Ofcom will be given additional powers under new legislation
New laws could see telecoms networks that contravene the ban on using Huawei equipment repeatedly fined £100,000 day by the government.
Laid in parliament this week, the Telecommunications (Security) Bill makes provisions for authorities to issue penalties of up 10% of the turnover of any network providers that continue to use kit from Huawei – or any other vendors deemed high risk – beyond the point from which it is prohibited to do so. For continuing contraventions, the government has the option to issue ongoing fines of £100,000 per day.
After more than a year of consideration, ministers announced in January, while Huawei would be banned from contributing equipment to the so-called core part of the UK’s 5G network, the Chinese vendor’s kit would be permitted to constitute up to 35% of the rest of the network.
However, the government backtracked on this decision just six months later, announcing that Huawei would be excluded from the UK’s infrastructure entirely. Networks were instructed that, from January 2021, they would not be allowed to purchase any new Huawei technology. A deadline of 2027 was set to completely remove the vendor’s kit.
The new law will see communications industry regulator Ofcom will be “given the duty of monitoring and assessing the security of telecoms providers”.
The watchdog also “be given stronger powers to monitor and assess operators’ security, alongside enforcing compliance with the new law”.
“This will include carrying out technical testing, interviewing staff, and entering operators’ premises to view equipment and documents,” the government said.
The government said it would look to pass secondary legislation that would require companies to “securely design, build and maintain sensitive equipment in the core of providers’ networks which controls how they are managed”.
Further additions to the statute book would also aim to “reduce the risks that equipment supplied by third parties in the telecoms supply chain is unreliable or could be used to facilitate cyberattacks”, as well as to “carefully control who has permission to access sensitive core network equipment on site as well as the software that manages networks”.
The government also hopes to introduce secondary legislation that can ensure companies are best “able to carry out security audits and put governance in place to understand the risks facing their public networks and services”.
Digital secretary Oliver Dowden said: “We are investing billions to roll out 5G and gigabit broadband across the country, but the benefits can only be realised if we have full confidence in the security and resilience of our networks. This groundbreaking bill will give the UK one of the toughest telecoms security regimes in the world and allow us to take the action necessary to protect our networks.”
The government added that it “soon publish its 5G Diversification Strategy”, in which it will set out a plan to reduce its reliance on what it believes is too small a pool of vendors.
“The strategy will outline new measures to boost competition and innovation in the telecoms supply chain,” the government said.