US sanctions on Huawei got the Chinese firm kicked out of Britain, the former head of the National Cyber Security Centre (NCSC) has told Parliament – adding that he didn't feel under pressure to change the body's own verdict on keeping Huawei in UK mobile networks.
Speaking to Parliament's National Security Strategy (NSS) Committee, Ciaran Martin told peers and MPs that US trade sanctions aimed at Huawei were the final nail in the coffin for the Chinese telecom equipment supplier in Britain.
"While the Huawei issue for better or worse is resolved by, essentially, the change in US sanctions, more important is shaping the regulation of standards, providers who come from trustworthy backgrounds and were developed in democracies on this continent," Martin told Parliamentarians on Monday.
The NSS Committee had invited NCSC's founding chief exec, now an Oxford don*, to a wide-ranging Q&A session about his time in office. Martin stepped down last summer.
"The one thing I would never say is that our technical assessment should carry the day," Martin told Tom Tugendhat MP, chairman of the Foreign Affairs Committee and a "visiting" member of the NSS Committee.
Explaining NCSC's role in the government's decision to show Huawei the door last July, Martin said the agency – and its code scrutineer offshoot, the Huawei Cyber Security Evaluation Centre (HCSEC) – didn't take current political concerns into account. "I don't honestly think I ever felt under any real pressure to change the judgment… if I were to buy you some equipment from the Chinese provider that's been in the UK with a risk mitigation model for more than 15 years, that will not constitute an ethical risk."
Rather than worrying about pleasing its masters, NCSC's management was more concerned with the software and firmware in front of them. Martin told the committee: "In other words, you know, [could buying Huawei] give China a baton with which it could cause harm to the UK? And that is a question of technical judgment."
The explanation builds on the picture painted by HCSEC's latest report, issued last year, which concluded that Huawei's software development practices remained pisspoor, finding even more vulns than it did in the previous year's detailed and savage report.
Martin also implicitly snubbed Tobias Ellwood and Mark Francois, two MPs who previously floated the idea of Five Eyes 5G as a Huawei alternative. Scoffing at the notion, the former NCSC chief said: "The Five Eyes is an intelligence-sharing alliance, it doesn't build telecoms companies. There's no economic and commercial industrial supply chains – the US and the UK are not common markets, whatever else they are!"
The schedule to rip and replace Huawei kit was outlined in November. By this March UK telcos will be banned from using Huawei's managed services; by January 2023 Huawei equipment must have been ripped out of the core of UK networks and its presence elsewhere limited to 35 per cent of the total kit present; and by 2027 the vendor will be gone altogether.
MPs are currently scrutinising the National Security and Investments Bill, intended to prevent China (and other countries) from investing in British companies to steal valuable intellectual property. The Foreign Affairs Select Committee said today that the Bill was muddled and didn't adequately describe national security, let alone the grounds on which ministers could block a proposed investment or corporate merger. ®
Oxford itself defines a don, in the British academic sense, as "a professor, a lecturer or a fellow". Cambridge University, Oxford's great rival, merely defines a don in its eponymous dictionary's online edition as "a lecturer" or "college teacher". Queens' College Cambridge, for what it's worth, says in a lexicographical list that don is "correctly applicable only at Oxford". Google returns 582 million results for "oxford don" and 436 million results for "cambridge don" so we prefer the Oxford definition for Register-ial purposes.