The UK government Tuesday introduced a new Telecommunications (Security) Bill that aims to give it power to govern the activities of providers of public electronic communications network or/and public electronic communications services. The proposed legislation is meant to reduce and manage security risks posed by service providers.
In July, the UK’s National Cyber Security Centre (NCSC) issued a report detailing the heightened security risk posed by Huawei’s telecoms equipment especially after the sanctions put in place on Huawei by the US. NCSC at that time cautioned that the sanctions would pose an engineering problem to Huawei and its products moving forward would most likely suffer more security and reliability problems.
Following thes report the UK government announced plans to ban telecom operators from purchasing telecoms equipment from Huawei and other firms that pose high security risks. They also planned a phased removal of Huawei’s equipment with telecoms providers being given seven years to ensure the removal of Huawei equipment.
The Telecommunications (Security) Bill now sets the stage for the removal of high risk vendors from the market. Under the bill the secretary of state may give designated vendor directions “prohibiting or restricting the use of goods, services or facilities supplied, provided or made available by” high risk vendors. Vendor direction may also require the removal, disabling or modification of such goods or services. Network and service providers are required to take specific security measures as well as measures in response to a security compromise. The Office of Communications will ensure full compliance by network and service providers.