Intelligence and Security Committee China report/UK Response
There is no unified voice within Government about what our China strategy is … not only do you need a strategy but you actually need people to know what the strategy is and to follow it, and you need the Chinese to know what your strategy is—and none of that applies.
—Charles Parton, Royal United Services Institute
- As the world's second largest economy (and one of the fastest growing), with a military increasing in size and capability, significant levels of diplomatic engagement and a large digital sector which acts as a force multiplier, China has a significant impact on global affairs. The Government's policy on, and strategy towards, China must take this into account when considering how to tackle the threats China poses to the UK.
- At the outset of this Inquiry in 2019, HMG emphasised that, while it recognised that China poses a security threat, it also viewed it as an economic opportunity:
China is the world’s second largest economy and the UK’s fifth largest trading partner. [The] growing number of Chinese students and tourists bring significant prosperity benefits to the UK, and our trade [with] China is an important source of investment for the UK.[1]
- In 2018, Chinese Foreign Direct Investment into the UK (investment which reflects a lasting interest and control by China in an enterprise resident in the UK) was £4.2bn, the highest in Europe.[2] At the time of taking evidence, Department for Business, Energy and Industrial Strategy (BEIS)[3] joint initiatives with China in the Industry and Energy sectors included the following:
- In December 2017, BEIS signed the UK–China Joint Strategy for Science, Technology and Innovation Co-operation, which resulted in a programme to develop technology to tackle global challenges resulting from climate change, population growth and environmental pollution.
- In June 2019, BEIS signed the UK–China Clean Energy Partnership, which allowed collaboration on transitioning to greener sources of energy.
- In March 2020, BEIS supported the sale of British Steel to a Chinese firm, Jingye Group.
- The Department for Education (DfE) has similarly been keen to see UK universities benefit financially by attracting students from China: in the academic year 2018/19, more than 120,000 Chinese students were enrolled at UK universities, just under a quarter of the total 485,000 non-UK students. DfE has previously stated that it wants to increase the number of non-UK students studying in the UK to 600,000 by 2030.[4] HMG has, previously, chosen to portray this security/economy tension positively—as a 'balanced approach'—saying:
Government policy towards China is forward-leaning and robust, clear-eyed on the risks while engaging on areas where there are clear benefits to the UK.[5]
- However, the External Expert witnesses who gave evidence to this Committee in 2019 felt very strongly that HMG did not have any strategy on China, let alone an effective one, and that it was singularly failing to deploy a 'whole-of-government' approach when countering the threat from China—a damning appraisal indeed.
- Raffaello Pantucci, of the Royal United Services Institute (RUSI), told the Committee:
I think the problem is that every department has seemingly a different [China] strategy … we do not have a China strategy and at the moment what has been allowed to happen is that each department had frankly been plugging along with their own iteration of a China strategy, meaning you don't have a coherent response. We have got essentially a situation where the centre has not made it clear what the China strategy is, articulated it in a clear and coherent fashion, and then everyone will flow from that. We have lots of institutions that are, frankly, doing their own thing.[6]
When we put this to the Senior Responsible Owner (SRO) of HMG's China policy in July 2019, he admitted that the 'China Framework' (the strategy on China) was a relatively new development and "a work in progress".[7]
- Until the publication of the Integrated Review in March 2021, HMG's overarching approach towards China had not officially changed since the China Framework was formally agreed by the National Security Council (NSC) in November 2018—despite the fact that the landscape around the UK's China policy had changed significantly since then. In October 2020, the Acting National Security Adviser—who had taken over as SRO of HMG's China policy—told us that the Government’s approach to China had been discussed over the course of NSC meetings in October 2019 and June 2020 and would be updated by way of the Integrated Review.[8]
- Prior to its publication, the Committee was told that the Integrated Review would also address HMG's overall approach to economic security: whilst it was recognised that China's economic growth and influence cannot be ignored, nevertheless we were assured that there was an understanding in the Government of the need to "robustly protect our domestic economic security … This includes a focus on increasing national economic resilience and reducing dependencies."[9] This would appear to indicate something of a departure from its previous approach—although HMG downplayed the shift, describing it as "a pivot to greater resilience", rather than there being a sense of an explicit shift away from China.[10]
- The Integrated Review was published in March 2021. It is notable that, while the Review described Russia as an "acute and direct threat", it labelled China a "systemic competitor" and the "biggest state-based threat to the UK's economic security"—suggesting that Russia was still considered to pose the greater national security threat to the UK. Yet this contradicts the very clear impression given to this Committee that China is the main state security threat to British interests.[11]
- It is at least clear that, following the global pandemic in 2020, and China's response to it, the security concerns previously raised by the UK Intelligence Community are now at the forefront of Ministers' minds—a change acknowledged in December 2020 by the Deputy National Security Adviser (DNSA) and Director General MI5. The Director General noted that, whilst it had been the case in the past that "the national security community within Government and the prosperity community weren't really talking to each other", he now considered that the need to "integrate our understanding across both these domains to make the best possible choices" was a well-established fact.[12] The DNSA told us:
in the past we have perhaps not had as rigorous a process at identifying across the board what needs to be protected, based on our sovereign interest. We've had a very sophisticated process in some areas—so, for example, Critical National Infrastructure, which includes Energy and so on. We've been weaker in other areas, for example, emerging technology, potentially strategic suppliers and interdependences and data and telecoms infrastructure particularly.[13]
The DNSA cited forthcoming legislation and policy frameworks as a sign that "we are beginning to establish some rigour in the system"—better late than never, perhaps.[14]
- However, there is still a question as to whether the planning that has finally now begun is too short term: when asked in July 2019 what was the greatest threat posed by China, Director GCHQ told us that his "strategic concern" was that:
we are not thinking long-term enough about the threat that China poses, given its aspirations are out to 2049, 2039, 2025, depending on which of their documents you read and of course all of those are way beyond traditional government planning cycles.[15]
- In July 2019, the previous DNSA had voiced similar concerns, noting that "we tend to put a very short time horizon on things" and that what the NSC needed to start doing was "being a little bit more Chinese... taking a long term view about where do we need to be on some of these big critical issues, particularly around science and technology and emerging technology, looking much further out and then build back from that, so, okay, what do you need to do in [a] Spending Review for a one year or three year period, rather than just sort of lurching from a one year to a one year to a one year". The DNSA noted that HMG had started to consider options and was trying to understand how to bring an effort together, across departments, and decide who should be in charge of it. When we asked how that work would be taken forward, she told us that HMG was "making sure that we bring all the right people around the table, whether it's the scientific community that support all of our departments to the policy people who support all departments. So we're having a cross-government discussion around all that". Nevertheless, it was clear that in her words: "We've got a lot more to do".[16]
N. China is an economic power, and this cannot be ignored in formulating the UK's policy towards China. Balancing the tension between security and prosperity requires dexterity, and we understand that there are a number of difficult trade-offs involved.
O. The length of this Inquiry has allowed us to see the development of the China policy within Government and we are reassured that, belatedly, the security aspects are now being given prominence—notably more so after the pandemic.
P. It is nevertheless concerning that the security community, and the Government in general, were aware of many of these issues several years ago and yet we are only now beginning to see the introduction of measures taken to protect UK sovereign interests. The lack of action to protect our assets from a known threat was a serious failure, and one from which the UK may feel the consequences for years to come.
Q. Even now, HMG is focusing on short-term or acute threats, and failing to think long term—unlike China—and China has historically been able to take advantage of this. The Government must adopt a longer-term planning cycle in regard to the future security of the UK if it is to face Chinese ambitions, which are not reset every political cycle. This will mean adopting policies that may well take years to stand up and require multi-year spending commitments—something that may well require Opposition support—but the danger posed by doing too little, too late, in this area is too significant to fall prey to party politics.
R. Tackling the threats posed by China requires the UK to have a clear strategy on China, which is forward thinking, joined up and utilises a 'whole-of-government' approach. Work to develop such a strategy may now be in train, but there is still a long way to go.
THE 'STRATEGY': FRAMEWORKS, PLANS AND PILLARS
- In 2019, the Committee was told that there were various documents addressing the Government's strategy on China:
- the China Framework;
- the Intelligence Outcomes Prioritisation (IOP) China Plan (previously known as the Intelligence Coverage and Effects Plan); and
- ***.[17]
There was also an HMG Hostile State Activity (HSA) Strategy which is actor-agnostic but apparently informed by discussions on the China Framework and the IOP Plan.
- As ever with government strategy, it was not clear exactly how these various marginally different documents fit together, but the diagram overleaf was the best representation we were able to establish at the time of taking evidence, after lengthy discussions with those in NSS leading on the strategy.[18]
The Hostile State Activity Strategy
National Security Council
The National Security Council (NSC) owns and creates HMG policy on China, which is then set out in the China Framework, which is discussed (or aspects related to it) periodically at NSC meetings.
The China Framework
Six pillars
Senior Responsible Owner (SRO): ***
China National Strategy Implementation Group
The National Strategy Implementation Group (NSIG)—chaired by the SRO—implements the China Framework, co-ordinating policy decisions across Whitehall to avoid a binary prosperity vs security approach. Departmental representatives report back on NSIG discussions to Ministers and provide advice.
China NSIG members are: ***
China Intelligence Outcomes Prioritisation Plan
The Intelligence Outcomes Prioritisation (IOP) Plan is proposed by the NSIG on China. (The Joint Prioritisation Committee considers bids from every NSIG to balance them against the total operational effort available, and then recommends them to the NSC for approval.) The IOP Plan gives SIS and GCHQ HMG's requirements on China and allocates resources for them accordingly. It is agreed for a year, ***.[19]
The China Senior Responsible Owner and National Strategy Implementation Group- The NSC approved the China Framework in November 2018. It is intended to cover "the depth and breadth of UK-China engagement and the implications of China's growing geopolitical and global role".[20]
- The China SRO is responsible for developing the strategic framework (making sure it covers economic, security and influence interests) and getting it agreed by the NSC; for overseeing implementation of the strategic framework; and for co-ordinating issues relating to China across the Government. In 2019, the SRO explained the role:
I don't see it as my role as SRO to be responsible for every single decision across government on China, that would be too big a task and would avoid the ownership that we need across the whole system, but it acts as a brokering mechanism so that, if there is a specific point on which a department are disagreeing, the NSIG which I chair can act as the triage and be clear how we want to resolve those differences and make sure clear advice is being given through Ministers, to Ministers, either through a 'write-round' or ultimately through a ministerial discussion at the NSC.[21]
- In 2019, the Committee was told that the cross-government National Strategy Implementation Group (NSIG) was responsible for developing and implementing policy in order to deliver the China Framework. The NSIG was an attempt to improve cross-government co-ordination without centralising the response. It meets monthly and is attended by: ***.[22] ***. The SRO explained:
what we are really trying to do is not have a process which has Ministers agreeing a set of priorities and the system not following up, which was very much our feeling of what had been happening in the past, but to have a clear set of objectives, indicators which then the system is being driven to follow through.[23]
The China Framework- The 2018 China Framework consists of six 'pillars':
- 'Trading Safely';
- ***;
- 'Countering Security Threats';
- ***;
- Digital and Technology'; and
- ***.
- Each of the six pillars then has its own SRO, and these 'pillar SROs' each have their own developed objectives and key outcomes for each pillar.[24] The pillars feed into the IOP process (discussed later in this chapter). The China SRO explained the flexibility that this system offers:
So in the IOP process that is under way at the moment *** so we are confident that resource is applied in the right areas given the strategic direction set ***.[25]
- We were told that national security runs throughout the China Framework, but there are clearly three pillars which are more relevant—'Trading Safely', 'Countering Security Threats', and 'Digital and Technology'. We have not therefore included a detailed analysis of the other, less relevant, pillars.
'Trading Safely'- In line with the aims of the Integrated Review, the objective of pillar 1 is to maximise the economic benefits of interacting with China while balancing this with the protection of national security and long-term prosperity. We were told that HMG's priority was to have:
a more comprehensive approach to our economic security in relation to China, ***. This includes a focus on increasing national economic resilience and reducing dependencies.[26]
The six strands under 'Trading Safely' include, but are not limited to, themes such as investment, protection of Intellectual Property, trade, and research and development collaboration.
***
- In September 2020, we were provided with a list of actions planned under this pillar, including the introduction of the (then) National Security and Investment (NSI) Bill and, in order to improve security, additional measures under the Enterprise Act to allow HMG to intervene if a business involved in the response to the pandemic is the target of a takeover, and to lower the scrutiny threshold for mergers in three sectors (artificial intelligence, cryptographic authentication technology and advanced materials).
- The Committee was also told in 2020 that an economic security framework was being developed, which would allow Ministers to intervene in key areas of the economy on national security grounds under "a clear framework, which can be communicated to business, potential investors and international stakeholders".[27] At the beginning of this Inquiry, we were told that a new Economic Threats Unit was to be set up to identify, understand and act in cases of concern, replacing the Investment Security Group in the Cabinet Office. In addition to this, a wider set of current tools was being reviewed, including "the export control regime where specific consideration to new definitions of dual-use and emerging technology require consideration" and "an uplift to the investment screening capability to better monitor and scrutinise transactions, including those from China".[28]
- Upon publication of the NSI Bill in November 2020, it was apparent that the Economic Threats Unit in the Cabinet Office was instead to be a new Investment Security Unit (ISU) in the (then) Department for Business, Energy and Industrial Strategy (BEIS). However, there has been no indication that the ISU will carry out the proposed role to look "upstream and understand the aggressive intent behind some of the investment in the UK and therefore pre-empt it".[29]
- During the passage of the NSI Bill, we sought assurances about the oversight of the ISU. We were informed that, despite the Unit relying on classified information, oversight would be undertaken by the BEIS Select Committee. However, such oversight can only be undertaken by the ISC—as the only Committee of Parliament with regular access to classified information, and to which the UK Intelligence Community have a statutory duty to provide information.[30] We discuss this further in our Case Study on Industry and Technology.
- Project DEFEND was established as a result of difficulties experienced during the initial response to the pandemic. It focused on identifying vulnerabilities in the UK global supply chain and assessing threats to the supply of critical goods into the UK, "to better safeguard critical supply chains. This includes diversification, greater HMG oversight of the procurement process and improved contingency planning."[31] In October 2020, the Deputy National Security Adviser (DNSA) explained:
Covid has very sharply brought into relief the need to look at … CNI [Critical National Infrastructure] the supply chain, emerging technologies, critical suppliers to government, across the range and make some judgements about what we are, what we need to have sovereign, what we are prepared to work with trusted partners on and what we are prepared to leave to the global market … the Department for International Trade is leading a very large project called Project DEFEND that very specifically looks to interrogate the security of our supply chains across the board ***.[32]
- While economic security is now more of a focus at policy level, it is important that the shift in focus to securing the UK's economic resilience is mirrored at an operational level ***.[33] One example of this is the investigation of the implications of a Chinese aerospace company's (***) move to purchase a UK Low Earth Orbit satellite company, OneWeb. This is explored further in our Case Study on Industry and Technology.
S. The Intelligence Community will play a key role in the work of the new Investment Security Unit (ISU): the classified and other technical advice that the Intelligence Community provide should shape the decisions made by the ISU as it seeks to balance the need for national security against economic priorities. It is essential that there is effective scrutiny and oversight of the ISU—and that can be undertaken only by this Committee.
'Countering Security Threats'- The objective of pillar 3 is to counter threats from China and to counter global threats by working with China. Work undertaken under this pillar is intended to protect the UK from a broad spectrum of threats ***.[34]
The four strands under 'Countering Security Threats' include, but are not limited to, work on counter-influence, counter-espionage, serious organised crime ***
***
- In terms of Academia, HMG (***) has been working with Universities UK to develop guidelines on countering foreign interference, and we were told that this included helping universities to diversify their international student recruitment. In relation to Industry, the National Cyber Security Centre and the Centre for the Protection of National Infrastructure were working on security advice concerning the threat to UK research and innovation;[35] and more broadly the HMG Defending Democracy programme was undertaking work to better understand the threat to Parliament, local government and the media. (The Committee was provided with a wider list of planned activities relating to this pillar in September 2020.)[36]
- At the time of taking evidence, the Home Office was also working on a Counter-Hostile State Activity Bill—subsequently the Counter-State Threats Bill—to include reform of the Official Secrets Act and the creation of a Foreign Agent Registration Scheme alongside other new offences and civil measures provisions. This is covered later in the chapter on Legislation.[37]
Change in approach: Interference
At the beginning of this Inquiry, work to counter Chinese interference appeared very much to be a work in progress ***. The Senior Responsible Owner (SRO) for China told the Committee that this work was "***".[38] The SRO told us that it had been considered by the National Strategy Implementation Group (NSIG) ***:
*** it is certainly one of the top priorities where I think we have got to *** gain the understanding and then the response that we need. ***[39]
In early 2020, HMG told the Committee that, since ***, the China NSIG has subsequently discussed Chinese interference ***, and later that year, work being done on Chinese interference in the UK was noted in evidence to the Committee.[40]
It is clear that Chinese interference has become a higher priority than it was when we began this Inquiry. Evidence that we have seen has noted that the Government is increasing its efforts to combat Chinese information operations particularly through:
- the cross-Whitehall counter-disinformation unit working to create a comprehensive picture of the extent, scope and potential impact of disinformation; and
- ***.[41]
We examine the effectiveness of the response to Chinese interference in the chapter on Defending the UK.
T. We commend the action now being taken by the Government to counter interference by China—it is encouraging that the Government has finally woken up to the grave threat this poses to our national security.
U. However, it is worrying that 'policy ownership' of this national security activity, rather than being gripped at the centre by the Cabinet Office, has instead been devolved across the Government—in many instances to departments with no security remit or expertise. We have not been kept informed of these developments and, despite numerous requests, are not permitted to scrutinise this activity.
V. Effective Parliamentary oversight is not some kind of 'optional extra'—it is a vital safeguard in any functioning Parliamentary democracy, and the ISC is the only body that can do that. Moving responsibility for security matters to bodies not named in the ISC's Memorandum of Understanding is not consistent with Parliament's intent in the Justice and Security Act 2013: the Government should not be giving departments a licence to operate in the name of national security and hiding it from view.
'Digital and Technology'- The objectives of pillar 5 are to: protect UK innovation and security, shape the norms and standards of emerging technology in line with UK values; embed human rights and the rule of law, and manage risk ***.[42]
The seven strands under 'Digital and Technology' include, but are not limited to, themes such as: increasing supply chain resilience; maintaining influence over global technology standards; and promoting the UK's vision and norms ***.
***
- In September 2020, we were provided with a list of actions planned under this pillar, including the (then) Telecommunications (Security) Bill, which set out guidelines for Telecommunications Network Operators, new powers for HMG in relation to high-risk vendors, and wider HMG work with international partners to diversify the telecommunications supply chain.
- Other actions included: establishment of an Emerging Tech Board to identify nationally important technologies and assess opportunities and risks relating to them, the National Data Strategy, intended to ensure that data use is effective, efficient, ethical and secure; the establishment of a Digital Standards team ***; examination of rules around UK public sector procurement to see if companies potentially damaging to UK national security *** can be excluded from tendering for contracts; and raising awareness of relevant risks with British companies that wish to collaborate with Chinese digital and technology companies.[43]
W. The Telecommunications (Security) Act 2021 does not contain provision for effective oversight of the new measures being implemented. The Act provides that notification of a company or person being a 'high-risk vendor' of telecommunications equipment, and specification of the limits placed on the use of this equipment, be laid before Parliament unless provision of this information is deemed to be contrary to national security. In such circumstances it is logical—and in keeping with Parliament's intent in establishing the ISC—that this information should instead be provided to the ISC. This would ensure that Parliament could be duly notified without this information being made public and thereby endangering national security. However, this proposed amendment was rejected wholesale by the Government. This was particularly inappropriate—and, indeed, ironic—as it was the ISC that had originally raised concerns about the adoption of Huawei in the UK telecommunications network. It was our initiative that prompted the Government to introduce this legislation.[44]
The Intelligence Outcomes Prioritisation process- As set out above, the Committee was told in 2019 that the China Framework lays out the NSC's policy goals, and the China NSIG is responsible for delivering those goals. The contribution of the Intelligence Community is then set out through the IOP process.
Intelligence Coverage and Effects
Until 2019, the tasking of SIS and GCHQ was carried out under an annual process called Intelligence Coverage (i.e. getting information) and Effects (i.e. doing something which has a real-world impact), known as ICE. Under ICE, NSS was responsible for ascertaining the priorities of the National Security Council (NSC) via a series of country and thematic strategies which were approved by the NSC throughout the year. SIS and GCHQ then responded to these strategies with an 'offer' of the intelligence coverage and effects they believed they could provide in relation to them. NSS then converted this 'offer' into the ICE Plan, resolving any resource or priority conflicts which might arise. This process gave SIS and GCHQ responsibility for allocating their operational effort to find the information which the policy-maker needed or realise an outcome which a policy-maker had requested (usually as part of an overarching strategy).
In March 2020, the process of tasking SIS and GCHQ changed from ICE to the Intelligence Outcomes Prioritisation process.
- Under the IOP process, each NSIG[45] sets the intelligence requirements it needs in order to deliver its policy outcomes, and prioritises them in an IOP Plan.
- Each IOP Plan is then sent by its NSIG to the Joint Prioritisation Committee (JPC) for discussion. The JPC is chaired by the DNSA and the Joint Intelligence Committee (JIC) Chair and the Foreign Commonwealth and Development Office's (FCDO's) Director General Consular and Security[46].[47] The JIO assists by examining the policy outcomes within each IOP Plan and assessing what level of understanding can be provided by different sources (including secret, open, diplomatic, academic and business sources). This helps to establish where secret intelligence is vital and where it could possibly be replaced by open source work.
- Having reviewed the IOP Plans for the different NSIGs and taken into account ministerial priorities and the potential impact of changes in allocation, the JPC then recommends to the NSC the appropriate balance of Agency effort for the forthcoming year for each IOP.[48] The DNSA told us:
the prioritisation process that we have just gone through with the PM *** gives a really clear steer ***. So that gives the Agencies licence to operate on subjects with some discretion as to where you apply the resources.[49]
- We were provided with the agreed policy outcomes for 2020—including in relation to the 'Trading Safely', 'Countering Security Threats' and 'Digital and Technology' pillars—against which SIS and GCHQ must deliver intelligence ***. ***
X. In December 2020, we asked how the policy outcomes against which SIS and GCHQ must deliver intelligence were being prioritised. We presume, for instance, that "***" is not considered to be of the same importance as "***"; however, we have not been provided with any information. Without any indication of prioritisation, it is difficult to judge the effectiveness of Agency efforts and it is therefore disappointing—and rather telling—that NSS has failed to provide such critical information in response to this major Inquiry.
The tri-Agency approach- As set out in 2019, the Agencies take a tri-Agency approach ***. This is to ensure that—despite SIS and GCHQ having their priorities set by Ministers and MI5 being self-tasking—the Agencies can align at an operational level in terms of their contributions to the China Framework.[50]
- ***
- ***[51]
- The current tri-Agency approach *** had been agreed in June 2018. Not long afterwards the NSC produced the China Framework ***. In April 2019, the Agencies said they were in the process of reviewing their approach in order to align with the new China Framework. However, in October 2020, with no further update, we questioned what was happening and Director General MI5 told us:
While we recognise that argument, we were surprised not to have been made aware of an updated approach whilst conducting our Inquiry—despite the Integrated Review having been published in March 2021, and the IOP Plan ***. (We were subsequently updated on the agreed revised approach in November 2021—after we had concluded our oral evidence sessions and therefore too late for us to question the Agencies on it in order to reflect it in this Report.) It is simply not efficient to have these levels of planning so unsynchronised. there is a logic I think to the next iteration [of our approach] … waiting until the Integrated Review and the Intelligence and Outcomes Prioritisation process have had their say, and then we respond to that, rather than sort of UKIC settling on something inside its own brain in advance of the top-level steer.[52]
- We also note that, as at 2019, DI is not included within the agreed tri-Agency approach ***. We were told that this is because DI was also not involved in the ICE process (the previous iteration of IOP) - its tasking/prioritisation is set by the Chief of Defence Staff.[53] When we asked what impact that had on joint working, MI5 told the previous Committee that the tri-Agency approach could, in time, include DI as the Agencies and DI are now engaging much more ***.[54]
Y. We were told in 2019 that the Agencies take a tri-Agency approach, but this does not cover DI. In October 2020—over 15 months later—we asked if there had yet been any movement towards formally adding DI to the prioritisation process. The Acting National Security Adviser told us: "DI are fully part of the IOP process … of our main repositories of expertise on China." Director GCHQ noted that DI is a part of the National Cyber Force, and "when you get into the effects world … they are completely there in every aspect."[55] If DI is supposedly now fully integrated with the Intelligence Outcomes Prioritisation process, we expect the next iteration of the tri-Agency approach—when it is finally updated—to include DI.
HMG Hostile State Activity Strategy- In addition to the numerous levels of HMG's strategy on China, China also features in HMG's cross-cutting work on the threat posed by hostile activity carried out by states (as opposed to, for instance, terrorist organisations or serious organised crime groups).
- The Government developed a Hostile State Activity (HSA) Strategy in 2017, defining HSA as "overt or covert action orchestrated by foreign governments that undermines or threatens the UK's national security, the integrity of its democracy, its public safety, reputation or economic prosperity, short of armed conflict".[56]
Hostile State Activity
This Report uses the term 'Hostile State Activity', which was used by HMG and the Intelligence Community throughout their evidence provided for this Inquiry.
'Hostile State Activity' was used to describe the full range of threats posed by hostile state actors. The UK Intelligence Community's work on Hostile State Activity was explained as comprising counter-espionage and counter-intelligence activity:
- Counter-espionage is the investigation of individuals (agents) who are suspected of passing sensitive information to foreign intelligence services.
- Counter-intelligence means investigating the activities of the officers and agents of overseas intelligence services and disrupting them when necessary.
- Part of the Strategy focuses specifically on China, saying that: ***. Nevertheless, it adds that: ***.[57] HMG's aims in relation to HSA *** are set out as being to: ***
- ***. The Committee was told in 2020 that a number of pieces of work have been carried out under the Strategy since it was introduced, including:
- Establishing the Joint State Threats Assessment Team (JSTAT);
- *** publicly attributing cyber incidents alongside a range of allies and partners;
- Agreeing and initiating the Defending Democracy programme;
- Pursuing a comprehensive response to the threat of state-based disinformation, ***;
- ***; and
- Working with international ***.[58]
- While the Strategy is currently being refreshed, HMG has not—as at December 2021—provided a date for when it expects it to be ready, despite the fact that the current refresh started before August 2019.[59] As with the emerging technology policy area, it is concerning that decisions on such an important policy area are not being made with any urgency.
- HMG argues that there is a lot of work going on in the China portfolio. In October 2020, the Acting NSA told us that there was an "enormous amount of work underway at the moment" including:
*** lots of direct support to universities at the moment in that sector, for example, and lots of very demanding case work … it will be one of the major themes of the Integrated Review. We are creating new legislative powers through the Bills that I mentioned, we are trying to develop new capabilities across government, whether it is in investment screening, whether it is around education, whether it is around interference or disinformation, it is all a work in progress, given the evolution of the scale of the challenge that I mentioned earlier.[60]
- That is both welcome and absolutely necessary. The question is how effective that work will be. A number of new initiatives are cross-government and there is the potential for there to be significant change in the approach towards national security systems and processes. It is also worth noting that everything may change following the Integrated Review, which said:
The National Security Adviser will therefore review national security systems and processes to ensure that Integrated Review objectives and priority actions, as well as future policy decisions, are implemented swiftly and effectively, and to establish systems that better support the NSC.[61]
Only time will tell whether the Government will be able to tackle the "systemic challenge"[62] of China but we have concerns that, at present, it is still doing so at far too slow a pace.
Z. As at 2021, the Government had a plethora of plans that laid out its China policies. The interaction between these documents has required a great deal of unpicking, and we have been surprised at the fact that changes in one document do not always lead to consequent changes in others. The slow speed at which strategies, and policies, are developed and implemented also leaves a lot to be desired—at the time of writing we await to see what impact the National Security Adviser's review of processes will have on the China policy area, but we would certainly hope it will become more coherent.
HMG RESOURCING
- From the evidence provided by HMG to this Inquiry, there appears to have been an increase in the Government's focus on China since 2020, reflecting both the threat posed and the priorities of the Government. We would have expected to see a concurrent increase of resourcing dedicated to the China mission and therefore questioned each organisation on the resources it has been allocating to work on China,[63] and whether that has changed.
SIS- After 1997, SIS effort[64] on China reduced, but since 2004/05 it has been seeking to rebuild resources:[65]
- The percentage of operational effort dedicated to China has *** over the past 20 years, ranging between ***% (1999) and ***% (2003).
- For 2018/19 the figure stood at ***% (for comparative purposes, the figure for Russia was ***%).
- This equated to a financial spend of £*** (out of £***).[66]
- In 2020, the figure increased to ***%, and a financial spend of £*** (out of £***).[67]
- In terms of staff dedicated to China, figures[68] show *** from *** full-time equivalent (FTE) (2005/06) to *** FTE for 2019/20.[69]
- Of these, ***.[70]
GCHQ- GCHQ statistics show a similar picture:
- Between 2000 and 2019, the number of GCHQ and National Cyber Security Centre (NCSC) staff working on China increased from *** FTE to *** FTE.
- In 2020, this increased to *** FTE.[71]
- The percentage of operational effort dedicated to China has increased from ***% in 2000 to ***% in 2019.[72]
- Operational effort on China rose to ***% in 2020.[73]
- ***.[74]
MI5- MI5 statistics provide an overall picture of work on Hostile State Activity (HSA), of which China is only one strand:
- For the financial year 2019/20, HSA[75] was allocated a total spend of £*** (International Counter-Terrorism and Northern Ireland-related terrorism received £*** and £*** respectively).
- Of that £***, work on China received £***.
- This was an increase of £*** from the previous year (but it nevertheless only represents a return to the levels of ***).[76]
- The proportion of mission effort on China is around ***%. This roughly equates to *** people.[77]
JIO- JIO similarly has found it difficult to disaggregate exactly:
- In March 2021, the JIO China Team[78] contained *** FTE staff with *** due to be advertised (an increase from *** FTE pre-2017 and *** FTE in early 2019). In addition, there *** dedicated to China open source work.[79]
- The allocation of effort[80] has increased *** over the past two decades from ***% in 1999 to ***% in 2019 and then ***% in 2020.[81]
- Towards the end of 2020, the JIC Chair told us: "*** In terms of my time, I would say that I probably spend about ***% of my time on China, something of that sort."[82]
Other organisations- DI statistics for 2020 show that:
- *** analysts spent 50% or more of their time on China (a decrease from *** last year) and *** analysts spent less than 50% of their time on China (an increase from *** last year).
- ***
- DI spends £*** on China-related activity.[83] Alongside broader politico-military analysis, this includes:
- *** partnership programme with the defence industry in order to ensure that insights *** are then shared in an appropriate manner with the defence industry to advise them about how they can protect themselves;
- ***; and
- ***.[84]
- DI has previously told the Committee that it does not hold comprehensive records relating to allocations of effort on China for past years.[85] We found that difficult to understand. DI explained that "allocation of effort is challenging [for it] to calculate given the range of intelligence capabilities and specialisms within DI, many of which cover multiple geographic areas". Notwithstanding that, we are surprised that information on allocation of effort on an area as supposedly significant as China is not readily to hand so that it can be kept under constant review.
- Homeland Security Group[86] statistics for 2020 show that:
- Approximately *** staff[87] worked on China ***.[88]
- This is a decrease from 2019, when *** FTE staff worked on China. In 2019, the Committee was told that *** due to be recruited, which would raise the number of dedicated staff to *** FTE.[89] Then in 2020, we were informed that the figure "will rise to *** FTE ***."[90] At the time of taking evidence, we had yet to receive confirmation that this uplift had taken place.
- NSS has *** staff[91] working on China with an administrative spend of £*** per annum. This includes a secretariat for the China National Security Council (NSC) strategy and National Strategy Implementation Group (NSIG), co-ordination of cross-cutting policy in support of that strategy, and provision of advice to the Prime Minister.
Potential for increase in resourcing- When we took evidence in autumn 2019, the Intelligence Community told us that any increase in resources on China would have to be viewed as necessary by the NSC (and the Treasury) and it may be that the threat posed by Russia, Iran or counter-terrorism could be considered as more in need of increased resourcing. In the past, such balancing of priorities has seen resources being diverted away from China onto acute counter-terrorism priorities. As Director General MI5 explained to the Committee:
*** there are some difficult choices when the CT [counter-terrorism] thing has not reduced in its scale and its sharpness... we need to figure out how much of these kinds of capabilities feels enough or proportionate against this threat.[92]
- MI5 told the Committee that there were things that the Government could invest in that would improve overall defences (against HSA). But, if the NSC decided that a new area was of great ***.[93] GCHQ told the Committee that it was investing in training people to work on China *** but that, in terms of analytical effort, difficult decisions would have to be made in order to balance it alongside work on other areas ***.[94]
- In 2019, the SRO for China was clear that there was "a big set of questions for a Spending Review" where the China effort was concerned.[95] The Agencies explained that they had submitted ambitious bids to the 2020 Spending Review but that there would be difficult decisions. According to MI5 ***[96] SIS echoed this, and also noted that despite increased focus on China ***.[97]
- We were concerned in particular at the *** in Homeland Security Group working on China, but welcomed the expected increase in resourcing across the Intelligence Community. We expected to see resourcing of the upward trajectory maintained in the Spending Review, given that China is now recognised as an enduring national security challenge. In 2021, we were told that a one-year annual uplift had been granted to the Agencies' China mission ***[98]
- The Agencies also advised the Committee that this increased funding would be allocated to promoting resilience, specifically to:
support modest investment in MI5's efforts to raise awareness and provide advice to government and Industry on China-related threats, and the delivery of a more finely tuned response to the economic threat posed by China to the UK's Critical National Infrastructure and Science, Technology and Critical Knowledge sectors, and enabling us to better detect threats of hostile investment through data analysis.[99]
- However, the Agencies were clear that this additional funding was only a stop-gap: "Whilst these investments allow us to grow and maintain critical mission capabilities, further growth in SR21 [Spending Review 2021] is required to enable us to respond to the sheer scale of the China threat."[100] Director GCHQ reinforced this message, telling the Committee: "Russia has given us some really crappy weather but China is giving us the climate. We really have to think strategically and long term [about China]."[101]
- The National Cyber Force (NCF)—a partnership between GCHQ and the Ministry of Defence, including elements from SIS and the Defence Science and Technology Laboratory—was also announced as part of the Spending Review. The Intelligence Community told us that the NCF is expected to improve and increase the UK's cyber capability and "enhance the UK's position and reputation as a top-tier cyber power".[102] NCF priorities are derived from NSC priorities and are set through a forum chaired by the Deputy National Security Adviser, separate from the IOP process described (although we were told that IOP Plans do inform and are reflected in NCF priorities).[103] We have been told that, since the NCF started operating, it had been able to expose and counter false narratives ***. Countering interference was cited as another area *** for the NCF ***.[104]
- In addition to the uplift under the Spending Review, MI5 has been able to increase the
number of people working on the China threat area (from September 2020 to March 2022),
doubling the overall effort on ***.[105] ***.[106] The Intelligence Community noted:
Whilst these investments allow us to grow and maintain critical mission capabilities, further growth in SR21 is required to enable us to respond to the sheer scale of the China threat.[107]
AA. The level of resource dedicated to tackling the threat posed by China's 'whole-of-state' approach has been completely inadequate. While a shortage of resources had been identified as early as 2012, effort was diverted onto the acute counter-terrorism threat arising from Syria. The increase in funding on the China mission in 2020 was therefore both necessary and welcome. But it was only for one year. HMG cannot think or plan strategically with such short-term planning.
BB. HMG must explore the possibility of a multi-year Spending Review for the Agencies, in order to allow them to develop long-term, strategic programmes on China and respond to the enduring threat. The UK is severely handicapped by the short-termist approach currently being taken.
DEFENDING THE UK
Responsibility- Under the Security Services Act 1989, MI5 is responsible for countering Hostile State Activity (HSA), i.e. "protection against threats from espionage, terrorism and sabotage [and] from the activities of agents of foreign powers". In May 2019, MI5 had around *** full-time equivalent (FTE) staff working on State Threats—predominantly on counter-intelligence and counter-espionage but also on counter-proliferation and state-sponsored terrorism work. The HSA team primarily focuses on Russia, China and Iran but they also have a 'Rest of the World' remit.[108]
- MI5 also has responsibility for the Joint State Threats Assessment Team (JSTAT). JSTAT provides assessments and a holistic view on the national security threat posed by:
- espionage;
- assassination;
- interference in our democracy and society;
- threats to the UK's economic security, and
- threats to the UK's people and assets overseas.[109]
It therefore looks in depth at the threats from *** activity, as well as niche and emerging threats, and provides assessment for a wide range of government departments.[110]
- JSTAT works under MI5's legal authorisations. It is governed by a Board ***, and draws its staff from across government, including policy departments, MI5, DI, SIS and GCHQ. In 2019, the Committee was told that JSTAT had around *** analysts, *** of whom were working on China in February 2020 (the previous Committee was told that the intention was to increase that *** by the end of the financial year 2019/20).[111] By late 2020, the number had risen *** and the intention was for a further increase *** in 2021, subject to the outcome of the Spending Review.[112] MI5 explained that JSTAT was vital to countering the threat from China:
So we have already clocked that we need to bolster how we are bringing together a fragmentary complex intelligence picture, mixing that with what is in the public domain, because, as I have said, a lot of the China intent is very public, and then using that to inform the security aspect of the judgement that then is part of informing Ministers and the Departments about the overall balance.[113]
Focus and coverage- MI5's objectives in relation to HSA are to "seek those trying to pass sensitive UK information and equipment to other countries and ensure they don't succeed" (counter-espionage) and to "disrupt the actions of foreign intelligence officers where these are damaging to our country's interests" (counter-intelligence).[114] MI5 told us that its role is spread across a range of areas, including investigating activity against UK interests both within the UK and abroad (as well as remotely online) ***. MI5 also has responsibility for detecting (and countering) "penetration of government, or the Agencies themselves for that matter" ***.[115] MI5 told the Committee that:
the MI5 role is clearly central on the counter-intelligence element ***[116]
- In 2020, *** of MI5's operational effort was focused on China.[117] *** in order to counter the breadth of the China threat, MI5 has prioritised[118] its efforts "***".[119] MI5 told us that it was working on a number of areas relating ***, including:
- ***[122]
- Although MI5 argued that the measures it was taking were proving to be effective, it also accepted that ***. Director General MI5 told us:
We've built up quite an experience base now ***. So I don't think we are likely to be ***. Clearly that's in some ways not that different to the version I face of that around counter-terrorism, for example. ***.[123]
Tools
HMG uses a variety of tools to disrupt Hostile State Activity (HSA):
- Interviews: *** there may be a discussion arranged with that individual ***.
- Vetting action: Removing the security clearance of British nationals with access to sensitive information who pose a national security risk, including those who may have been in contact with foreign intelligence services ***
- Expulsion of intelligence officers: Removal of intelligence officers operating in the UK under diplomatic cover (under the terms of the Vienna Convention). ***
- Capacity-building with allies and partners: This may involve *** training, support or skill development ***. ***. This is covered further in the chapter on Working with Allies.
- Visa action: As is standard, the Home Office can consider revoking a visa on the grounds that someone's presence in the UK is 'not conducive to the public good' ***[124] ***[125]
- Legislative measures: There are a number of different pieces of legislation available for the Agencies to use such as the Official Secrets Act, the Computer Misuse Act and civil law remedies such as patent or copyright infringement. However, according to the Agencies, they are of limited use in countering HSA (legislation is considered in more detail later in the Report).
- Démarches: This might include, amongst other things, requesting the removal of named intelligence officers from their positions ***.
- Briefings to Industry: These are used where intelligence indicates there is intent to target certain companies or Industry sectors ***. This work is led by the Centre for the Protection of National Infrastructure and the National Cyber Security Centre, but—given the wide range of individuals, assets and organisations—disrupting every incident cannot be guaranteed.
- Countering cyber threats: This includes exposing and disrupting the activities of state-sponsored hackers ***.[126]
Protective role: CPNI and NCSC- The Centre for the Protection of National Infrastructure (CPNI—accountable to MI5) and the National Cyber Security Centre (NCSC—part of GCHQ) play a key role in engaging with those both within and outside Government to protect national security:
- CPNI has a preventative and advisory role, dealing with the non-cyber threat to Industry. It follows a "threat-focused and intelligence-led" approach to engagement, allocating resources to sectors, industries and businesses where there is evidence of Chinese desire to gain knowledge, technology, expertise and Intellectual Property (IP). CPNI works with cross-government partners "to raise awareness of the threat, identify vulnerabilities, and to provide holistic advice and mitigations".[127]
- NCSC was set up to be the single authority on UK cyber security. It works closely with government departments to help them own and manage the risks in their sectors of Critical National Infrastructure, including setting policy and direction for protecting the sector, ensuring legislation is fit for purpose, and understanding how the operators are responsible for the security and resilience of their own systems and assets.[128] It works jointly with CPNI in a number of areas, including recently producing guidance for Industry and Academia on engaging with foreign entities. This guidance (Trusted Research) provides advice to senior leaders and individuals about how to protect research, IP and products.[129]
- MI5 told us that CPNI and NCSC carry out regular protective defensive briefings.[130] These can either be regularly scheduled briefings to a particular sector or they can be specific briefings in response to intelligence received suggesting that a company is being targeted. ***.[131] Although this work is actor-agnostic, China is acknowledged to be the greatest threat.[132] Director General MI5 noted:
when we are talking about the protection of Intellectual Property, economic security, those kinds of themes, mostly in that space we are talking about the threat of China. Russia does also spy against particular sectors, you know, most famously Energy, but for the most part the chunk of CPNI that is addressing espionage and the theft of information and those kinds of influence risks is mostly there to tackle ***.[133]
- Director GCHQ told us that NCSC "seeks to investigate Chinese cyber intrusions and defend against them, including advising our Critical National Infrastructure, our military and defence colleagues on how best to defend".[134] NCSC carries out its defensive role by:
- providing bespoke advice and guidance;
- working with providers of Critical National Infrastructure on bespoke projects to enhance standards;
- responding to incidents; and
- engaging in proactive research and design in order to help the sector think about its vulnerabilities end-to-end. This might include:
- identifying the networks and information systems that are critical;
- carrying out risk reviews;
- producing guidance to help in sector-specific technologies; and
- working with key vendors to better secure their supply chains.[135]
A new approach- In June 2019, MI5 told the Committee that, instead of relying on uncovering HSA through investigations, in future it will place greater emphasis on making sure that the UK is a difficult operating environment for hostile state actors. ***.[136]
- MI5 updated the Committee on this work in late 2020, saying that it believed its record over the past year was "***" in that it had ***.[137] The Director General told the Committee:
There is some good work happening, which is informing a range of policy action, and one recent example would be ***. That work has in part been stimulated by some very good analysis and assessment work which has brought together that picture.[138]
- However, the fact remains that there have been no prosecutions and only one arrest of a ***. This is partly down to the difficulty in prosecuting espionage offences (discussed further in the chapter on Legislation) as Director General MI5 explained:
*** more often it is information that confers a UK advantage but isn't necessarily a … state official secret, which is one of the reasons why the proposed new legislation is something that we see advantage in.[139]
CC. MI5 is responsible for countering Hostile State Activity, and the Centre for the Protection of National Infrastructure and the National Cyber Security Centre play a key role in engaging with those within and outside government to protect national security. There is a wide array of defensive tools, which are being used to good effect, but the Government has come late to the party and has a lot of catching up to do. Our closest allies identified the need to use such tools against China long ago and we must learn from their experience and knowledge.
DD. It is also clear that this defensive effort requires a cross-government approach. However, this transfer of responsibility will need to be a well-thought-out, gradual process with adequate support provided to the departments and some degree of control retained at the centre. HMG needs to ensure that those departments not traditionally associated with security are properly resourced with security expertise, properly supported and properly scrutinised.
Challenges in tackling Chinese spyingLack of Chinese Intelligence Services action in the UK- ***
Global threat- The UK's significant economic, political, military and commercial co-operation with China provides the Chinese government with numerous opportunities to spy on the UK globally, including through the many British individuals based abroad ***. The work undertaken by the UK Agencies is therefore international and cross-Agency. MI5 noted that *** and told us that:
***[140]
An obligation on Chinese nationals- China has passed a number of pieces of security legislation in recent years.[141] These require Chinese citizens to provide assistance to the Chinese Intelligence Services (ChIS) and to protect state secrets—this includes Chinese locally engaged staff in embassies (and could also potentially be applied to foreign companies and even foreign nationals based in China). This would appear to be a clear avenue through which the Chinese staff of UK companies might be compelled to co-operate with China ***.[142]
- In November 2021, China's Personal Information Protection Law (PIPL)—a Chinese version of the General Data Protection Regulation (GDPR)—came into effect. This asserts state power over data belonging to both Chinese and foreign companies. According to legal experts, "the PIPL exerts certain exterritorial jurisdiction over data processing activities that happen outside China if the purpose is to provide products or services to individuals located in China, or to analyse or assess the behaviours of individuals located in China."[143] The Chinese government can therefore force Chinese and other companies to turn over their data as soon as it involves any Chinese citizens. However, in reality, it is not possible to compartmentalise Chinese citizens' data—meaning that China gets access to all data. A particular concern is China's use of this legislation to hoover up data from applications such as those used to book taxis and mini cabs—which can track a traveller's movements, capture photographs and link passengers to other users. We discuss China's collection of data in detail in our Case Study on Industry and Technology.
Use of journalist cover- We questioned whether the UK's freedom of speech might also be exploited for the benefit of intelligence operations by China, including through the use of ***.[144] ***[145] However, it must be noted that ***.
Targeting of unclassified material- As has been mentioned previously, the ChIS also target unclassified UK material—an act which (in many circumstances) would not be an offence in UK law. This activity may be more difficult to detect and counter, although the Committee notes that this was an area being looked at by the (then) Department for Business, Energy and Industrial Strategy, and the Home Office, including through possible legislation.
EE. Chinese law now requires its citizens to provide assistance to the Chinese Intelligence Services (ChIS) and to protect state secrets. It is highly likely that the ChIS will use such legislation to compel the Chinese staff of UK companies to co-operate with them. It is also likely that China's Personal Information Protection Law will lead to the Chinese government forcing Chinese and other companies to turn over their data held on Chinese citizens. As compartmentalisation of Chinese citizens' data will be difficult, this is likely to mean that, in practice, China will obtain access to data held on non-Chinese citizens as well.
Challenges in countering Chinese interference operations- Much of the impact that China has on national security is overt—through its economic might, its takeovers and mergers, its interaction with Academia and Industry—as opposed to covert activity carried out by its intelligence officers ***. This means that 'interference' operations can be less easy to point to than traditional 'spying' operations ***.
- The UK Intelligence Community have been open with the Committee about the challenges of detecting Chinese interference operations:
China's blended approach—its intertwining of overt and covert activity—poses significant challenges. ***. Unpicking this is difficult.[146]
- The JIC Chair acknowledged that "*** some of it is legitimate activity, some of it … [is not] legitimate but not necessarily illegal".[147] MI5 clarified the role that the UK Intelligence Community plays in identifying Chinese interference operations:
*** A lot of that will be visible, open, what I think diplomacy is about, that fostering of understanding, but we worry about where it is more covert or more nefarious.[148]
Understanding the threat- ***
- ***
- ***
- ***
- ***[149]
- ***
***
***[150]
- The JIO, working with NSS and JSTAT, told this Inquiry that they were working to 'map' foreign interference ***.[151]
FF. The UK Intelligence Community have been open with the Committee about the challenges of detecting Chinese interference operations. ***
Taking responsibility- One of the factors in the lack of understanding is that, until recently, the Agencies did not recognise that they had any responsibility for countering Chinese interference activity in the UK, since they considered that the policy community had mandated them to focus on other threats. In 2019, they told the Committee that ***:
Responsibility for mitigating the more overt aspects of the [Chinese] threat to the UK rests with government policy departments ***.[152]
- Historically, this resulted in an intelligence gap as it meant that not only were the Agencies not taking responsibility for tackling it, they were not even proactively seeking to identify it. Instead, it 'fell through the cracks' as the Government was relying on government departments to identify and then tackle the threat posed by China on their policy areas. (This was not unusual—we reported a similar historic problem in our Russia Report.) Yet the whole-of-state approach used by China meant that various UK government departments were trying to tackle different versions of the same problem—that of Chinese nationals, whether employed by the Chinese Communist Party or private individuals, actively working for China's benefit. For example, at the time of taking evidence, the Department for Education (alongside the (then) Department for Business, Energy and Industrial Strategy) was responsible for identifying and tackling Chinese interference in UK Academia.[153]
- However, there is no evidence that Whitehall policy departments have the necessary resources, expertise or knowledge of the threat to investigate and counter the Chinese whole-of-state approach. The nature of China's engagement, influence and interference activity in the UK is difficult to detect, but even more concerning is the fact that the Government may not previously have been looking for it. ***.
- Since the Committee began taking evidence and questioning the Agencies on their lack of involvement in tackling overt aspects of the Chinese threat, there appears to have been a change in approach. ***[154], ***.[155]
- MI5 told us that this decision was part of a "gradual widening of our aperture" to look beyond the traditional focus ***.[156] This allowed it to increase its work on influence alongside espionage. MI5 says that it is exploring ***.[157]
- In October 2020, the Acting National Security Adviser (NSA) told the Committee that there was now "an enormous amount of work underway, and of course it is not perfect at the moment, but it shows, I think, that we are joining up more effectively across government and between the covert side and the overt side, to get our arms around the scale of the threat".[158] Director GCHQ also told us that the situation was improving. However, the Director also noted that there was a tension between centralising the response and empowering the lead government department to address the issue (which had, in the past, resulted in a lack of co-ordination).[159]
- In December 2020, the DNSA acknowledged that neither the (then) Department for Business, Energy and Industrial Strategy (BEIS) nor the (then) Department for Digital, Culture, Media and Sport (DCMS) was yet able to engage fully in national security decision-making structures:
The one area probably of vulnerability at the moment, both for BEIS and for DCMS in handling some of their cases is their security expertise, their capabilities, their infrastructure one of the reasons we have incubated the Economic Threats Unit/Investment Security Unit in the Cabinet Office is because we have that very rich relationship and can do that kind of intelligence component. So the reason we haven't sort of chucked it straight over the fence is that we are trying to give BEIS some time to build that capability. They have just appointed a new security Director and that work is ongoing and we will support them with that. But I think it's important that we support and enable them rather than continue to hold everything at the centre, in the same way as the Department of Transport would run aviation security and have that connectivity into [MI5]. Similarly with BEIS on investment security, we have to help them to be able to run this themselves.[160]
- This is clearly a time of significant change within the national security structures across the Government. Whilst we are supportive of the notion of making every part of the Government responsible for national security, equally that must not result in no part of the Government being responsible for national security policy.
GG. It is incumbent on the Government to report on how national security decision-making powers are being dispersed across the Government. It should annually update this Committee on the number of personnel cleared to see Top Secret material in each of the departments with new national security decision-making powers, together with the facilities provided to them (secure IT terminals and telephones etc.).
HH. Failure to get this transition right from the outset could lead to decisions that fail to withstand external challenge. Furthermore, as there is an adjustment in national security responsibility, so too must there be an adjustment to ensure there is effective Parliamentary oversight of all aspects.
ON THE 'OFFENSIVE'
- SIS and GCHQ's intelligence work encompasses both 'coverage' and 'effects'. 'Coverage' is the collection of information (or acquisition of information from allied intelligence services) by the Agencies, whereas 'effects' describes the Agencies' engagement in activities which have real-life outcomes. ***
The roles of SIS and GCHQ
SIS is the UK's foreign human intelligence (HUMINT) agency. Areas of work that SIS undertakes include:
- cultivating and maintaining agents who are in a position to pass on secret information; and
- obtaining and sharing information which our allies have gathered on China.
GCHQ is the UK's signals intelligence (SIGINT) agency. Areas of work that GCHQ undertakes include:
- applying selectors to emails obtained by bulk interception;
- intercepting material transmitted over military communications systems;
- covertly accessing computer systems in order to obtain the information they contain; and
- sharing information with our allies' intelligence agencies.
Allocation of effort- Operational effort within SIS and GCHQ is broken down into different 'missions' (as explained in the chapter on HMG Resourcing). As at 2020, SIS allocated ***% of its overall operational effort to China and GCHQ allocated ***% of its operational effort to China.[161] The China mission is then further broken down into the different requirements' on China which the Government has set for SIS and GCHQ.
- In evidence in 2020, SIS broke down its operational effort in relation to China as ***
- ***
- ***
- ***[162]
- In 2019, GCHQ noted that its operational effort was similarly divided but with an additional focus on ***.[163] A year later, Director GCHQ told us that there were between *** and *** active Chinese cyber groups, and that GCHQ was able to cover ***.[164]
Requirements- The outcomes—what the Government wants to achieve—in relation to China are set though the Intelligence Outcomes Prioritisation (IOP) process[165] (discussed in the earlier chapter on The Strategy). HMG says that the IOP process is designed to ensure that SIS and GCHQ's work accords with the priorities set by the National Security Council (NSC), so that the information and outcomes they provide will best serve the wide range of demands from their customer' departments in the Government. The IOP Plan is meant to set out the Government's priorities for SIS and GCHQ, to be delivered through 'coverage' and 'effects'.
- In October 2020, the Committee was provided with the China Policy Outcomes, set within the China IOP process. As opposed to the tasking document previously produced, we were informed that instead these outcomes "guide the setting of SIS & GCHQ contributions but are not themselves requirements for Agency coverage or effects" and that the policy outcomes "are not delivered by secret intelligence and effects alone".[166] However, this change in emphasis (reflective of the Fusion Doctrine) means that it is now not possible to establish to what extent SIS and GCHQ are individually responsible for any progress made against these outcomes—and therefore how their effectiveness or performance can be meaningfully assessed. We question the logic behind this.
- Nevertheless, we can examine the responsibilities of SIS and GCHQ by comparing the 2019 and 2018 Intelligence Coverage and Effects (ICE) Plans, which were tasking documents:
- ***[167]
- ***
When (in 2019) we asked about the 2018 ICE Plan, SIS told us that:
***[168]
- Given that the ICE Plans were drawn up in consultation with SIS and GCHQ, it would suggest that the Cabinet Office and those Agencies felt that they were in a position to effect more real-world outcomes in 2019 than they were in 2018. This is reassuring, if that trajectory continues. Nevertheless, without knowing the current requirements set for both Agencies, we cannot judge what their current division of work is between finding out information and stopping the Chinese from doing things that hurt UK interests.
Coverage- Examples of GCHQ and SIS China 'coverage' work provided in 2018 include:
- Although not part of the IOP Plan, DI also works to a number of intelligence collection goals. There is a particular focus on ***.[172]
Effects- Intelligence 'effects', also referred to as covert action, are SIS and GCHQ activities which have real-life outcomes. Effects work against hostile states was explored during the Russia Inquiry, when Committee Members were told that HMG does not deploy effects with the goal of effecting organisational collapse, in the way that they might be deployed against international terrorist groups, for example. As a result, the Agencies' effects work *** can involve capability-building (the sharing of knowledge and capabilities with partners), and counter-intelligence work to disrupt intelligence operations ***.[173] More broadly, HMG can employ intelligence diplomacy (the use of intelligence information and relationships to influence international action), which can range from using intelligence partnerships to build alliances or encourage action on a particular issue, to the maintenance of alternative diplomatic channels with governments or non-state actors with which it is considered impolitic to have overt diplomatic relations.
According to the evidence provided to the Committee in this Inquiry, the same principles broadly apply to SIS and GCHQ's work on China ***. When we questioned GCHQ in 2019, we were told that:
***[174]
- As noted previously, the 2018 China ICE Plan ***.[175] This was being delivered through a counter-cyber programme known as Operation WINDERMERE.[176]
Case study: Operation WINDERMERE (counter-cyber)
The UK Intelligence Community told the Committee in 2019 that the UK is leading internationally on countering the cyber threat from China. (Given that there has been a lot of public reporting regarding the UK's limited focus on China by comparison with its Five Eyes partners, it is interesting that the UK Intelligence Community consider that they are leading internationally on responding to the Chinese cyber threat.)
Operation WINDERMERE is a cross-UK Intelligence Community strategy to address Chinese cyber activity, led by GCHQ ***. It aims to "reduce the impact of the Chinese State's cyber programme on UK ***."[177]
The strategy focuses on taking intelligence *** and using it for defence means (in order to make UK cyber space a hard operating environment) ***.[178] The approach combines a mixture of diplomacy, law enforcement action and PROTECT[179] work. ***.
The UK Intelligence Community say that they are working to identify and build knowledge of the Chinese cyber actors assessed to pose the highest threat to UK national security ***.[180]
- As such, encouraging other countries to demonstrate unity on the attribution of such behaviour (***) is key.[181]
- The 2019 ICE Plan, by comparison ***. These included:
- Against the 'Trading Safely' pillar ***.
- ***.[182]
- ***.
- ***.
- Against the 'Countering Security Threats' pillar ***.
- ***[183] ***.[184]
- In late 2020, GCHQ told us that:
*** [these] include attribution-public attribution—they include working with other nations to call out Chinese malign activity in cyber space, they include technical advisories, [and] they include advice to companies to close off their capabilities.[185]
- ***.
- Against the 'Digital and Technology' pillar
- ***
- Against the 'Trading Safely' pillar ***.
- Following the Spending Review, we were told that, since the National Cyber Force (NCF) had started operating, it had been able to expose and counter false narratives ***. Countering interference was cited as another area for the NCF ***.[188]
Are SIS and GCHQ 'achieving'?- Although SIS and GCHQ were judged by the Cabinet Office to be meeting or exceeding most of their ICE targets on China in 2018, this seems largely due to expectation management, as most targets were set to 'some' or 'limited' contribution—so, although they met their targets, the targets themselves were set rather low.[189]
- When the Committee asked Director GCHQ in 2019 if he felt "that in the circumstances [GCHQ was] not doing too badly", the Director agreed with that assessment—but also said that it was still very much at the starting point.[190] ***.[191]
- SIS noted that the 'coverage' targets in the 2018 ICE Plan had enabled it to start work, jointly with GCHQ and MI5, on ***—this, rather worryingly, implies that little had actually been achieved at that point.[192] When, in 2019, we pressed on why there appeared to be so little work ***, GCHQ told us that:
coverage leads directly to intelligence reporting, which can have an impact and does have an impact and affects the way we position the UK's policy, it affects the way we are conducting our international relations and it affects the way we are laying down our capability investments in the future. So *** then I think that is probably a more precise way of thinking about that. The answer to why so much [is directed] at *** at the moment is because ***.
***[193]
- When we asked again, in late 2020, what had now been achieved, GCHQ said that the increase in effort could be seen in all areas of activity, including the collection of intelligence, effects work ***, and in the defensive aspects of the cyber effort. The progress *** meant that:
we have made massive headway, such that the issue is starting to be how do we deal with the scale of the information at our disposal? How do we get into and focus the effort on the things that we most care about ***.[194]
- In terms of other work *** brief reference has been made to work carried out in relation to health (and specifically Covid-19). In 2020, the Deputy National Security Adviser (DNSA) said "… over the last ten months or so of Covid we have certainly seen on the health side some advantage ***".[195] However, no further detail has been supplied.
- In October 2020, the Acting NSA told us that a new group, which sits below the China NSIG, had been created to look at *** work, ensuring that it is joined up. One of the reasons why this group had been created was because the Government expected this work "to grow in future".[196]
- However, when we asked, again, in 2020, how SIS and GCHQ had performed against the requirements set by the Cabinet Office, we were told that the pandemic meant that there had not been a Cabinet Office review of whether either Agency had met its targets.[197]
II. It is clear that there has been progress in terms of 'offensive' work since we started our Inquiry—for instance, an increase in 'effects' work. However, given what appears to be the extremely low starting point, this is not cause for celebration ***. Both SIS and GCHQ say that working on China "is a slow burn, slow-return effort"[198] ***.
JJ. GCHQ and SIS tasking is set by the Government and, rightly, they cannot work outside the Government's priorities. Nevertheless, the fact that China was such a relatively low priority in 2018—the same year in which China approved the removal of term limits on the Presidency, allowing President Xi Jinping to remain in office as long as he wished—is concerning. Work must continue to be prioritised now to make up for this slow start and there must be clear measurement and evaluation of effort.
SIS and GCHQ challenges in operating against ChinaPolitical and economic considerations- Prior to the pandemic, the UK's relationship with China was based on an approach that sought to balance prosperity with national security issues—unlike Russia, which is seen unambiguously as a threat. Although that balance appears to have shifted since, with the push to protect the UK's domestic economic security, HMG acknowledges that China's economic might cannot be ignored.[199]
- This has an impact when planning action. For example, exposure of intelligence work may damage bilateral relations to the extent that UK trade and investment interests are affected.[200] Similarly, when HMS Albion performed a Freedom of Navigation Operation in the South China Sea in 2018, China appeared to reduce economic engagement with the UK. In 2019, the Senior Responsible Owner told us that HMG *** had discussed how to re-engage the Chinese:
[it] was re-established after *** diplomacy and engagement, there were some decisions that the Treasury had to take about how they were approaching that dialogue, ***. Because of the cross-cutting nature of that, that wasn't a decision that the Treasury could just take alone. So we worked through the coordinating process to get a clear set of choices and decisions ***.[201]
Surveillance- China is often referred to as a surveillance state, using a range of methods from state-of-the-art technology to neighbourhood watch schemes to monitor its citizens and residents. There is near-comprehensive CCTV coverage in Beijing as well as in most other major cities.
- The rapid pace of technological development is only increasing this challenge. China is in the process of integrating its world-leading technologies, such as face recognition and artificial intelligence (AI), in order to allow state authorities to track and follow all residents around its cities. Further development and integration of AI would allow monitoring and automated flagging of unusual behaviour or activities.[202]
- When, in July 2019, we asked the Intelligence Community about this, China was described as a "totally sensored environment … sensors everywhere and computers making sense of those feeds for individuals to spot [an] anomaly" ***. It was expected that such an environment would "increasingly become the norm *** because this technology is cheap and will be exported".[203] ***.[204]
- *** Surveillance of Chinese citizens with access to secret information is particularly acute: individuals working on sensitive areas are subject to travel bans and cannot leave the country without express permission. The Chinese intelligence system is both hugely capable and uncompromising: those convicted of espionage can face the death penalty.[205] ***.
- Surveillance in China has also extended to the virtual world. China's well-established domestic technology sector poses a significant challenge in terms of SIGINT collection. The blocking of Western web services and applications, and the dominance of Chinese apps ***[206]
Equipment Interference
Equipment Interference (EI) describes a range of techniques that may be used lawfully to obtain communications, equipment data or other information from equipment. In plain English, most people would call this 'hacking'; however, the Intelligence Community avoid this term because it lacks a formal legal definition and is widely used to imply illegal activity. EI is the official term used for such activity within the Investigatory Powers Act 2016 and associated Codes of Practice. This replaces the previous term 'Computer Network Exploitation'.
EI can be carried out remotely or by physically interacting with the equipment, and may include interference with computers, servers, routers, laptops, mobile phones and other devices, as well as cables, wires and storage devices.
EI can vary in complexity. Examples of EI might include:
- covertly downloading data from a subject mobile device when it is left unattended;
- using login credentials to gain access to data held on a computer;
- exploiting existing vulnerabilities in software to gain control of devices or networks; or
- remotely extracting material and monitoring the user of the device.
Size- Even without the challenges of Chinese surveillance, the sheer size of the Chinese state presents a significant challenge when it comes to gaining coverage. It can be extremely difficult to keep track of the vast host of Chinese ministries and party organs, the status of which within the Chinese Communist Party and government is constantly evolving. ***.[207]
KK. It is clear that both GCHQ and SIS face a formidable challenge in relation to China. What we were unable to assess—without the specific requirements set for the Agencies or any idea of the prioritisation of the 'outcomes' within the Intelligence Outcomes Prioritisation Plan—is how effective either Agency is at tackling that challenge. As a result of pressures placed on civil servants during the Covid-19 pandemic—including fewer people in offices with access to the necessary IT systems—the Cabinet Office has not measured the Agencies' success against its requirements, and so neither the Government nor Parliament has any assurance about their effectiveness.
LL. We have seen efforts grow over the duration of this Inquiry. We expect to see those efforts continue to increase as coverage leads to an increased programme of 'effects'. However, given the importance of the work, it is vital that the Cabinet Office carries out an evaluation on whether SIS and GCHQ are meeting their targets in relation to China. That evaluation must be shared with this Committee.
MM. ***. Increased surveillance, both in the physical and virtual world, poses significant challenges to long-term intelligence-generating capabilities ***. This problem is only going to get more difficult. SIS and GCHQ should prioritise work on this ***[208] ***.
WORKING WITH OUR ALLIES
- Given the difficulty of obtaining intelligence on China and countering its activity, intelligence-sharing relationships with other countries are vital: one of the Government's key messages in the Integrated Review was that the UK is stronger as part of an alliance, and we have sought to establish whether that is being put into practice and where the challenges lie.
Five Eyes- The Five Eyes intelligence-sharing network is vital to UK efforts in countering the challenges posed by China. SIS told the Committee that, within the Five Eyes community, there is very strong, increasing co-operation on China.[209] Director GCHQ told the Committee: "When the UK, with its allies, focuses on the targets it most cares about, it can have real … impactful effect, and I have absolutely no doubt about that."[210] Of great importance is the burden-sharing arrangement between the partners ***. From the evidence presented below, it can be seen that the UK benefits significantly from the Five Eyes partnership in the case of China.
- SIS told the Committee that, in 2020, ***% of UK coverage of China came from ***.[211] Without that *** assistance, tackling the threat would be much more difficult. This is also clear in relation to ***—in 2020, ***% of coverage was derived from *** collection.[212]
- For GCHQ, it was a similar picture in terms of the "collaborative … analytical sharing ***" with ***; and ***.[213]
- One of the ways in which GCHQ works with Five Eyes allies is on countering malign Chinese cyber activities[214] ***. GCHQ told us:
Predominantly, the key allies we have been working with are Five Eyes allies and we have had considerable success **. So a really joined up effort … and I see this continuing to expand into the foreseeable future … we are calling out malign activity, we are trying to impose a cost on those actors *** for acting in that way. ***.[215]
- The Committee was told that China was the single biggest issue at the ***. ***.[216] The Joint Intelligence Committee (JIC) Chair told us that DI had been the primary organisation involved in the mapping activity, and that it had "produced some really good material in which they have gone round the globe drawing on that to assess activity".[217]
- We asked for sight of the product of this mapping activity ***. We were disappointed that it appears not to have fulfilled the agreed brief *** it is concerning that in this instance the Intelligence Community appear to have failed to provide their partners with the required assistance.
Other partners- China is a broad threat with significant geographic reach, therefore the Agencies work with overseas partners beyond the Five Eyes to tackle the China threat:
- In July 2019, the Deputy National Security Adviser (DNSA) told the Committee that some of his most important conversations on China had been with *** around ***.[218]
- GCHQ told us ***[219]. ***[220]. GCHQ also cited the importance of ***, noting, "we will go where the capability is and where the accesses are—they have brilliant accesses ***".[221]
- MI5 cited ***[222] as allowing MI5 to discuss both its operational and protective security role with ***.[223]
- SIS told us in 2019 that it was starting to do some capability-building work ***.[224] SIS told us ***.
***. So most of these countries are very aware of the threat, and are very keen to talk... about how we can work together. So that is quite a promising seam of activity ***.[225]
- The Agencies are working closely with overseas partners to tackle the China threat: they recognise that the UK can tackle the problem only by working with their international counterparts ***. We have also covered the Agencies' work with foreign services in our Inquiry on International Partnerships.
LEGISLATION
- It is clear from our Inquiry that China presents a rather different challenge for the Government, one that it is still struggling to get to grips with and which it may not yet have the right tools to tackle. One of the tools that can be developed and used quickly is legislation. We have already covered the National Security and Investment (NSI) Act 2021 and the Telecommunications (Security) Act 2021 in this Report, and we will need to see what difference both pieces of legislation make; however, at the time of writing we had yet to see legislation introduced specifically to tackle Hostile State Activity (HSA).[226]
The need for new legislation on Hostile State Activity- . The Official Secrets Acts[227] are the only pieces of UK legislation that specifically address HSA.[228] However, the Agencies have previously explained that the Acts are inadequate in countering HSA, since it is not an offence to be a covert agent of a foreign power. The previous Committee concluded in its Russia Report:
it is very clear that the Official Secrets Act regime is not fit for purpose... It is essential that there is a clear commitment to bring forward new legislation to replace it... that can be used by MIS to defend the UK against agents of a foreign power.[229]
- In evidence to this Inquiry, the Intelligence Community told the Committee that legislative change is even more necessary in relation to China. MI5 told us that "a Foreign Agent Registration [Act]-type power, which the Australians and Americans enjoy... [would] have proportionately more effect against ... Chinese activity".[230] A key issue of concern is the theft of non-classified information, which can be difficult to grip because a significant amount of the activity does not currently constitute a serious criminal offence in the UK.
- One example of such a case is from ***, when a suspect was arrested for ***. The material ***. Given the difficulties of prosecuting espionage activities under current legislation ***.[231]
- In the December 2019 Queen's Speech, the Government confirmed plans to introduce a new Espionage Act to provide a legislative framework to deal with HSA.[232] Consideration is also apparently being given to updating treason laws.[233] In September 2020, HMG confirmed that the Home Office was working on a Counter-Hostile State Activity Bill, to create a Foreign Agents Registration Scheme and reform the Official Secrets Act,[234] in line with recent recommendations by the Law Commission (which found that the espionage offences in the Official Secrets Acts 1911-1939 were "very wide but rarely prosecuted", as a result of dated and obscure drafting and complex supporting case law).[235]
- October 2020, the Acting National Security Adviser told us that this Bill would also address issues around foreign interference—with the inclusion of "a package of measures around education, partly support to universities, partly acquiring new tools in which to address that kind of interference".[236] In late 2020, MI5 told the Committee how it had been contributing to the development of the proposed legislation:
So there is a series of different choices and how far you do or don't go around any reform of the Official Secrets Act, there is a series of choices that are not yet landed or settled, but what MI5 is doing clearly is feeding in our perspective on the things that would make a difference and, from where I am sitting, the biggest gap at the moment is around interference. There are still plenty of gaps around espionage, but we do at least have some relevant powers there; whereas the act of being an agent of a foreign power engaged in things against the interests of the UK is one where we think there is a real gap and so I am very pleased that government has the intention to legislate.[237]
- The Integrated Review, published in March 2021, included a further commitment to introduce Counter-State Threats legislation—"when Parliamentary time allows".[238] A consultation on legislation was announced in May 2021 and concluded in July 2021.
- At the time of taking evidence, one of the Committee's key concerns was that any such legislation must introduce an effective "economic espionage" offence—something that the UK Intelligence Community suggested could be an important tool in the battle against China. At present, there are no criminal offences covering economic espionage that are not specifically linked to classified research or technology. A new offence might cover companies, research collaborations, joint ventures, seed funding, venture capital and access to academics and students covertly to obtain Information Data and Intellectual Property to secure commercial advantage against the UK.[239]
NN. Although we have stated this earlier in this Report, it bears repeating specifically in relation to legislation: the length of time it has taken to reform the Official Secrets Acts is unconscionable. Our predecessors were told that the Acts required updating as a matter of urgency in January 2019. Over three years later, we have yet to see the introduction of a Bill. National security legislation ought to be a priority for any UK Government—it is certainly not a matter to be kicked into the long grass by successive Governments.
OO. We recommend that HMG ensure that a Counter-State Threats Bill is enacted as a matter of urgency.
- In 2019, the Committee was told that there were various documents addressing the Government's strategy on China:
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ 'Chinese FDI in Europe: 2018 trends and impact of new screening policies', Mercator Institute for China Studies, 6 March 2019.
- ↑ In February 2023, HMG announced the restructuring of several government departments, including BEIS (which no longer exists). The previous work of BEIS is now being carried out by the Department for Energy Security and Net Zero; the Department for Science, Innovation and Technology; and the Department for Business and Trade
- ↑ 'Third of non-EU university students come from China', The Guardian, 16 January 2020.
- ↑ Written evidence—HMG, 18 April 2019
- ↑ Oral evidence—Raffaello Pantucci (RUSI), 16 May 2019.
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ Oral evidence—HMG, *** October 2020. Global Britain in a Competitive Age: the Integrated Review of Security, Defence, Development and Foreign Policy (the 'Integrated Review') was published on 16 March 2021 and sets out the Government's vision of the UK's role in the world. It contains a number of actions which the Government commits to taking in support of that view. A refresh of the initial Integrated Review was later published on 13 March 2023 (after evidence-taking for this Inquiry had concluded).
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ ***
- ↑ Oral evidence—HMG, *** December 2020.
- ↑ Oral evidence—HMG, *** December 2020.
- ↑ Oral evidence—HMG, *** December 2020.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ *** (MI5 is a 'self-tasking' Agency—i.e. it cannot be directed to investigate or not to investigate an area ***.)
- ↑ ***
- ↑ ***
- ↑ Written evidence—Cabinet Office, 12 June 2019.
- ↑ Written evidence—HMG, 3 July 2019.
- ↑ ***
- ↑ Written evidence—HMG, 3 July 2019.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Since evidence-taking for this Inquiry concluded, the ISU has been transferred back to the Cabinet Office, following the restructure of several government departments (including BEIS) announced in February 2023.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Oral evidence—NSS, *** October 2020.
- ↑ ***
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Known as 'Trusted Research', this was also published in autumn 2020 (Written evidence—HMG, 14 September 2020).
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020. On 11 May 2022—after this Report was completed, but prior to publication—the National Security Bill was introduced in Parliament. The Committee was briefed on the Bill too late for it to be considered in this Report; however, we note that disappointingly the Bill as introduced does not include reform of the Official Secrets Act 1989 or introduce a Foreign Agent Registration Scheme (although the latter was later proposed via a Government amendment at Committee stage of the Bill).
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ Written evidence—HMG, 31 January 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Foreign involvement in the Critical National Infrastructure, Cm 8629, 6 June 2013.
- ↑ There is not a set number of NSIGs—they are created and disbanded according to NSC priorities. In March 2020, we were told that there were 17 NSIGs, including one on China. ***
- ↑ This role has since been renamed Director General Defence and Intelligence.
- ↑ When required, the Agency heads, CDI, and personnel from the Ministry of Defence (MoD) and the Home Office can attend the JPC.
- ↑ If an SRO realises that they suddenly need additional effort midway through the year, they can bid for it as a reprioritisation. If the SRO thinks that this reprioritisation will be a long-term requirement then it will have to be considered as part of the annual round.
- ↑ Oral evidence—*** December 2020.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Oral evidence—DI, *** December 2018.
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Written evidence—HMG, 21 August 2019.
- ↑ Written evidence—HMG, 21 August 2019.
- ↑ Written evidence—HMG, 18 November 2020.
- ↑ Written evidence—HMG, 21 August 2019.
- ↑ Oral evidence—NSS, *** October 2020.
- ↑ Global Britain in a competitive age—The Integrated Review of Security, Defence, Development and Foreign Policy, HMG, March 2021.
- ↑ Global Britain in a competitive age—The Integrated Review of Security, Defence, Development and Foreign Policy, HMG, March 2021.
- ↑ Each organisation records its resourcing and allocation of operational effort differently. Figures provided below relate to percentages of operational effort, financial spend and FTE staff numbers.
- ↑ ***
- ↑ Oral evidence—SIS, *** January 2008.
- ↑ Written evidence—SIS, 28 February 2020.
- ↑ Written evidence—SIS, 18 November 2020.
- ↑ Figures have only been provided from 2005 onwards.
- ↑ Written evidence—SIS, 18 November 2020.
- ↑ These figures include permanent staff and loans/contingent workers. SIS noted in its written evidence of June 2019 that these numbers do not take into account the additional functions that support the China mission, such as *** and wider corporate services etc.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ ***
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Written evidence—GCHQ, 4 March 2020. On *** December 2020, NCSC further explained that as well as those engaged in threat-focused work (i.e. an analysis and investigative point of view ***), there were also people who supported that analytical effort, and those whose work is threat-agnostic *** (although this work is informed by knowledge of the threat posed by China—amongst others).
- ↑ ***. These three operational themes are: International Counter-Terrorism (ICT), Northern Ireland-related terrorism (NIRT), and Hostile State Activity (HSA).
- ↑ Written evidence—MI5, 9 October 2020. MI5 told us that its "operational model dynamically draws on a range of resources within MI5 and beyond" ***. (Written evidence—MI5, 12 June 2019.)
- ↑ Director General MI5 explained: ***. (Oral evidence—MI5, *** October 2020.)
- ↑ JIO has noted that China assessments are produced by several different teams ***.
- ↑ However, the team also receives support from other teams working on HSA, economic assessments ***.
- ↑ ***
- ↑ Written evidence—JIO, 8 March 2021.
- ↑ Oral evidence—JIO, *** October 2020.
- ↑ Written evidence—DI, 13 June 2019, 4 September 2020.
- ↑ Oral evidence—DI, *** December 2020.
- ↑ Written evidence—DI, 13 June 2019.
- ↑ From 1 April 2021, the Home Office moved to a new structure and the work of the Office for Security and Counter Terrorism (OSCT) is now carried out by Homeland Security Group. Therefore, OSCT is now referred to as Homeland Security Group.
- ↑ Senior staff have not been counted in this number, although a portion of their work will involve China-related issues. Homeland Security Group also notes that its contribution to the Home Office's China effort is wider than stated above "as there are a number of areas (such as Border Security, HSA strategy and Counter-HSA legislation) where policy work is thematically rather than geographically focused". ***. (Written evidence—OSCT, 28 February 2020.)
- ↑ Written evidence—OSCT, 28 February 2020.
- ↑ Written evidence—OSCT, 14 June 2019.
- ↑ Written evidence—OSCT, 28 February 2020.
- ↑ The Cabinet Office notes that its China team draws on China expertise from across Whitehall and that the majority of HMG work on China is done in other government departments. (Written evidence—HMG, 18 November 2020.)
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—*** July 2019.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Oral evidence—SIS, *** October 2020.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Written evidence - HMG, 21 May 2021.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ A 'Whitehall Customer Group', chaired by the Deputy National Security Adviser, with the Foreign, Commonwealth and Development Office (FCDO), MoD and Home Office representation, will meet annually to establish a single national statement of prioritised outcomes to be supported by offensive cyber. This process will be informed by customer requirements articulated through the IOP process and by COBR, Armed Forces operational requirements, MoD contingency plans and law enforcement demands, amongst others. These engagements aim to provide assurance to departments that their requirements have been considered and prioritised appropriately.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Written evidence—HMG, 21 May 2021.
- ↑ Written evidence—MI5, May 2019.
- ↑ Written evidence—MI5, May 2019.
- ↑ Written evidence—MI5, March 2020.
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ MI5 website.
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Compared with ***% for Russia. ***% of MI5's effort is focused on counter-terrorism work. (Oral evidence—MI5, *** October 2020.)
- ↑ MI5 prioritises its work using the *** model. This model (***) aims to "drive operational outcomes ***". It is used to prioritise *** to ensure MI5 delivers long-term *** against its core intelligence requirements. (Written evidence—HMG, 18 April 2019.)
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Written evidence—MI5, 11 June 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Written evidence—GCHQ, 31 January 2020.
- ↑ Written evidence—MI5, 16 November 2020.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—NCSC, *** October 2020.
- ↑ CPNI.gov.uk/trusted-research
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—NCSC, *** October 2020.
- ↑ Written evidence—MI5, 12 June 2019.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Including the Counter-espionage Law (2014), the National Security Law (2015), the National Cybersecurity Law (2016), the National Intelligence Law (2017) and Personal Information Protection Law (2021).
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Elisabeth Braw with Franco Palazzolo, 'Emerging Insights: How Ride-Hailing Businesses Collect and Manage Data: A National Security Risk?', Royal United Services Institute (RUSI), 4 October 2021.
- ↑ China's use of Academia to influence free speech and obtain information beneficial to its objectives is covered in our Case Study on Academia.
- ↑ Written evidence—MI5, 31 July 2020.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—JIO, *** July 2019.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ Written evidence—JSTAT, 31 May 2019.
- ↑ Oral evidence—JIO, *** October 2020.
- ↑ Written evidence—HMG, 21 January 2020.
- ↑ Written evidence—HMG, *** April 2019; the Agencies focus their efforts on ***.
- ↑ Oral evidence—HMG, *** July 2019.
- ↑ The United Front Work Department (UFWD) is an arm of the CCP, which has a remit to engage in operational activity with in China and overseas with the purpose of ensuring that potential critics and threats to the CCP are influenced, co-opted or coerced into silence. UFWD's remit includes engaging in political influence and interference operations overseas, to ensure that politicians and high-profile figures in foreign states are supportive of the CCP, or at the very least do not criticise China or counter its narrative.
- ↑ Written evidence—MI5, 24 September 2020.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Written evidence—MI5, 24 September 2020.
- ↑ Oral evidence—*** October 2020.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Oral evidence—*** December 2020.
- ↑ Written evidence—SIS, 18 November 2020; Oral evidence—GCHQ, *** October 2020.
- ↑ Oral evidence—SIS, *** July 2019; Oral evidence - SIS, *** October 2020.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ The IOP process was established in March 2020, although as previously noted it may be reviewed following the Integrated Review.
- ↑ Written evidence—HMG, 14 October 2020.
- ↑ Written evidence—HMG, 30 August 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Written evidence—GCHQ, 31 October 2018.
- ↑ Written evidence—GCHQ, 31 October 2018.
- ↑ Written evidence—GCHQ, 31 October 2018.
- ↑ Oral evidence—DI, *** December 2020.
- ↑ Russia, HC 632, 21 July 2020.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ In some instances in this Report, we have substituted an ISC-specific code word where it has been necessary to refer to the name of an operation or project, in order to protect classified information. No significance is intended by, nor should be inferred from, the matching of code words to real operation names. The ISC code words have no operational significance.
- ↑ Written evidence—GCHQ, 18 June 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ PROTECT work focuses on protective security.
- ↑ Written evidence—GCHQ, 20 June 2019.
- ↑ Oral evidence—HMG, *** December 2020.
- ↑ Written evidence—GCHQ, 31 January 2020.
- ↑ The National Cyber Force (NCF) was launched in April 2020. The NCF is a distinct operational entity, a partnership between GCHQ and the Ministry of Defence, also incorporating elements from SIS and the Defence Science and Technology Laboratory. The NCF is intended to deliver an increase in the UK's cyber capability and carry out its programme of offensive cyber.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Written evidence—GCHQ, 21 May 2021.
- ↑ Written evidence—GCHQ, 12 June 2019.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Written evidence—GCHQ, 12 June 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Oral evidence—*** October 2020; Oral evidence—*** December 2020.
- ↑ Oral evidence—*** October 2020.
- ↑ Oral evidence—HMG, *** October 2020.
- ↑ Written evidence—GCHQ, 12 June 2019.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—*** July 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ Written evidence—HMG, 18 April 2019.
- ↑ ***
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ In July 2022, the Director of the Federal Bureau of Investigation (FBI) gave a joint address to industry with Director General MI5, in which he referred to work with the UK on the Chinese cyber threat and said that "together [with MI5] we can also run joint, sequenced operations that disrupt Chinese government cyber attacks".
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Written evidence—HMG, 9 August 2019.
- ↑ Oral evidence—JIO, *** October 2020.
- ↑ Oral evidence—NSS, *** July 2019.
- ↑ Oral evidence—GCHQ, *** July 2019. ***.
- ↑ Oral evidence—GCHQ, *** October 2020.
- ↑ Oral evidence—GCHQ, *** July 2019.
- ↑ ***
- ↑ Oral evidence—MI5, July 2019.
- ↑ Oral evidence—SIS, *** July 2019.
- ↑ Oral evidence—SIS, *** October 2020.
- ↑ The National Security Bill was introduced in Parliament on 11 May 2022, after the Committee had finished taking evidence for this Inquiry. However, we note that the Bill, as introduced, does not include reform of the Official Secrets Act 1989 or introduce a Foreign Agent Registration Scheme (although the latter was later proposed via a government amendment at Committee stage of the Bill).
- ↑ 1911, 1920 and 1939.
- ↑ Other than the 'ports stop' power introduced in the Counter-Terrorism and Border Security Act 2019. 'Queen's Speech December 2019: back ground briefing notes' (HMG, December 2019) states that the Counter-Terrorism and Border Security Act 2019, which received Royal Assent in February 2019, confers the power to stop, question, search or detain any person entering the UK (it is not necessary for there to be a suspicion of engagement in hostile activity in order to do so). These provisions were closely modelled on the 'Schedule 7 port stop' power provided for in the Terrorism Act 2000.
- ↑ Russia, HC 632, 21 July 2020.
- ↑ Oral evidence—MI5, *** July 2019.
- ↑ Oral evidence—MI5, *** December 2020.
- ↑ 'Queen's Speech December 2019: background briefing notes', HMG, December 2019.
- ↑ 'Queen's Speech December 2019: back ground briefing notes', HMG, December 2019.
- ↑ Written evidence—HMG, 14 September 2020.
- ↑ Law Commission Report, Protection of Official Data, September 2020.
- ↑ Oral evidence—NSS, *** October 2020.
- ↑ Oral evidence—MI5, *** October 2020.
- ↑ Global Britain in a competitive age—The Integrated Review of Security, Defence, Development and Foreign Policy, HMG, March 2021.
- ↑ Written evidence—HMG, 18 April 2019.