Defending Our Data: Huawei, 5G and the Five Eyes

By

EVENT TRANSCRIPT: Defending Our Data: Huawei, 5G and the Five Eyes

DATE: 1 pm, 16th May 2019

VENUE: Millbank Tower, 21-24 Millbank, Westminster, SW1P 4RS

SPEAKERS: Dr. Peter Varnish OBE – Consultant with Geopolitical Solutions Ltd and has worked for the UK Ministry of Defence and the Foreign Office; Robert Spalding – Senior Fellow at Hudson Institute; Danielle Cave – Deputy Head of Australian Strategic Policy Institute’s International Cyber Policy Centre; Dr. John Hemmings – Director of the Asia Studies Centre and Deputy Research Director at the Henry Jackson Society; Tom UrenSenior Analyst in Australian Strategic Policy Institute’s International Cyber Policy Centre

EVENT CHAIR: Bob Seely MP – Member of Parliament for Isle of Wight and sits on House of Commons Foreign Affairs Select Committee

 

BOB SEELY MP: Hello, I think we are going to break the habit of a lifetime and start on time, which is great. I hope you can all hear me. My name is Bob Seely. I have the great privilege of being a member of parliament for the Isle of Wight. I am on the Foreign Affairs Select Committee and I have taken an interest in both this place but also in previous jobs, in non-conventional warfare and authoritarian states. Thank you very much for all of you for being here, whether you are a member of the public, whether you are a journalist, whether you are a diplomat. It is nice to see you all, thank you.

I am just gonna talk for between two and four minutes and then I am going to hand over to my colleagues and briefly introduce them, and they will talk for between two and five minutes and then I am sure we will have an interesting discussion for the next forty-five or fifty minutes, we will see how things pan out. And before I forget, when you do ask questions, please be brief so that we can have a lots of people in rather than making extended statements. There is not yet a government position, so we are not criticising anything. Whatever we think has been leaked, I have talked to cabinet ministers and there is still ongoing debate, so this is a contribution to the debate.

The structure will run as follows: I am going to hand over quite soon to Danielle Cave who is from Australian Strategic Policy Institute (ASPI), who is going to talk immediately just a little bit about Huawei’s links in Jinjiang province and the new information for today and its role in providing support to a reasonably oppressive public security security apparatus there.

Tom Uren will outline some technical points and make the argument that the main threat is not necessarily espionage but potential disruption to networks.

Robert Spalding, senior fellow at the Hudson Institute, he is ex-White House and brigadier general in the US Air Force and is someone who has done the last four UK arm forces campaigns. I am very very grateful for the existence of the US Air Force because I have had an F16 above my head on many occasions and I find it an entirely pleasant experience unlike some people.

Finally, John Hemmings, John has actually written the Bulk of this report, we have been writing most of it together, we have all been helping him in this process. John will outline our recommendations.

Briefly, the opening arguments I would like to make. On Huawei, and I do not mean this, I am not going to get in a (unknown) with Huawei, or indeed their people  who are decent and honourable, I am sure.  A series of claims have been made by Huawei this week and this report really looks at those claims. There are accusations of data breach and espionage, page 43 highlights a very serious instance of data breach. Pages 61 to 73 list concerns over security and espionage (unknown) . I think that is highly dubious claims.

Huawei claims to be a private company. We have analysed that in some details on pages 23 to 29 and we believe that claim is dubious (unknown) at best.  By our standards, it is difficult to argue that Huawei is in any sense a private company. Huawei claims it is a trusted vendor, now the reality is that we are having this debate because it is not a trusted vendor in the United States, it is not a trusted vendor in Australia. We have considerable concerns about this status as a trusted vendor in the United Kingdom, hence the existence of the cell. It has been blocked from 5G networks by other nations that are not part of the five eyes network.

Finally, Huawei’s investment in this country is worth billions. It is certainly worth tens of millions and potentially hundreds. That claim was put under quite a lot of examination by the BBC earlier in this week. While it is an important contribution, it should not be exaggerated.

I think we are highly sceptical of the claims made by Huawei and this document, we hope, is a considerable and important contribution to this debate. But for me, there should be no trade off between security and trade, between business and protecting our people. And this issue for me is not primarily about Huawei, but it is about how we treat tech and high-tech from one party-state where the rule of law is very different from our own, where the approach to Human Rights is very different from our own, and where business practices are very different from our own.

This is fundamentally a question of how open societies defend themselves from regimes, governments representing close societies who may be tempted to use our freedoms to compromise our safety and values, and those freedoms, now or at some point in the future. On that point, I am first of all going to hand over, for five minutes exactly, to Danielle. The floor is yours.

DANIELLE CAVE: Thank you very much, my name is Danielle Cave and I work for the Australian Strategic Policy Institute which is the Australian’s largest defence, security and cyber think tank in Australia. The Cyber Centre is about fifteen people who work on cyber-technology and defence issues. Last year, Tom and I and others in our think tank were very heavily involved in the debate in Australia on Huawei participation in Australia’s 5G network. We (unknown) hoping that we could move on and stop talking about Huawei, but it is certainly not at all the case.

Before I talk about Jinjiang, I just wanted to share one point about how Australia came to this decision. Tom and I have spent a lot of time criticising the Australian government and pointing out what we think policy flaws, gaps, and I think probably a lot of us in this room could agree that in democracies, there is a tendency to put difficult policy issues in the “too hard basket” and this was a really difficult policy issue. It is technical and strategic. But I, personally, and Tom might think differently but I suspect we are on the same page here, was very impressed with how the Australian government dealt with this issue.

And I was thinking, with the jet-lag last night about 3am what we actually came down to. And I think we came down to a really reversed policy (unknown) within the government. And a very informed public debates that went on for about for six or eight months. So you have different government departments and agencies on different topics, putting up their point of view. They did not have the same points of views, at the same time you had this very vigorous debate. Our think tank was the first public groups at least to do in depth research in China’s national intelligence law, into the (inaudible) hack, which Huawei was the key ICT provider and responsible for cyber-security. So there is obviously some real problems here. That is written up in the report.

So I just wanted to make that point about policy contestability (unknown) I think too often, that is not really seen, but I was really impressed with how the Australian government came to this decision. I thought the coin of the term (unknown) and I have not figured out yet who (unknown). This isn’t just about Huawei’s decision, it is about the types of partners who you engage with in critical information infrastructure and who you trust.

I will quickly go back to Jinjiang. I do not want to hold any of the attention. We put out a report that actually wasn’t about Huawei, a couple of weeks ago, where we mapped up the expansion of twelve of China’s giant tech companies. Huawei was one of those twelve. What we also did is we looked at how lot of these companies work in Jinjiang. And it hasn’t got a lot of media attention, I suspect it will get a lot more this year. Because Huawei is deeply deeply embedded in the public security apparatus in Jinjiang. That is not something that any company promotes, it is very hard to get underneath what exactly is going on.

So for example, they provided the Jinjiang public security bureau technical support and training, they work with the public security apparatus providing it  a … (unknown) data centre and a public security cloud. Last year they even mentioned a public security innovation lab in collaboration with the public security bureau. I throw in all of that, I am happy to provide more detail, I know the last thing the UK debate needs is sort of different angles, it is a very intense debate at the moment.

What struck me in the conversations of the last few days is that the UK is going to have to …unknown and they agree it is decided upon to …(unknown) which seems pretty likely here.

This is going to be a really difficult balance to strike. The UK’s global reputation to me is one that promotes Human Rights, the FCO programmes do a lot around the world. I think it is something that the UK champions, and it should be really proud of. Actually, it is a really important part of the UK’s soft power and I wish our own government actually did a lot more in this space and hopefully that will change in the future.

I do thing that there is going to be a really difficult balance here and I think as more attention rightly goes on Jinjiang, for the rest of the year, the UK is going to be asking some really serious questions about how to balance those issues, how can you work with a company that is deeply embedded in Human Rights abuses in Jinjiang, but at the same time happy about the work they are doing Human Rights are really important to us as a nation (unknown) .

I will pass it on to Tom now, to talk about some of the technical issues.

BOB SEELY MP: Thank you so much Danielle. You raised absolutely one of the problems, it is that we love to talk about Human Rights in this country, and yet we collectively seem to have a blind spot as soon as it comes to China, as if we are not allowed to talk about it because we just need to be nice to increase our trade, as if that is the only  dynamic. That dynamic seems to happen in no other country in the world, so it is a really important point that has been completely overlooked. Tom, I leave it to you.

TOM UREN: I will put a start by giving a very very brief history of what happened in Australia and Huawei is the first band in Australia in 2012, and we were (unknown) at high speed internet network across the whole country and the then labour government which is a left-wing major party banned Huawei. The opposition, Malcolm Turnbull was the communication minister at the time, made noise about reviewing this decision. When they then made it into power, they looked at the report from I think basically intelligence agencies and they said “no, we are not changing the decision”. That is very telling. Since then, we had a de facto policy of keeping higher (unknown) network which has some critical functions. That policy held until the …(unknown)  of 5G we have been talking about.

No incentive for tech and communication companies to improve security of their own band. Last year or the year before, the government introduced legislation that provided the holistic approach to do that. At that time all the talkers came to figure out what the story was with Huawei. Can we put Huawei equipment in our 5G network or not? …(unknown) decision, that forced the government to actually announce a (unknown) map and all these things that made us worry about Huawei in 2012 had gotten worse. Xi Jinping is now president for life. The Huawei cyber-security evaluation centre, the .(unknown) consistently worse. The first report is “things are not good but we are working well with Huawei” and final report is “the world is just on fire, we don’t see any way out this, we are not sure that we are actually changing what we said was …(unknown)”.

From Australia’s point of view, having a …(unknown) evaluation centre just doesn’t seem like the viable option. How many years would it take for us to actually improve security and why would we think that we could start from scratch and do better than the UK have in the previous eight years?

One of the surprising things for me was that in recent months, a number of Australian officials have gone out of the records and said that they are much more concerned about disruption than they were about espionage. That is something that wasn’t in the bulk of the debate in Australia.

In Australia, it is relatively easy to come up with a scenario where we end up literally at war with China in a couple of weeks. There could be some incidents in the South China Sea, or Taiwan. The US would very likely become involved and they would almost certainly ..(unknown) with some sort of assistance and we would say yes. Within a relatively short period of time, we could very clearly be in a situation where China is actually an adversary. I would say right now we are in a space where the future is not clear. They are not an adversary now, but we can’t tell. The investment in Huawei in critical infrastructure would last much longer than I can foresee how long that situation remains the same. We can have the critical infrastructure far longer than we can be sure that they are not an adversary.

The other thing that really changed peoples’ mind was that 5G was rated as the most critical of infrastructures in that a lot of other critical services would depend upon 5G. So in a sense, it is the crown jewels. It doesn’t make a lot of sense to take any risks in something that underpins the risk of your critical infrastructure. That is why that decision was made. In terms of other potential bundles of 5G equipment, I just don’t see the same geopolitical risks. I don’t think that we are going to end up in conflict with Finland, I don’t think they have an expensive cyber-espionage program. Even if you are treating with the lesser of two evils, I think there is a clear choice.

 BOB SEELY MP: Tom thank you very much indeed. I think it is worth reminding ourselves that Chinese military theory sees conflict as a battle between systems and one of those systems is clearly your information and communication systems. Anyone who has been remotely involved, or very deeply involved in the military and government knows that without a communication system, your ability to project power or even function simply doesn’t exist in the modern area. So to let people you are unsure of run your comm systems is in itself a high risk strategy.

You also summed it up very well, it is about the underpinning of everything else, and therefore it is at the heart of your critical infrastructure. Thank you very much indeed.

 ROBERT SPALDING: Thank you, I would like to put this into a larger context because I think my actions with Huawei, particularly in DC, represent the interim step towards redefining what the future of democracy is in a globalised internet powered world. Certainly if you look closely at the national security strategy that came up in December of 2017, we tried to articulate this notion that during the Cold War, democratic principles and free-market principles were tightly aligned, in other words, we were primarily trading with democratic countries. In fact we had the coordinated committee for multilateral export controls that actually prevented us from exporting, specially dual-use or military technology to the former Soviet Union.

But what we found and what is in that document is just a realisation that in a globalised internet-powered world, what we thought were were avenues of promoting liberal democracy abroad actually had been used by totalitarian regimes to establish a foothold within democracies themselves. So when we have US corporate enterprises self-censuring, and when you add this into the fabric of an internet connected world where e-commerce and artificial intelligence, and machine learning, and big data, and social networks are combined to create challenges in terms of what the government can do to understand what is happening within its own population. And certainly when you have the society that is essentially taking those same technologies and blended demand a way to create this IT-based authoritarianism to use …’s terms (unknown). What I call six-sigma socialism, inability to suppress the outliers using automated systems within your government and tie those same technological systems into the rest of free societies, you are going to see challenges.

What we said in that document was that in the 21st century, data is a strategic resource. If data is a strategic resource, in fact the most strategic of resources, then it really does not make a lot of sense that we allow to be freely aggregated by either large tech companies or totalitarian regimes.

In other words, we needed to secure and encrypt our data, not just for government but for citizens alike. If you think what the US did when they dominated 4G a lot of our own values were designed into the products that were shipped overseas. The iPhone in fact were shipped with keys that wouldn’t allow you to have back-doors in the device. Now, certainly, as Apple has fostered a close relationship with the Chinese communist party as other US entities, they have begun to modify their products in ways that actually reflect the principles of a totalitarian regime and those stances are starting to come back and being introduced in our own societies. So today you are finding phones that actually send data back to their servers in China because the Chinese code basis have been installed in the phone.

Chinese law requires that you have back-doors, both in software and hardware to ensure that the Chinese communist party has access to see what its people is doing because it fears what its people might do if they came together.

Finally, I will just talk about the executive order that was issued today. There is this belief in the current administration with president Trump that somehow our national security policy-making processes has become arbitrary and (unknown) That can’t be further from the truth, actually this executive order most likely took months if not a year to get through the inter-agencies process with multiple inter-agencies meetings. I would imagine more than one meetings of the full cabinet to come to this decision. I would say, most importantly, placing Huawei on the entity list and based on the .(unknown). arrangement which is the fall of the voluntary (unknown). that I previously metionned (unknown) . Fourty-two nations are obliged or at least should consider banning exports to Huawei according to that same philosophy of not sharing dual-use technology in areas that create a national security risk both for the United States but also for their own countries.

BOB SEELY MP: Thank you very much, that was an incredibly clear exposition from the United States. (unknown) John, firstly we all owe you a thanks, it occurred to me last night. … I was the only person who wasn’t jet-lagged and I know you’ve just come from Korea. So as well as putting all this together, thank you very much indeed. And coming back from Korea at short notice, can you outline some of the recommendations and conclusions that we have made?

DR. JOHN HEMMINGS: Thank you Bob, it has been a real pleasure to work with people who know so much more about this topic than I did, it has been a real learning process and I am privileged to be a part of the team. We came with a lot of recommendations. I absolutely suggest that people go through that and through the executive summary. Primarily, two weeks before we came out there was the Prague conference. The Prague conference, it was essentially the Five Eyes and the EU members coming together in Prague and they looked at 5G security, they looked at ways to look at high-risks vendors. And while it is not a binding agreement, it is very sensible, very reasonable. Our whole issue through this whole process of looking at the seemingly-UK decision and the supposedly, was that so much rested on a very narrow technical decision which guess two things: one was the future direction of 5G technology, it is all based on guess-work, because we don’t know whether the core edge distinction will remain as distinct as in the 4G system. The second one was about intentionality. Essentially, the national cyber-security centre and others have said, “yes we found lots of different issues with codes”. Huawei codes, for example, has been in laboratory conditions. The one that we were checking and what was deployed on the field was not the same. However, we do not think that was intentional. Why not? In scholarships having to do with international Relations, intentionality and modus of international actors are one of the most difficult things to do, even if you interview decision-makers, you might not have their true intentions when they enact a policy. So I found these two things to be problematic.

So the Prague proposals lay out very clearly, a very sensible cool-headed approach, which is not partisan, which is actually looking at the wider reputation of the nation that is … the vendor (unknown) What are their agreement in terms of cyber-security, what is the reputation in terms of cyber-espionage, how do they look in terms of cooperation agreements on security? How do they treat data inside? That last one is a big one.

The second one is the legal environment. To what extent do they oblige tech firms to cooperate with the state or security forces? Despite always best efforts and intentions, I am sure there is a lot of great people working for Huawei, they would literally have no choice but to do what the Chinese party-state wants them to do. No matter how times they say they wouldn’t, that is simply not true. They simply could not continue to function as a Chinese company with fifty percent of their business in China if they disobeyed the party-state and the 2017 national intelligence law. It does not only obliges them to collaborate, but to not talk about it.

The legal environment is deeply deeply important. Just to go in the policy environment, there is also the civil-military fusion doctrine which essentially pushes Chinese tech firms to work ever increasingly closer with the military industrial complex. So my take on that was that if they were not working for the PLA, they soon will be. That is policy that comes straight from Xi Jinping. It is not just a kind of the many multiple papers that you might think “well does that really apply?”

Then there is a transparency issue of how the company looks. I think you can go into the second chapter, third chapter, on that and look at actually how Huawei was structured and we found that very problematic.

In terms of our actual short-term non-Prague proposals recommendations that we came up with ourselves, we think the UK should define what is a high risk vendor, perhaps in symmetry or association with the Australians and the Americans, try to define a Five Eyes wider one. That need not to be short term, that can be a long term process, because obviously that would be a quite difficult discussion. I think the base business energy and industrial white paper of 2017 on investment and national security which has been languishing should be really be put into legislation. Eighteen months after that white paper was created, we are still the only ones with problems like this politically. Why do we not have a process for dealing with investment in national security in this country? It is absolutely something that should be done very soon.

We need to resolve the technical inconsistencies I mentioned about core and edge with our allies. Why moving until we actually know which way 5G is going? If the technical experts and telecoms industry don’t agree on where it is going, how can we predict so fairly that we thing we can isolate these issues by putting them in a periphery? But there might not be a periphery in a broad network-driven intelligence fulfilled system.

Finally, I think we need to look into the real diversity of suppliers. Saying that we want a diversity of suppliers in the UK is all very well and good but if actually you look at the amount of suppliers that have disappeared and Huawei is taking more and more market share, heavily subsidised by Chinese’s banks, this is not really diversity. If we get to a stage in ten years time, where there is only one provider, I think we will all be in a very serious pickle.

Q&A:

BOB SEELY MP: John, thank you very much indeed. I think we have got to that in very good time. So we have lots of time for questions. Can we please make the questions as (unknown) as possible so we can get lots of contributions from the audience? Who wants to go first? Lady over there. Can you please introduce yourself and then give your question please.

Unknown: Thank you very much, I am …, I followed China’s comm for twenty years now. It is very important that the general public is to understand the complexities of the issue. So I absolutely applaud the conversation going in the UK. To be successful in pushing through the necessary distinction of values and how we deal with that in the globalised world of today, I would really like you to discuss a little bit further what are the challenges of building our 5G without Huawei, and how does the supply chain work globally, in terms of (unknown) on components that are produced potentially in China, or not in China. Whenever you try to sell a document, it is very useful to address the negatives and the complexities of how we could work without them.

BOB SEELY MP: I am going to speak for twenty second and then hand over to people who know more than me. My understanding is that it is difficult to build Chinese tech out, it may be that we simply block them from becoming primary contractors, that may be one of the options the government has. Whether you need them for secondary work is another matter. The whole process without Huawei would probably cost more and take a little bit longer, but in part because Huawei was heavily subsidised by the Chinese development bank, in part allegedly to undercut Western companies to build up a dominant market position. This is bad economically, but also bad for us potentially, strategically, depending on capabilities and intent. The government does not yet have a position on this and what this is, from my point of view, is a contribution to that wider debate?

Does anyone want to talk about the specific issue of international chains and Huawei? Tom or John?

ROBERT SPALDING: I would just say, as I said, that the Huawei issue is really not, even if you do not build Huawei in your network, you still doing with the legacy of bad decisions, bad engineering decisions we made in terms of the CPU, in terms of operating systems, in terms of the network switch, in terms of power, all of which create vulnerabilities for the entire network. And so you have to take a systems-approach and understand that 5G provides a very good platform for redesigning completely how we connect and certainly the data model that rides on top of that. The idea that you can aggregate data clearly and freely from anybody really is problematic in promoting democratic principles.

We really need to take some of the things that have actually been designed but only implied primarily in very secure networks and apply those much more broadly in the civilian space.

DR. JOHN HEMMINGS: I was surprised to discover that the Americans have nineteen cities of 5G test .. (unknown). systems, and they do not have Huawei. So there is a bit of a myth that you cannot do it without Huawei. I think Huawei has been very good it is basically single ran (unknown), you know, bringing together various 3G, 2G, 4G into one component. That, to their credit, is an amazing device, and it also makes it extremely cheap. But with 5G that is not going to be the case, because the technology is completely different, they do not have that advantage. So I think, as General Spalding said, the advantage with a completely new network, is that we can redesign it with its security in mind.

 BOB SEELY MP: Fantastic. Next question the gentleman in the front. Could you please introduce yourself please?

John Dobson, Sunday Guardian: Can I address the issue with five-eyes. We know that the American government is threatening that if we pursued Huawei, we might be squeezed out of the five-eyes. Some we call that bullying, other may not, but my own experience: if we were squeezed out, that would be extremely negative for the Americans because we contribute a huge amount to the five-eyes debate, and that would be self-defeating. Do you have views on that?

 BOB SEELY MP: (unknown) I am just gonna say a few words. It is the Australians telling. They are saying almost the same thing and probably stronger. The Americans have not yet made the decision the Australians have said “this is what we are doing” and the implicit message is “if you are smart you will do the same thing!”. Is that bullying when Malcolm Turnbull’s advisors ask us just as the Americans did.

John Dobson, Sunday Guardian: You are using a word that I may not have used.

BOB SEELY MP: No, you definitely used the word bullying Sir, I have heard it.

John Dobson, Sunday Guardian: If we lose they lose, do we want that?

Unknown: Let me just address in terms of military crisis. If your intentions are leaked through a connection with another ally that basically does not have a security system, then we got a change in terms of making sure the success of those operations. That is just on the military side. Given the fact that much of our traffic currently runs on commercial network, that is a big problem. Going forward, it is pervasive to all our government activities. I think you are making a leap to say that it is bullying, it is actually something that we would regard as providing security for our own operations.

DR. JOHN HEMMINGS: Just really quickly, the report does try to tangle with this and we asked every contributor to deal with it from a five-eyes perspective. And a lot of the technical aspects of 5G are unknown so the risks therefore are also hard to tell. We know there has to be a political price. One of the things that was most clear for me though is that outside of the UK debate, American military and intelligence officials are deeply concerned about the security repercussions on the US, so it was not so much a Britain issue, it is wider. You had scared (unknown) advising we are not even sure we can protect military communications at NATO. It is beyond just a narrow kind of commercial bullying or something like that.

BOB SEELY MP: Brilliant, Tom?

TOM UREN: I think it depends what you think the five-eyes is. If you think about it as a narrow intelligence sharing relationship between the NSA and GCHQ, probably not. I think those organisations are big enough to care for their own comms. Certainly NSA is. But when you talk about the actual term five-eyes, it is sort of  (unknown)  probably over the last five or ten years. I think people talk more about a encompassing relationship and I think we will have a fix on that because people are signing to have a fix on that.

BOB SEELY MP: Fantastic, thank you very much indeed Tom.

Intelligence analyst: It hardly surprised me that the United States shares his concerns about Huawei. If we go back fifty years, when IBM first supplied their personal computers to the Soviet Union, the operating system had cost in between (unknown) So they made the calculations that the Soviet scientists has (unknown) as it could be.

BOB SEELY MP: Is that a bad thing or a good thing? I would argue it is a rather good thing!

Intelligence analyst :Coming to today, we currently have the Chinese example with Whatsapp, with the Israeli company is supplying the software to intelligence services and all of the five-eyes have that, which has the element of a back-door. So if we do it, shamefacedly, why do we not accept the … Chinese

BOB SEELY MP: Okay, I think if we move on to the question in your question, why would one want one if one’s friends are likely to do it, why on earth would you want your potential enemies to do it? But, for the sake of playing through that very obvious answer, does anyone else want to comment?

ROBERT SPALDING: (Unknown)I would say it is all about trust. And for the last fifteen or twenty years, we kind of blindly trusted the supply chains. And now it is clear that we cannot just trust, we actually have to do work upon it to figure out what we can trust. We are at a point when we know that there is risks involved in some vendors, but we do not know how to deal with trust in a supply chain yet. So I think there needs to be a lot of work on that, both from the technical point of view, how can you guarantee trust, but also from a political point of view.

BOB SEELY MP: Does anyone else want to comment on that?

DR. JOHN HEMMINGS: I just do not think it is healthy for democracies if democratic government have the ability to see what their citizens are doing and I thing that is the challenge of the IT technology. What that underpins in the current system is that it is really easy to do that. You need to think hard about the future, about the pervasiveness of that kind of activities with 5G and what that means for democracies going forward. And certainly I would advocate that there are no back-doors into the network.

DANIELLE CAVE: One of the things I wanted to add is, US technology companies (unknown) we have a lot of examples of those companies pushing back against the US government when the US government requests data or particular things that they do not want to do. That is played out in the media or in courts. The FBI asked Apple to encode that phone, it was a year or two ago and apple said no. We do not have any of those same examples of Chinese technology companies pushing back against the Chinese government, and that is really important.

BOB SEELY MP: There is really really a clear difference between democratic and non-democratic states, and I am for that deeply aware and grateful that I live in one and not the other.

Intelligence analyst in audience: Twenty years ago I wrote a report on large scale cross border (Unknown) and I pointed out that in China they have (unknown) including tax efficient, it’s a different game isn’t it, my question is a follow on from a question earlier and also comments, it was John Hemmings point, what is being done on the Pan European case (unknown) to ensure both incredible capability in Europe, in other words maintain and supporting Erikson and Nokia, but also all countries supporting them against disruption and espionage displacement (unknown), Huawei’s frozen out, the Chinese may be frozen out

BOB SEELY MP: Thank you very much for your question. John is that one for you?

DR. JOHN HEMMINGS: Yeah I can just add a little bit to it, though I have to say, I’ll know tomorrow, so the (unknown) proposal is a great symbol of the debate in Europe, its beautifully written has a holistic, nuanced view of security and what you should do about it and it’s non-binding. All of those things add up to not very much, the states don’t want to do it, so the merix, the German think tank Merix were also recently in discussions with them and they’re much closer to the issue, they’re saying that essentially Brussels has a real tug of war between member states because of course this is all about investment and perceptions of national sovereignty, don’t tell us what we can and cannot invest in, there’s also a NATO debate which is happening right now. So there’s two debates which are occurring right now, one is at the Brussels EU level and another Brussels, NATO level, and those are probably going to be occurring for the next 12 months without very strong resolutions.

Audience member: What are the risks for UK consumers who already own these telephones?

ROBERT SPALDING:: Does anybody here think their data is secure? Whether you have Huawei or not, no, the foundation of the systems and certainly the phones and the laptops and the routers and the network switches, they all have fundamental design flaws that create openings, whether it be totalitarian regimes or third party actors, to get into your data and do what they will. It only matters if you matter. Are you somebody that the state wants to focus on and use that data for whatever their purposes are, but I don’t think when I go around and talk to people, I don’t see anyone that has an expectation that their data is absolutely secure.

Audience member: If I had an LG phone from South Korea and a Huawei phone from China, would I have the same concern?

ROBERT SPALDING: If the phone came out of China, then I would be concerned that some of the code base for the Chinese market may be in that phone. If it comes out, say it was the LG phone in South Korea, I guess I would be less concerned about that. Now why am I concerned about the Chinese code base? Because they have to put back doors in according to Chinese law.

TOM UREN: For some people perhaps an activist or journalist, or maybe even a think tanker, it does add up, I advise them to buy an iPhone, because they are most secure. But your life (unknown)… you need to do other things, so and then it gets quite complicated to live life.

(Inaudible)

TOM UREN: The phones are banned from our defence department. I think the government doesn’t use them. But I think there’s a difference between phones where an individual can make a decision or not and government critical infrastructure where the government needs to step in and say This is something that affects everything and we need to make the call either way.

Peter (inaudible), Member of the High Court: (inaudible) would suggest if you’ve got a phone, keep it in the microwave. Whilst noting the real security concerns about Huawei, can I ask the authors of the report, whether they give any credence to Huawei’s claims that is an operation by the US to protect (inaudible)

BOB SEELY MP: For me it’s not the most central to the mix, there’s politics which is healthy here and there is fundamental danger to our freedoms, values and information flow and who controls data in the future. I mean information has always been power and in the 21st century, data will be power like it’s never been before and who do you get in bed with – your enemies or your friends? I want China and this country to have a great relationship and all Western states. We do not have to have a trade off between business and security. Why we are even having this debate I do not know because their dependency on China buying their raw materials is much greater than our relatively pithy trade with China, doesn’t compare with our trade with US and yet we’re having to make weird calculations that no other country is making, Japan isn’t making those calculations, Australia isn’t, India isn’t, the US isn’t, New Zealand isn’t, why are we doing so? We should trade and be friends with everybody but frankly we trust our security to our friends and it is bizarre we are potentially doing otherwise.

DR. JOHN HEMMINGS: It’s an interesting statement that we could consider Huawei to be an independent entity. I mean, China locked up the head of Interpol and didn’t tell anybody so do you think that if (unknown) decided not to support what Chinese Communist Party wanted that he wouldn’t face the same action?

DANIELLE CAVE: I was only going to make the point that our former, we’ve had many recent former PM’s, but most recent one Malcolm Turnbull made the point that there’s been a big media narrative of the US pressuring allies, I can’t speak from the UK’s experience but I’ve always thought that was overblown and former PM Turnbull says that he was the one who actually raised it with President Trump and he was the one bringing evidence to the White House..

TOM UREN: I don’t think there’s any commercial. For me, the (inaudible) nothing to do with commercial interests, and from the US point of view, it’s not clear to me, what company would benefit from Huawei being banned, there’s no direct competitor, I think Ericson and Nokia are in the same market, I suppose.

BOB SEELY MP: If this was just the US, I still wouldn’t believe the argument, but it could potentially have more credence. The people who are most concerned for us would just say what on earth are you doing you don’t need to do this are the Australians, If they’re bullying us great.

Neil – Economist: I’ve got a layman’s question, what is the appeal of Huawei? Is it cost or technological expertise? Is it both or is it neither?

DR. JOHN HEMMINGS: So 18-30% cheaper than the competition is a very good start. We looked into I suppose you call them loans, subsidies would be another word that they get from China Development Bank, they haven’t used them all to be fair, but it’s allowed them to put a lot of money into R&D, so they’re very attractive in terms of pricing, they also, for countries that lack infrastructure, they can do what they call from suit to nuts. Essentially being offered loans at pretty competitive rates by the China Development Bank but the only problem is you have to buy Huawei, the bank doesn’t give you a choice of vendor. They say we’ll build your 5G system and here’s some money to do it which you can do over this time. The other thing is because Huawei is very closely tied to the Innovation and strategic, technology directors that the 13th Five Year Plan has set out, they really are, and also they’re made in China 2025 policy, they are really aiming for incredibly good technology aspirations, in a way Huawei combines the AI Big Data stuff of Google with the handsets of Apple plus the infrastructure of BT, so they’re really this incredible thing that can do it all and that’s very attractive and then…

BOB SEELY MP: Is that then part of China’s strategic objective to build up this company which is in many ways very impressive but is also subsidised so it can undercut Western firms and it can get into Western markets for the economic market of China but also to strengthen its geostrategic position which brings in security and defence aspects

DR. JOHN HEMMINGS: It’s a match made in heaven. When they built the (inaudible) Chinese military network 1994, it was a pretty big deal for them, it wasn’t huge money but it opened all these doors and I think from that day on they had a special privileged place in offering procurement to the PLA, which is very rare for a private company in China and they were also put forward as a national champion to begin to go out to the digital silk road, the primary Chinese telecoms of choice and so they are kind of, they both are private and seek profit but they also seek it in the name of, you know, like the East India Company to some extent, they are also tightly connected to the state and the state’s ambitions.

BOB SEELY MP: (inaudible) I think is very fascinating and interesting. I’m aware we’ve only got the room for 5 minutes. I’ll take another couple of questions.

Audience member: This week I  heard that Huawei was offered a 90% discount (inaudible). I’m really concerned with (inaudible) the security threat (inaudible) burden of proof on others that either the threat doesn’t exist or it can be mitigated, in that order. It seems to me that in this process, the burden of proof isn’t sitting in the right place or it wouldn’t be such a long discussion.

David, working last year as advisor to Julia Bishop: (inaudible) Do you think we’re at the right stage? How do we improve?

BOB SEELY MP: You’re right about the burden of proof, I think we’re approaching this, the burden of proof is not just on technical issues. We shouldn’t be proud of the fact, if you’ve got a history of burglary, you don’t think you’re doing really well when you invite a burglar in and he hasn’t nicked anything for three weeks, I think there’s a safe and sorry approach and this is not just about technical issues, but about trust and this is why it comes back to who do you work with, do you work with Nokia and Ericson or do you work with people who are high risk vendors. We need a Five Eyes version and maybe a Western version of what is a high risk vendor, we think know pretty much what they look like, either very sloppy on quality or tied to a one party state or tied to intelligence services and you do not allow high risk vendors into your critical infrastructure. So that’s my suggestion and I think it’s one shared by our audience here. The informed public debate, that’s what we’re trying to do and this is an attempt to raise it as a public debate. Because in 20-30 years we may bitterly regret not having that public debate and yet again your country does many things really well and that’s another thing it’s done really well.

TOM UREN: The Australian debate is framed around capability and intent so having Huawei in the network gave the Chinese state a capability and a lot of that was not to do with the technical issues of 5G but those types of equipment often have maintenance contracts where you have Chinese (inaudible) with admin proof-readers on large parts of your network so that gave them a capability to do something and the intent we couldn’t guarantee intent for any period of time so therefore there’s a risk that their intent will change.

ROBERT SPALDING: I would just say in talking to hundreds of people who have done business in China, I’ve been studying this from a long time, the fact that you can have a debate on whether or not we can trust the Chinese entity isn’t itself a win for the Chinese. They seek to draw us into a debate on their terms in a way that allows us to delay our decision making and it can in turn allow them to achieve a (inaudible)

HJS



Lost your password?

Not a member? Please click here