastructure Bill have not been completed, they shall be resumed in the next Session.—(Michael Tomlinson.)

Question agreed to.