28

 

Joint Committee on the National Security Strategy

Oral evidence: Undersea cables

Tuesday 30 June 2025

4.30 pm

 

Watch the meeting

Members present: Matt Western (Chair); Liam Byrne; Bill Esterson; Mr Tanmanjeet Singh Dhesi; Baroness Fall; Baroness Kidron; Sir Julian Lewis; Mike Martin; Edward Morello; Lord Sedwill; Lord Tunnicliffe; Baroness Tyler of Enfield; Lord Watts.

Evidence Session No. 6              Heard in Public              Questions 57 - 72

 

Witnesses

I: Sir Chris Bryant MP, Minister of State for Data Protection and Telecoms, Department for Science, Innovation and Technology; Kevin Adams, Deputy Director for Telecoms Security and Resilience, Department for Science, Innovation and Technology; Luke Pollard MP, Minister for the Armed Forces, Ministry of Defence; Paul Wyatt, Director-General for Security Policy, Ministry of Defence.

 

Examination of witnesses

Sir Chris Bryant, Kevin Adams, Luke Pollard and Paul Wyatt.

Q57            The Chair: Welcome to today’s meeting of the Joint Committee on the National Security Strategy. Today, I am very pleased to say that it is the final evidence session on our undersea cables inquiry. We have with us the Minister for the Armed Forces and the Minister for Data Protection and Telecoms. Can I start by asking our witnesses to first introduce themselves?

Luke Pollard: I am the Minister for the Armed Forces.

Sir Chris Bryant: I am the Minister for lots of things, including data protection and telecoms. I have just been giving evidence on space to another committee.

Kevin Adams: I am a deputy director in the Department for Science, Innovation and Technology, responsible for telecoms security and resilience.

Paul Wyatt: I am the director-general for security policy in the Ministry of Defence.

The Chair: Thank you very much. We have taken a huge amount of evidence over the last couple of months from across industry and all the sectors, with a lot of written evidence as well as the oral evidence that we have had. In your own department’s evidence, Minister Bryant, from DSIT, it was highlighted that there are something like 14 departments and agencies involved in the governance of this area of subsea cables. A lot of businesses and industry organisations are involved, as well as international partners. Can you give us an idea of who is in charge?

Sir Chris Bryant: I am.

The Chair: So you have overall responsibility for all those departments.

Sir Chris Bryant: I have responsibility for the telecoms aspect and, therefore, economic security. The Ministry of Defence has responsibility for defence and potential attacks on the UK. There is a series of other departments that have specific responsibilities, but the lead department in relation to subsea cables is DSIT.

The Chair: Has that always been the case? Was it the case before you started in your role?

Sir Chris Bryant: That I am aware of, yes. Luke and I work very closely together, and there are some areas where MoD is more to the fore, but it does not feel like it is chaotic.

The Chair: In talking to the sector and to various organisations, it does sound incredibly complex. That is not to say that you do not have a grip on it, but this sector reaches into so many domains of our economy, not just in defence. In terms of how the power supply market is organised, we have a single organisation, NESO, which is the system operator that co-ordinates and is, in essence, the brain for it. Is there a need for something similar when it comes to subsea cables and the provision of data that comes from that?

Sir Chris Bryant: I am not convinced that there is a need for that. You are absolutely right that there are a number of organisations that are designed to ensure either the resilience or the repair, or to make sure that the connectivity to other parts of the economy is maintained, but they are all discrete. As things stand, I do not think that it is broken, so I am not all that minded to fix it. As a committee, you might come to a different conclusion and persuade us otherwise. I do not know whether Luke has a different perspective.

Luke Pollard: The way that the Ministry of Defence looks at this is from the threat perspective. We have had undersea cables, under the Atlantic in particular, for a very long time now. By and large, they were reasonably protected by merit of their depth. It is certainly true that, in this new era of threats, where new technology means that the depth of those cables under the ocean is no longer a guarantor of their safety—that is certainly true of the cables that travel through the littoral areas and the landing stations on land—there is an increased threat to them.

The increased threat has certainly driven more attention to the wide range of responsibilities that sit across government for different aspects of this. There is a temptation to say that, because there are a number of lead departments that look at a different area of it, it is a system that does not work because there is not one person who controls them all, so to speak.

That is not our perspective. We are quite clear from a Ministry of Defence point of view about what the MoD equities are in terms of our role. We do not feel that there is another government department that steps on our toes in that respect, and we also feel quite comfortable in being able to work with our DSIT colleagues at both ministerial and officials level to understand where we are up to.

This is something that you may come on to, Chair, but the legislative framework that now governs that is in a different place from perhaps the day-to-day operational experience that we have across government, where there is good day-to-day information sharing across the base, but the legislative underpinnings are reasonably dated.

Sir Chris Bryant: A recent issue that we are looking at is where to put offshore wind farms. One of the questions that the whole of government has to look at is, “Where is suitable and where is not?” Some areas are unsuitable for other MoD reasons, but some are unsuitable because of subsea cables or because of shipwrecks, responsibility for which belongs to DCMS. All of this is managed by the Crown Estate. We have managed to work out who is responsible for what, and it has not been problematic.

The Chair: We will come on to that a bit later. I understand that DSIT has a subsea infrastructure response group, the Home Office has the Joint Maritime Security Centre, and NATO has the Maritime Centre for the Security of Critical Underwater Infrastructure. What is the relationship, Minister Bryant, between those three?

Sir Chris Bryant: There is the European Subsea Cables Association, which we are affiliated to as well, and the International Cable Protection Committee, which was signed up to. The ITU has an International Advisory Body for Submarine Cable Resilience. We are an island nation, and so we are more reliant on subsea cables than most other countries. We want to make sure that all of these work together, and that is what we work on.

Kevin Adams: The Joint Maritime Security Centre is really important. As well as the Home Office, the Department for Transport and Ministry of Defence are part of that. As the Minister said, there are a large number of organisations, but I would add that quite a lot of our work in DSIT, as the lead government department, comes under the broad umbrella of the national risk register, which is a Cabinet Office-owned resilience strategy. The Cabinet Office has an overall policy co-ordination role for subsea infrastructure across energy and telecoms.

Sir Chris Bryant: It is worth saying that, when there is a breakage here in the UK, we repair it within eight days on average, whereas the international average is 30 days. I am not complacent about it, but I would argue that we are doing a fairly good job.

The Chair: The Government state that the Cabinet Office co-ordinates cross-department policy development on subsea infrastructure. What has it achieved recently against that policy, Minister Bryant?

Sir Chris Bryant: It has achieved a very close assessment of the potential risks, some of which MoD might want to speak to. One thing that we have done as a result of that assessment since we came into office last July is to add data centres to the critical national infrastructure process. That is part of recognising the risks that there would be to the UK economy if any of this process were disrupted, either accidentally or deliberately.

The Chair: How does its co-ordination role differ to your own?

Sir Chris Bryant: The Cabinet Office has the power to gather a sub-committee of Cabinet, which DSIT does not on its own. In the normal day-to-day business, it is DSIT that leads on this. It is only when we need to bring together a Cabinet sub-committee that the Cabinet Office will be brought in.

The Chair: Finally, ESCA, which you mentioned a moment ago, has called for a cross-government subsea infrastructure protection strategy. Is that something that you would support?

Sir Chris Bryant: I would argue that, broadly speaking, that is what we have. Whether it would be wise for us to publish such a document is another matter, because some of these considerations, as you will have experienced from the briefing that you have had, run very close to national security issues.

Q58            Mike Martin: Thanks very much for your comments there. Minister Pollard, could I just pick up something on risk? The MoD deals with the threat side of it. The majority of our cables are across the Atlantic. We have quite a lot to the Low Countries—to France, Belgium and the Netherlands—a few to Scandinavia and two to Shetland, for example. Would you say that the risk is equal to all of those cables?

Luke Pollard: We also have cables connecting some of our overseas territories, and some aspects further afield. The risk is different based on the value of the target, the opportunity costs of reaching the target, and the experience and capabilities that any adversary may have in getting there.

There is certainly a newfound understanding that our cables are a target. While this was not really spoken about a few decades ago, it is now a regular topic of conversation in terms of the overall threat. It is certainly true that, as more data is travelling across the transatlantic cables than ever before, and we have become more reliant on data for the health of our industry, the value of that connectivity has increased, but I would say that there is a residual risk.

Mike Martin: In different geographical areas, would you say that the risk is equal?

Luke Pollard: There is certainly a risk that exists for all cables, and there may be additional risks that exist beyond that, given the location of certain cables and the resilience, or lack of resilience, that may feature for certain connectivity that may exist.

Mike Martin: Could you name any of the higher-risk cables?

Luke Pollard: I probably would not want to in a public setting such as this.

Sir Chris Bryant: If one of the transatlantic ones goes down, the sector will rapidly move to other routes. It will find other ways of getting information around. It is more difficult if there is a single cable to an island, and that cable is lost. That just stands to reason.

Mike Martin: Shetland is one example. Contingency is a great point, which I will come back to in a second, if I may. If we have equal risk across all our cables, but perhaps one or two of them are higher risk, the national risk register recognises the risks only to our transatlantic cables. Should we broaden the scope of the entry in the risk register so that all the geographic locations of our cables are recognised there?

Sir Chris Bryant: It is a bit of a moot point about how we recognise things in the risk register. We need to develop resilience for the cables themselves and the ability to repair them quickly. We also need to develop resilience in terms of other means of maintaining the same level of connectivity, which is why part of DSIT’s work is looking at other things that we might be able to do via satellite and, in particular, looking at optical intersatellite links and whether we might be able to use alternative means of securing the same kinds of data speeds.

Mike Martin: Why is it a moot point that different cables are not recognised in the risk register?

Kevin Adams: The greatest risks to cables in UK waters are from the maritime and fishing industries or natural hazards. Those will be concentrated, depending on the geography and location. When we talk about the importance of cables, the two particular factors that we would look at are around capacity and latency. We have some of our particular high-capacity cables connecting us to Europe, and some of the low-latency transatlantic cables are important for some sectors, particularly the finance sector.

On your point on the risk registers, though, we keep them under continuous review, so we are looking at that. There are good reasons why we particularly look at the transatlantic cables as a reasonable worst-case scenario, and part of that is that the resilience in our connectivity to Europe is very strong, including through the Channel Tunnel, which provides very strong and very high-capacity connections to Europe.

Mike Martin: Thank you very much, Mr Adams. I can put some figures to that. There is 8,000 terabytes per second of capacity between the UK and Europe, and only 850 terabytes per second from the UK to the US. Minister Bryant, you said earlier that, if one gets cut, we will reroute. If the transatlantic cables get cut, we will go across to the continent through that 8,000 terabytes. So far, so good, but between Europe and the US there is only 2,200 terabytes, so only twice what we have between the UK and the US.

Do we know how much spare capacity there is in these? We say quite glibly that we are going to reroute stuff, but have we studied the amount of spare capacity in the system at any one time that would allow us to do that?

Sir Chris Bryant: You are presuming that all 12 transatlantic cables would be cut at the same time.

Mike Martin: My general point stands. Do we have an assessment?

Sir Chris Bryant: It is an important point.

Mike Martin: Two of the cables carry four-fifths of the capacity. They land at Bude in Cornwall. It is relatively reasonable to assume that we might knock out 600 of that 800 terabytes by cutting two cables. Have we studied the capacity across the network? Do we know where there is extra capacity to do this rerouting? We hear all the time that, if it gets cut, we will reroute it. Do we know exactly, with hard numbers, that we can do that?

Sir Chris Bryant: We are very confident that it would be fine, yes. If you are going to the point of saying that all transatlantic cables would be cut at the same time, that is quite an ask and, I would argue, an unlikely scenario to be basing our risk on.

The Chair: To be fair, Minister, there are two cables that come into one landing point, which account for 75% of that traffic. That is a substantial vulnerability, is it not?

Sir Chris Bryant: If they were lost, they would reroute. We are confident of that.

Mike Martin: These two cables—the Grace Hopper and the Amitié—both go into Bude. If we cut them, we would have to reroute 600 terabytes of data overnight. Are we happy that we could fit that 600 terabytes of data into the 2,200-terabyte cable that, one assumes, is already busy between Europe and America?

Kevin Adams: I would just add to what the Minister has already said. There is redundancy in the cable network. Of course, some cables that particular sectors rely on and are low latency are particularly important to those sectors. The lead government departments for those sectors will lead contingency arrangements for those particular sectors. If particular cables were lost, data would be rerouted, but there could be a cost to the speed of transmission, so we accept there would be an impact on those sectors. That is partly what underpins a lot of the resilience work that we do, and why, in the national risk register, we have a focus at the moment on those transatlantic cables.

Q59            Edward Morello: Mr Pollard, I would just like to return to a point that you were making earlier, which was that, traditionally, undersea cables have been protected by virtue of being buried deep under the sea, and the complexity of deliberately targeting them being such that it is historically quite rare. However, we have heard evidence from industry experts who have pointed to one of the key vulnerabilities to undersea cables being the points at which they are not undersea any more, so the landing points. Do we designate those landing points as critical national infrastructure? If we do not, should we?

Luke Pollard: That is a fair question. The protection of the landing points moves, in effect, from being an MoD responsibility to one for the civilian authorities that would police the critical national infrastructure on land in that respect.

You are right to say that the risk varies. If you take a cable that goes from one side of the Atlantic to the other, there are areas where it is on land in the landing spot, then in littoral waters, where the depths are not as deep to reach the cable, and then throughout its journey across the North Atlantic at varying depths.

Depending on the technologies that could be used, you would see different levels of risk or different threats to that cable at different locations. It is certainly true that we try to take a risk-based approach when looking at the protection of the entire cable. Developing incredibly high-end capabilities to seek to get at a cable at its midpoint, perhaps at its deepest, compared to developing what might be less high-tech risks—

Edward Morello: So a bottle of whisky with a rag in it.

Luke Pollard: —at the other end, would certainly lead to different types of risks that need to be managed along the way.

In the strategic defence review, we have identified the Royal Navy as, in effect, the lead co-ordinator for defence’s equities in protecting those cables. Where they come on land is an area that we would be passing on to some of our other colleagues across government to identify.

That does not necessarily mean that there is not a risk that exists throughout the length of the cable. Indeed, depending on where the onward transmission is when it reaches land, there remains a risk in there. In terms of our approach, at what point is that identified as critical national infrastructure from our point of view? We look at critical underwater infrastructure, where there are varying degrees of risk, depending on the location—

Edward Morello: Minister, I am going to let Sir Chris jump in before he bites his own arm off.

Sir Chris Bryant: Sorry. The answer to your precise question is yes. In September last year, this is one of the changes that we brought in, so the whole of the data infrastructure process is now part of the critical national infrastructure.

Edward Morello: To Mr Pollard’s point, when we heard from the Police Federation, it talked about the fact that there were processes in place, but also that it is really at a crisis point that its responsibility for taking action kicks in. If we have designated it as critical national infrastructure, are you satisfied that the level of protections that we have in place around those landing points are adequate to the risk that we may face?

Sir Chris Bryant: It is something that we keep under review on a regular basis, and we have to assess it all the time. I am not going to come here and say, “No, I am not”, because that would immediately be inviting everybody to come along and breach whatever security measures we have in place.

Edward Morello: Do we have the correct weighting between the responsibility of the state to protect those points and what we are asking the commercial providers to provide as security around those?

Sir Chris Bryant: I think so, but I am happy to write to the committee on how that plays out locally.

Q60            Mr Tanmanjeet Singh Dhesi: Minister Pollard, if there is a concerted and co-ordinated attack by our adversaries, who exactly is in charge of mapping the sectoral impacts?

Luke Pollard: You have two sides of that coin. The first is the risk that you manage in the first instance to deter any attack. You then have the process of attribution to look at who did it, and then the mitigation of the consequences of that on similar geographically located infrastructure and more widely. Defence would look after elements of the protection in the marine environment against certain threats, a cable drag for instance. An accidental anchor drag, or being caught up in the fishing industry, might not necessarily be one where defence equities would be applied, but where we have seen, or it is suggested there could be, malign intent, that is where you would see more defence involvement. Broadly, the consequences of managing impacts would be led by DSIT.

Mr Tanmanjeet Singh Dhesi: Minister Bryant, as DSIT, what are the results of your assessments of severe, protracted disruption?

Sir Chris Bryant: It would be severe.

Mr Tanmanjeet Singh Dhesi: Great.

Sir Chris Bryant: It is a serious point. If all or a substantial proportion of the transatlantic cables were cut, or two of the most significant ones, whether accidentally or deliberately, that would lead to very significant disruption to the internet, to all the essential services, to data services and to financial transactions. There would be very substantial disruption to the state, which is why we take the matter seriously.

Mr Tanmanjeet Singh Dhesi: We heard evidence recently from both the police and the ambulance services. In terms of our nation’s preparedness, they advise that their strategic reliance on this is considerable. Have you mapped critical government dependencies recently? What were the results?

Sir Chris Bryant: I do not know precisely what you mean by that.

Mr Tanmanjeet Singh Dhesi: Each sector has its own issues. The police and ambulance services have their particular issues.

Sir Chris Bryant: The police and ambulance services rely on a mixture of services, including telecoms, which is why we have specific provisions for them. Some of those are nothing to do with subsea cables, but might be to do with mobile or satellite telephony. Our assessment is that, even if you were to cut off all the transatlantic cables, there would be disruption for some period, but it would reroute fairly quickly, within a matter of hours.

Mr Tanmanjeet Singh Dhesi: In terms of other critical government dependencies apart from the police and ambulance services, you are fairly comfortable that any attack on undersea cables could be well managed.

Sir Chris Bryant: Losing the internet for a time is immensely disruptive to large parts of the economy and to the way that people live their lives, including the dependencies that you have talked about. These issues are addressed in the meetings that we have in the various groupings. I do not want to sound complacent in any sense at all, but I am confident that we would be able to find a workaround fairly quickly.

Mr Tanmanjeet Singh Dhesi: You will be aware that the financial sector, in particular the City of London, contributes an incredible 8.8%, or well in excess of £200 billion, to our total economic output. We heard recently during our evidence sessions that the financial sector had not, in fact, undertaken any collective assessments of its overreliance on undersea cables. Do you plan to address that in any way?

Sir Chris Bryant: Strangely, one advantage of the fact that we have roughly one breakage a month, or roughly 12 a year—all accidental ones, so far as we can see, either because of storms and damage in the sea, or from trawling of some kind or other—is that we are quite well practised at making sure that we are resilient and can respond quickly. As I say, on average, we have a repair within eight days, and, in the main, most people would not have noticed that these things have happened. The one exception is Shetland, where there were problems.

Mr Tanmanjeet Singh Dhesi: I completely understand the issues around the October 2022 incident with the Shetland Islands and the severe disruption. My question was with regard to the financial sector. Perhaps, Mr Adams, you could advise. How do you plan to address the fact that the financial services sector has not undertaken any assessment?

Kevin Adams: Under the Cabinet Office’s resilience strategy, we work on critical cables and the impacts of certain cables going down. I would emphasise what the Minister said, which is that, while individual cables will be vulnerable, our connectivity and our resilience as a whole is very good, and that is mitigated in many ways.

I do not want to give what sounds like an overly bureaucratic answer, but, under the lead government department model within the Cabinet Office, the Treasury would be the lead department for looking at the resilience of the financial sector to a number of risks. We do, of course, work with companies in the financial sector on these issues as well, and individual companies in some sectors have commercial rerouting arrangements in place.

Mr Tanmanjeet Singh Dhesi: It seems to me that there are several gaps, and different people seem to be in charge of different things. If the Treasury is in charge of that, it would be advisable for the financial services sector to undertake a collective assessment on this. Otherwise, that could be a major gap, and our economy could suffer a significant detriment as a result.

Let me move on to internet traffic to round off my set of questions. Some witnesses to our committee have suggested that, if internet traffic is severely limited, you might need to prioritise certain critical public sector data. Minister Bryant, are you confident that you could make that happen speedily? How would that work in practice?

Sir Chris Bryant: We are slightly overegging this pudding, if you do not mind me saying. We have 64 subsea cables, which is a higher number than islands of our size would normally have, 50 of which are active. There are vulnerabilities, but I do not want to exaggerate the vulnerabilities that we have. The kind of apocalyptic experience that we are talking about could happen, theoretically, if a lot of things happened accidentally at the same time, or if a hostile actor were to deliberately try to make them happen.

We have in place a significant number of mitigations to make sure that they do not happen, and I am confident that, in the worst example that we have referred to, of all Atlantic cables being breached at the same time, within hours, the internet would be able to divert and reroute through other means.

Mr Tanmanjeet Singh Dhesi: I would beg to differ on that. Nobody is thinking here of an apocalyptic set of circumstances. If we look at what happened recently with Heathrow, for example, nobody was anticipating that, and that had a massive effect, not just on my Slough constituency, but on the whole nation.

Our job as the Joint Committee on the National Security Strategy is to look into these aspects and to ensure that we are prepared. These questions about preparedness are very important for us, because, if something was to happen—for example, as happened in the Shetland Islands, as you rightly pointed out—it would have a devastating impact on conditions. How would you prioritise certain critical public sector data? Are you confident that that can happen in a speedy manner?

Sir Chris Bryant: The reason why we have the various groups that we do is precisely to have plans to deliver in those sets of eventualities. I am confident that they are robust. I do not want to lay them all out in the public domain.

Mr Tanmanjeet Singh Dhesi: Okay, as long as you think that they are robust. Thank you.

Kevin Adams: I can add a bit more detail. You are asking about our response plans. These have improved a lot in the last couple of years. DSIT chairs a subsea infrastructure response group, which is a government-facing group that we would call in a serious incident. It also includes Cabinet Office colleagues, so that could be elevated to a COBRA meeting if appropriate, which has all the relevant groups there.

DSIT also chairs, under the subsea cable industry group, an incident response working group, which brings together all of industry. With that group, over the last year, we have developed a national emergency plan for subsea fibre-optic cables, which can be initiated. It has all the features of those incident response plans, including working with industries and sectors, in an extreme emergency, on how we would prioritise traffic, repair and so on in those circumstances.

Q61            The Chair: I just want to pick up an earlier point from Mr Adams or Minister Bryant about His Majesty’s Treasury doing the assessment. Does it not really fit with DSIT doing that assessment? In essence, you have overarching responsibility for what we might call the superhighway network. You are the provider of that. You are the ultimate authority, as you said in your opening remarks. Surely, it is not down to HMT or individual departments to establish whether it might work for them. If you do not accept that, will you be pressing for HMT or the industry to do an assessment?

Sir Chris Bryant: I do not think that I mentioned HMT.

Kevin Adams: If I may, I can clarify. DSIT leads on the assessment of the critical cables, why they are critical, and what the vulnerabilities and impacts would be for the economy. We lead that analysis and are the experts in that. What I was suggesting is that, at some level of detailed response planning, the lead government departments have a responsibility for their sectors. For example, in terms of subsea cables, there could be impacts, in an extreme emergency, on shipping and just-in-time deliveries. We will map and understand that, but it would also be for the Department for Trade and others to get into detailed contingency arrangements in terms of how their sectors would respond in that scenario.

The Chair: The committee’s concern about that is that this just falls between the slats of different departments, in the belief that someone else is looking at the issue. UK Finance, which we heard from, really did voice concerns about it. Having been through the pandemic, the concerns then were that certain voices were not listened to earlier. The question really is this: should either the Cabinet Office or DSIT be insisting that different departments insist on an assessment being done particularly for the financial sector, given its importance?

Sir Chris Bryant: It is a legitimate point, but the point that I am trying to make is that we are pretty well co-ordinated between departments, in fact. It sounds too casual to you, because different departments inevitably have a responsibility for the sectors within their portfolio, but it is a single government subsea infrastructure response group. It is a single government subsea communication cables industry group, and so on. All these things are co-ordinated. They are not as haphazard as I think you are worrying that they might be.

Q62            Liam Byrne: I just want to push this, because the national security strategy put a great emphasis on a whole-of-society approach to tackling security challenges, including economic security challenges. Are you able to reassure the committee today that every department that you work with has in place effective arrangements for bringing together the public and private sector to war-game scenarios, as well as contingency arrangements, for if something catastrophic happens to subsea cables?

Sir Chris Bryant: I think so, but, to be absolutely clear, I am very happy to write to the committee, because I am not sure whether I have spoken to the Welsh or Scottish devolved Administrations, which would be as much a key part of what we would need to do as anything else. Let me write to be absolutely certain.

Q63            Lord Tunnicliffe: I have a very simple question, which you have partly answered. Have you war-gamed any of these scenarios? If your letter could say yes, and how extensive that war gaming was, that would be reassuring.

Sir Chris Bryant: War-gaming sounds very MoD, but I know what you mean, which is playing out different scenarios to see whether, in each one, we would be able to respond adequately.

Lord Tunnicliffe: Yes, playing them out, with the agents of other agencies participating in that.

Sir Chris Bryant: We have already done that under both the previous and the present Government, and will continue to do so. You asked me whether I would write to that effect as well, and we will.

Mr Tanmanjeet Singh Dhesi: Just to build upon that war-gaming scenario, our internet services rely heavily on data centres. I am sorry to have to mention my constituency again, but Slough is the Silicon Valley of Europe, in that there are more data centres there than anywhere else on the planet, apart from Virginia in the US. Has any exercise been undertaken to assess how, if there was an outage in Slough, that would impact our wider economy and, in particular, internet services? It would be good to know whether a case study has been undertaken with respect to Slough.

Sir Chris Bryant: I am not aware of a particular one in relation to Slough, but you make a bigger point, which is about data centres. One of the odd things about where we have got to in relation to data centres is that we do not have a list of all the data centres in the UK. There is no requirement in law for anybody to register the fact that they are opening up a data centre. The concept of a data centre covers many things, from something very small to something very large. One reason that we wanted to bring data centres and this whole structure into the critical national infrastructure is to have an opportunity to look underneath the bonnet a bit more.

Q64            Baroness Tyler of Enfield: I just wanted to focus on the adequacy of the legal protections, and the legal basis for taking action in this area. The evidence that we have received suggests that the current legal situation is somewhat obscure, arcane and, shall we say, ambiguous, and has questioned whether we have sufficient legal protections.

First, what actions have you taken since taking office to understand and strengthen the legal basis for prosecuting those involved in suspicious activity, be they private or state actors? Secondly, what plans do you have to update the 1885 Submarine Telegraph Act and, indeed, the Criminal Damage Act of 1971? I know that, in the strategic defence review, you committed do some sort of review of these Acts. What practical differences would updating those Acts provide? I do not know whether that is for both of you, or quite who leads on the legal side.

Luke Pollard: It is probably for Chris to start off.

Sir Chris Bryant: I thought that you were very authoritative on this the other day.

Luke Pollard: Shall we try, then?

Sir Chris Bryant: Yes, go on. You go first.

Luke Pollard: You are right that the 1885 Act places the dizzy heights of a £100 fine on an intervention on one of our cables, which does seem somewhat out of step with the modern-day risk. There is a real challenge in looking for the right way to update that. Since that Act came into force a very long time ago, there are certain additional restrictions or abilities placed on states. For instance, under UNCLOS—the United Nations Convention on the Law of the Sea—there are abilities for states to operate in other people’s waters through safe passage, freedom of navigation and elements like that.

When looking at how we defend our cables, you have a legal basis for what is, in effect, sabotage and how you would prosecute it under the current legislation. You also have a legal dimension as to how you interdict, deter, attribute or, ultimately, prosecute anyone who may be undertaking malign or dangerous activities that are contributing to a cable break.

Against that, we have identified that this is an area that could be looked at again. That is why the strategic defence review talked about creating a defence readiness Bill, probably in a later Session of Parliament during this Parliament. We have identified a legislative vehicle for defence because, not just on cables but on quite a lot of other areas, the legislation that we inherited may be operational for a peacetime scenario, but it does not necessarily always lead up until crisis into conflict.

For peacetime and conflict, there are two good sets of legislation that exist in our system but, in the build-up between the two, perhaps less so. If you are looking at how grey zone threats in particular manifest in the 21st century, it is legitimate to question, “At what point is someone at war?” On the simple basis of Article 5 of the NATO treaty, if Russia were to roll tanks into the Baltic states, it would be reasonable for the Atlantic Council to then take a position that that is an attack on one and so an attack on all. In the situation where there are cyberattacks or potential threats to our undersea infrastructure, the moment where you move from peace to conflict might be less certain.

Because of that, we have identified that as an area where it is prudent to undertake more work, both in terms of how the UK would respond and how we would update our activities around our reserve forces and other aspects, but also in respect to having a legislative vehicle so that we can then say to our colleagues across government, “There is a vehicle here that may be suitable for updating certain aspects of this”.

Given that it is not likely to be immediately implemented or introduced to the House, it gives the Government, across departments, the opportunity to say, “There is a legislative vehicle here, if we choose to take it”. That is where the conversations now are on a cross-government basis since the publication of the strategic defence review and national security strategy, which, in effect, identified broad risks.

As a department, the MoD is looking at how we implement the SDR and, in relation to the topic today, what powers we think we need in order to deter, but also to attribute and then to prosecute if required. Prosecution would be a responsibility elsewhere in government, but, clearly, there would be defence equities building up to that.

Baroness Tyler of Enfield: Do you have a specific timescale for the review, in particular when it will be concluded and when we will know what next steps you are recommending?

Sir Chris Bryant: No, we do not, and we would not be allowed to breach the Leader of the House’s decisions on what goes into the King’s Speech at the next session anyway. We are in a bit of a double bind, because, on the one hand, the £100 fine provision in the 1885 Act was uprated in 1982 to £1,000. We could, by secondary legislation, bung it up to £5,000, but that just does not seem to meet the need of the situation. We could do minor things, but we are minded in both departments that we need proper legislation that tackles all of this in the round, which may take longer than just fiddling around with issues around fines.

The Chair: Can I ask about piracy provisions? Is that something that should be considered within the legislation?

Sir Chris Bryant: You mean piracy on the seas as opposed to piracy of works of the creative industries.

The Chair: Yes. For any suspected sabotage of undersea cables, could or should piracy provisions in law be applied?

Sir Chris Bryant: That is not a question that has come across my desk. I do not know whether it has come across Luke’s. Culpable negligence is one of the aspects from the telegraph Act 1885 that we might be able to use, but I would doubt whether that is strong enough.

Kevin Adams: There is quite a lot of legislation that potentially bites on this problem, which is why we think it is good to do a comprehensive review. For example, the National Security Act imposes penalties on sabotage. The Telecommunications (Security) Act can bite on this, particularly at cable landing stations. We are looking at the full raft of legislation to see what powers might need updating in terms of the role and responsibilities of industry in relation to the cables, the powers around data sharing and the use of technology on these cables, as well as powers during an emergency.

Luke Pollard: Perhaps I might just add to that. Legislative protections are often used as a form of deterrence. We are saying, “If you try to do this, the powers of the state mean you will not be able to do it”.

Within that broader piece around how we deter deliberate rather than accidental interference with our undersea infrastructure, it is probably worth understanding that there are a number of other aspects that form a full deterrence cupboard. That may include areas around attribution and fast attribution. That would include fast response and greater resilience as a form of deterrence, to say, “Yes, you could undertake this, but there is resilience within the system. You could do it, but it’s hard to do, and we would call you out for doing it”.

I am not certain that many malign states are particularly worried about the £1,000 fine, but, especially since the UK Government called out the Russian spy ship Yantar for loitering over our critical infrastructure last year, the ability for us on an international stage to call out activities and attribute them directly, in this case to the Russian state, provides a greater deterrent capability.

If we look at deterrence as a whole, there is clearly a role for an updated legislative framework. We will now look at on a cross-government basis now.

Sir Chris Bryant: Recommendations from you will be helpful.

Baroness Tyler of Enfield: That is very helpful. Thanks.

The Chair: I would like us to move on and expand on deterrence.

Q65            Lord Sedwill: Sir Julian and I are going to pick up exactly the subject that you have just raised, Minister. In essence, this is what the committee is trying to get to grips with. We have a system that is, broadly speaking, designed to deal with accident, negligence, et cetera, but is it adequate to deal with a deliberate attack, particularly by a hostile state?

You have mentioned hostile actors; you have talked about prosecution, but that is really looking at individuals. One of the issues we want to look at is the question of a deliberate attack by a hostile state, which presumably could be significant because it would be organised properly, whether that is on the landing point, on two cables at once or on other parts of the infrastructure, et cetera, potentially as part of a co-ordinated effort. We want to move the conversation on to that beyond civilian resilience.

Mr Pollard, you just mentioned attribution and the deterrent effect of that. You also talked about the deterrent effect of good resilience and recovery. That is absolutely correct. What about going beyond attribution? As you said, a hostile state is not going to care much about a fine. It probably is not going to care much about an accusation, which it will deny. Do our potential adversaries or our adversaries actually understand the red lines?

Luke Pollard: It is a fair question. Perhaps the committee will allow me to use the example of what is happening in the Baltic at the moment. This is not about communications cables; in most cases, it is about energy transfer cables. To a certain extent, though, it is about cables.

When we look at attribution, the speed of attribution is really important. It is not sufficient to have a really good established analysis of who is responsible for a cable break two weeks later. We need a system that enables us to identify the actors that may be involved with a cable break earlier. That assumes that the cable break is in effect coterminous with a ship being nearby. This is not, for instance, a sabotage that is timed or delayed from the moment of interference with our cable, for instance.

In the Baltic, for instance, the activation of both the JEF response—so the Joint Expeditionary Force, which the UK is a framework nation for—and subsequently the NATO response, particularly in tracking Russia’s shadow fleet, means that, having communicated with shipping in the area, we can identify at the point of a cable break which ship is nearby and then we can attribute that. That quick response enables attribution due to a collection of numerous datasets, meaning we can pinpoint which vessel is most likely responsible for it. That acts as greater deterrence, but it also enables some of our Baltic friends, using the powers that they have, to take immediate action against those individuals.

When we talk about malign actors interfering with our cables, there is an assumption that it would be something easily identifiable such as a Russian warship or the Russian spy ship Yantar. It might not necessarily be that. Indeed, the risk of a Russian shadow fleet operation, as we are seeing in the Baltic, is probably more likely than traditional Russian navy activity, which would be much easier to identify.

Swift attribution is a key part of that. There are different ways in which we can collect the data to be able to understand that. What we are learning from having activated the JEF response option in the Baltic is how we can use additional layers of publicly available information as well as information that might not be readily available to the public to get to the point of attribution more quickly. It is the speed of attribution that acts as the deterrence.

If something happens, and you can pinpoint the vessel only a few nautical miles away from where it has taken place and say, “It was that one”, that provides a much greater deterrence to the master of that vessel, who will realise that consequences could be taken almost immediately if they were to undertake any interference. It is much harder if it is a malign activity that might use higher-end capabilities, which would be difficult to talk about in this setting. That would have a delayed effect.

Lord Sedwill: Beyond attribution, there would be penalty sanctions against the vessels concerned.

Luke Pollard: There could well be. It is probably worth mentioning that there are a number of levels of attribution. You have the technical attribution: “We have worked out which one it is. It’s you”. You have the intelligence attribution: “We know what you did”. You then have the public attribution. The decision that we took at the end of last year to call out Yantar and the Russian interference publicly is an illustration that we were not going to accept Russian activities above our critical underwater infrastructure.

That covers the different levels of attribution. What you do after that largely depends on what it is, in which waters it took place, who did it and what legal powers were available to any state at that point. Much of the debate that we are having so far is about activities largely against what we might consider our cables, largely in what we might consider our waters.

Because of the lead status that the United Kingdom has in this space across NATO and JEF, although much of the work that is being undertaken at this point might have an application to UK waters, and we are looking at that, we are looking at activities in the Baltic in particular. That perhaps provides an easier case study for the committee to see what happens when you bring to bear all these capabilities and where there is a more immediate risk of things happening, or a catalogue of things that have happened, that create elevated risk to the infrastructure that exists there.

Sir Chris Bryant: Before the point of identification is detection. Our surveillance measures are a really important part of this. I see where you are coming from. Some hostile actors might not care about being identified as the person who has done it, but on the whole they spend quite a lot of time trying to hide from us. It is in their interests not to be detected.

Lord Sedwill: Certainly, that is the case. I am really trying to explore what happens beyond attribution. We know that the Russians deny everything they do anyway, including grotesque acts such as the Salisbury attack. If circumstances were deteriorating, what is the actual sanction that we would apply? This is why the Chair was asking earlier about piracy, for example. Are there actual sanctions with teeth that we could apply, particularly to this shadow fleet of notionally deniable actors who are not carrying the Russian navy flag?

Luke Pollard: If you look at the examples in the public domain of what has happened with the concerns around the Baltic, you see fast detection, an ability to have certainty about which vessel may have undertaken any activity, be it accidental or otherwise, and nations that are poised to respond quickly. When that system is joined up and working effectively, as we are seeing with the rollout of UK-led activities in the Baltic, there is an ability to get at that end product and do something to the people who are doing this. That could be seizing the vessel, challenging their licence to operate, affecting their insurance capabilities, prosecuting the people in charge of the vessel at that point or taking further action against the shipping line. There is a range of options that flow from it.

Lord Sedwill: You have mentioned the Baltics, where the territorial waters are quite crowded, but that would apply to the UK. Indeed, are you exploring how we might operationalise that in international waters off the UK?

Luke Pollard: Elsewhere in the strategic defence review, you can look at the Atlantic Bastion concept. For those who might not be following it in the same detail as perhaps you and I, the Atlantic Bastion concept is in effect a model that says that, to secure the North Atlantic from malign Russian naval presence, you not only need a strong presence in the Greenland-Iceland-UK gap of traditional anti-submarine warfare capabilities, such as the future Type 26 frigate and P-8 maritime aircraft; you also need a network of autonomous and uncrewed surface, subsurface and maybe even seabed sensors, which would provide the certainty of that activity.

What is the advantage of Atlantic Bastion for the topic that we are talking about? If you can assure against Russian submarine activity and entry into the North Atlantic—and it is worth remembering that Russian submarine capabilities have continued to be invested in since the invasion of Ukraine; they are a very high-end peer competitor to NATO forces—you are not only better able to guarantee against a ballistic missile attack from a submarine, for instance; you are also, as a consequence of that, better able to defend your cables because you have a greater understanding of what is in your battle space.

The ability to use the enormous amount of data that could come from these various platforms would help identify any actors in any of the areas where we have critical underwater infrastructure, be that a submarine, a cable, a wind farm or whatever it may be. The move towards Atlantic Bastion, which is recommended in the SDR, will have considerable military benefit to the protection of our undersea infrastructure.

The other aspect that makes Atlantic Bastion very useful for the work of this committee is that, while it is a UK project that will primarily be delivered by UK naval assets, it gives us the ability to have plug-and-play with our NATO allies. If you look at the High North and the area that you are talking about, Norway, Germany, Canada, America and the UK will all be operating the same maritime patrol aircraft and I hope, with the Norwegian frigate decision, similar anti-submarine warfare frigates, similar helicopters and similar sonar buoys.

The ability to be interoperable in that space means that our allies will directly contribute to the protection of our infrastructure by dint of it being in the North Atlantic. The basic mission is to prevent the Russian Northern Fleet from coming around over the top and entering the Atlantic.

Lord Sedwill: That is fascinating. We could probably pursue it, but only at a higher level of classification and not in a public hearing.

Q66            Sir Julian Lewis: I am afraid that this question is exclusively for the two MoD representatives. I would like you to consider an analogy with the little green men in Ukraine. Russia did not particularly want them to be identified, but when they were identified it did not care very much. I am not entirely clear yet what the real sanctions or countermeasures would be if you discovered, shall we say, a shadow vessel. You talked about possibly taking action against a shipping line; that does not apply to vessels in a shadow fleet. You talked about seizure, Luke, but there was an instance back in May when the Estonians intercepted a Russian shadow fleet ship, and, lo and behold, a Russian air force jet came over and in effect interdicted any attempt by the Estonians to do anything further without risking a major international incident.

Given that some of the techniques being used, such as trailing anchors back and forth over cables to snag and fracture them, have been discovered while they are going on, has any thought been given by NATO to adapting some of the decades-long specialist techniques that were developed to deal with tethered sea mines, namely cutting cables with a small explosive cutter? If you are playing this game of shadow warfare, where nobody admits that they are involved, in a day of autonomous underwater vehicles, I would have thought that that would be a very simple engineering feat. When something such as this is detected and the vessel refuses to respond to a warning, the next thing it knows is that its dragged anchor cable is mysteriously being severed. Is any thought being given to doing something that would stop the mischief in its tracks?

Luke Pollard: I will bring Paul in for detail. It is difficult to talk about hypotheticals. Certainly, at this level of classification there are answers that I would love to give to your questions that I may not be able to.

If I go to the beginning of your question, you talked about the subthreshold grey-zone activity that is hard to attribute. It is precisely because it is hard to attribute that that is one of the areas where we are looking at placing more investment in our capabilities. That is where our experience in the Baltic is particularly helpful at the moment. It enables us to see in real time, in a genuine threat environment, how you can overlay different levels of data to create a greater understanding of what is happening. Once you have established that greater understanding of what is happening, that provides options to the nation state involved or the NATO alliance as to what to do with it.

If I am unable to answer the specifics of your autonomy question, I can deal with it in the broader round. It is certainly true that the defence review sets out a new model of fighting for our Armed Forces, where every single unit in the UK military will be a mix of crewed, uncrewed and autonomous systems. That is especially true in the maritime domain. In the future, you would expect any Type 26 or submarine sailing to have, in concert with a number of autonomous platforms in due course, the ability to have greater options. With greater options and greater deterrence comes the ability to pose more strategic dilemmas for Russians in particular, who we assess as our greatest threat in this space, and to create attribution and options that may follow from that.

Part of your question depends on what stage of international diplomacy we are at when any of these things is taking place. This is grey zone activity in a peacetime setting. If you were in a conflict setting, this would be very similar to much of the other activities. In a conflict setting, you would expect UK naval assets to focus in particular on anti-submarine warfare, which is our NATO mission in the event of a conflict. In those circumstances, keeping an eye on what is happening in the sea is Britain’s primary responsibility in naval activity terms. This would flow quite nicely as a really supportive activity that would sit alongside that. In that scenario, we would have a very good awareness and lots of clear options on what we could do.

The difficulty is the period in which we largely find ourselves now, where we are not at peace and nor are we at war. We are seeing rising tensions. We need to be attributing quickly, tracking quickly, calling stuff out and then assessing what options are available to us in order to look at this. Certainly, it is hard to drag an anchor over a cable and get it first time. We need the ability to keep an eye on ships going back and forth, which is not normally what ships do and is a sure sign of a ship perhaps being up to something it should not be.

Sir Julian Lewis: Are we working on technical solutions of the sort that I have described?

Paul Wyatt: You will understand that we cannot get into a great deal of detail, but perhaps I can offer you assurances in two dimensions. First, yes, we are looking at the capabilities that are necessary for the Royal Navy to continue to contribute in this area. Secondly, in terms of its ability to use its extant capabilities—again, I would not necessarily wish to, nor can I, get into those—giving it the right freedoms and permissions to use those capabilities in as broad a way as possible in certain scenarios is something that we have looked at in the past and we continue to look at actively.

Sir Julian Lewis: Two sides can play at unattributability. The other thing that I would leave you with is the thought that the Russians were not so bothered about being identified that they were not willing to send out one of their own aircraft to support their shadow fleet ship.

Sir Chris Bryant: They spent quite a lot of time trying to pretend that they had nothing to do with Salisbury. They do care whether they get fingered.

The Chair: That is one way of putting it.

Q67            Baroness Fall: I wanted to turn to the issue of repairs. I was interested in what you said at the beginning of the session, Minister, about the fact that you felt that we did our repairs rather well and rather quickly. I wanted to ask you in a bit more detail why you thought that was. The issue that we are struggling with on the committee is whether we have control over repair infrastructure. Does it lie too much with the private sector? Do we have the capacity right? Do we have control over prioritisation, if there is a crisis and there were a couple of breakages in one go?

Sir Chris Bryant: It is worth remembering that all of this is a combination of government and private sector. We do not provide the cables. They are not our cables. They are provided by the private sector. Of course, repair is an expensive business. These companies do not want to see damage to their cables either. The more that we can do to prevent accidental damage, the better. That is why some of the work that we are doing with Defra is around making sure that people ship more sensitively in areas where there are cables and so on. As technology advances, we will be able to do that more precisely.

We have two flagged repair ships that can repair cables connected to the UK. Both of them are owned by Global Marine, which we think does a good job. We have to consider for the medium term whether that is going to be sufficient. That is one of the things that DSIT is in the process of considering as part of our spending review decisions over the next few months and years.

Baroness Fall: If there was a crisis and a couple of repairs needed to be done at the same time, would you be able to prioritise or is it the private sector that would make that call?

Sir Chris Bryant: We would be in discussions with the private sector about what is the right priority.

Baroness Fall: It would be a joint discussion.

Sir Chris Bryant: Yes. If I am honest, this all feels very much like a joint endeavour between government and the private sector, and, within government, between different departments.

Baroness Fall: What about with allies such as the European Union? Do you have agreements with them over this sort of thing?

Sir Chris Bryant: There is a UK body, a European body and an ITU body. We are a member of all of those and we co-operate as effectively as we can in all those spheres. There was another part of your first question that I did not answer, but I cannot remember which bit it is now.

Baroness Fall: We were talking about capacity, first of all, and you hinted that you might need more.

Sir Chris Bryant: It was about who decides what the priority is. I am not aware of a moment when it has been problematic. So far it has always been by agreement and fairly easily done.

Baroness Fall: If you considered there to be a hostile state actor, would it become more a national security issue and therefore more likely a government decision rather than one for the private sector?

Sir Chris Bryant: Yes, but the repair facility is owned by the private sector. If it were a national security moment, the private sector would want to co-operate with us as much as possible. As I say, we have not had a moment when it has been a problematic issue. Notwithstanding all the comments we have made about state actors, I would be more nervous about non-state malignant actors, which are potentially more difficult to identify, track and so on.

Baroness Fall: You said right at the beginning that you thought we did rather well at the repairs. Was there a particular reason that you think we do better at this than other countries?

Sir Chris Bryant: That is partly because those in industry know that it matters to UK plc, as it were, and it matters to them. We have the two facilities. As I also said at the beginning, we are fortunate that we are overprovided with. We have spare capacity. Notwithstanding the comments made earlier, that puts us in a better place.

Kevin Adams: There is a feature of our permitting regime that works well. When there is a break, companies can immediately proceed to repair it. In some other countries, that is not the case. There is a bureaucratic process to go through before the repair happens. That is a good feature of our system.

Baroness Fall: Mr Pollard, can I just turn to you for a minute? Do you support plans for Navy reservists to train in the cable industry, especially if there was a crisis?

Luke Pollard: Yes, so the strategic defence review has clearly identified a need for us to look again at how we structure our reserves. In the event of a conflict, I want the certainty that, when I press play on our strategic reserve to activate people in the wider society for military roles, we have those people there. That is the piece of work that we are undertaking at the moment as a department. Part of that work needs to be about looking at what roles people can be in and how we work jointly with the private sector in some of our military activities.

It is not just with the private sector. It could also be our allies, for instance. A capability that is well known in this area would be RFA Proteus, which is our undersea warfare vessel. For that ship to operate, it requires skilled RFA seafarers and it requires private sector providers for some of the capabilities that we have on board. The crane is a good example of that, so the winch at the back.

In future, there could be an opportunity for our allies to be more involved with some of these capabilities. As part of that, we need to have a better linking between the regular reserve and our industrial friends. Part of the narrative of the SDR is about having an integrated force. The integrated force can sometimes be seen as the Army, Navy and Air Force working together using the same systems, which would be a big boost from where we are today, but it is also about how we use civilians, contractors, private sector colleagues and others to create a whole-force approach.

When we look at the expertise in underwater activities in particular, there is an enormous amount of that in oil and gas. There is an enormous amount of that in the emerging areas around floating offshore wind. Certainly, those industries seek to recruit our people. We need to have a good understanding of how we can work together. Using reserves is a good example of that. We need more zig-zag careers, where people operating in uniform in a regular capacity move to a reserve capacity or an industrial capacity and then move back into a regular capacity, or whatever combination of that. That helps make us more resilient. It means that, when I press play on the strategic reserve because of a conflict, we have more people aligned with the skills that we require to support the capabilities that we will require in that event.

Baroness Fall: You have answered my question on whether you have an eye on the industrial workforce as well. It sounds like you do.

Luke Pollard: We absolutely do. There is more work to be done there, though; I would just stress that. The capabilities that we have at the moment are really good, but the SDR has identified that we need to do more of that. How we do more of that is a piece of work that the Ministry of Defence is undertaking now.

I see a very clear role for the Royal Navy in its traditional sense and a very clear role for the Royal Fleet Auxiliary, which often gets forgotten about within this debate. The capability that the RFA provides to the protection of our underwater infrastructure is first class and absolutely needs to be recognised. The RFA is sometimes the forgotten part of our naval family. It is brilliant. That will also need to involve more private sector provision and provision from our allies.

Taken together, there is a lot more work to do here, but it is an exciting area. There is real enthusiasm from all the different parts of the government estate that work on the wet side of things to make it work, but also with our private sector friends.

Q68            Lord Watts: Moving on to protection and repair vessels, we have heard that these are operated by the private sector. First of all, would they go out at all if there was a conflict? Secondly, if they went out, they would need support in vessels, equipment and men, et cetera. Are we convinced that we have the right number and types of vessels and aircraft to support any attempt to repair damage that had been deliberately done?

Sir Chris Bryant: On the civilian side we are keeping it under review, as I said earlier. The military is for Luke.

Luke Pollard: On the military side, in the event of a repair ship needing to be escorted, you would expect us therefore to be in a conflict. There would not be that level of threat to the repair vessel unless we were in a period of conflict.

That helps me return to the point that I was making around Atlantic Bastion. The primary role of much of our Royal Navy assets in the event of a conflict would be anti-submarine warfare. Our ASW fleet would be at sea. The model that we are moving to would see more autonomous platforms alongside it.

Currently, to escort or defend any asset at sea, you need to have a crewed asset alongside it, be it in the sky, underwater or alongside it on the surface. In the model that we are moving to, we would provide greater options to the fleet commander of the day to use autonomous or remotely piloted assets alongside those assets. It depends on what threat we are defending that ship against. If it is an underwater threat, you will clearly need a different set of capabilities than if it is a surface or aerial threat. The model we are moving to would, in effect, massively increase the number of platforms.

Despite arguing for more frigates in my maiden speech in the Commons, which I would be very happy with, the argument that we make in the SDR is to have an increased number of platforms. Nearly all those new platforms would be uncrewed or autonomous platforms. In doing so, we will increase the lethality of the overall operation. That is a deterrence piece. In the event of conflict, there would not be necessarily a huge number of ships available for additional tasks, but autonomous vessels might be able to support those or we might consider tasking a crewed vessel if the situation demanded it.

Lord Watts: In a conflict, would they not have other duties and responsibilities to carry out?

Luke Pollard: In the event of a conflict, it would be for the fleet commander of the day to allocate their assets, but what I am suggesting to you is that our current framing, in how we conceive it and in much of the public debate about it, requires a frigate or a destroyer to be alongside a crewed repair vessel. In the model that we are moving to, yes, that might be the case. There might be a crewed asset providing protection for activities in any particular battle space, but it might also be true that we would move to an autonomous system that looked at a wider area.

That is a transition that we have to get to, but the model of warfare that we are looking at would be a greater investment in uncrewed systems, especially in the North Atlantic, where there would be more opportunity for those units to be deployed.

Lord Watts: That assessment is taking place at the moment. In a conflict, when you already have other duties and responsibilities alongside the protection of ships that are going to repair cables, there will be a calculation of what resources will be needed and how they will be deployed.

Luke Pollard: That is right. Indeed, the SDR makes a particular recommendation—recommendation 26, I think it is—which says that the responsibility for cable defence sits with the Royal Navy, within our system, at the MoD. In that situation, the MoD would look at its various taskings and allocate resources against them.

Q69            Mike Martin: I just want to press you on this point because it is a reasonable one. In 2027, with the frigate transition programme from Type 23 to Type 26, we are going to have the ability to deploy a very small single-figure number of ships at any one time. Are you seriously saying that, in a state of general war, we are going to have enough ships to protect our undersea cables as well as all the other taskings? It just does not seem credible. If you have three or four frigates, for example, they are going to be up patrolling the Greenland-UK-Iceland gap. All those cables are going to be, surely, completely undefended. They are not going to be able to escort repair ships to those cables.

Luke Pollard: The model that I am suggesting that we move to, when we talk about Atlantic Bastion—

Mike Martin: If I may, that will be 2030 at the earliest.

Luke Pollard: —is one where you have a mix of crewed, uncrewed and autonomous vessels. We are already seeing the deployment of autonomous vessels that can operate in the maritime environment. Autonomous mine countermeasures are already available at sea and we are bringing additional capabilities online. How you do that would be based on the taskings and threat picture at any one point. We would also defend the North Atlantic as a NATO alliance, not just as the United Kingdom. That creates options for what platform is doing what.

In the model that we are seeking to move to at pace, the next generation of frigates that you mentioned, both the Type 26 and the more general-purpose Type 31 frigates, will be sailing with autonomy alongside them. In that respect, you could sail them alongside or you could sail them separately.

The model of Atlantic Bastion in effect envisages the North Atlantic being protected by Type 92 or Type 93 autonomous vessels, which would be working alongside crewed systems. That is clearly a transition. As we move from where we are now to there, we will have periods, especially when we retire more of the older Type 23 ships, in which we have to look at this.

That is why, in addition to the move to autonomy and the hybrid Navy that we have very clearly set out, adopting the recommendations from the SDR, we are looking at how we can invest in undersea warfare to expand our capabilities. RFA Proteus and RFA Stirling Castle are the two assets that are probably best known for that here. Without going too far beyond classification, autonomy clearly has a big role to play in cable defence.

Q70            Baroness Kidron: Minister Bryant, you have already pointed out that the cables themselves are in private hands. It has already been picked up that 75% of the transatlantic traffic is in two cables. Those are largely owned by a very narrow group of people. Does that concentration of power over the infrastructure give you any cause for concern?

Sir Chris Bryant: The concentration of power over infrastructure generally gives me concern. I would apply that to space as well as subsea cables. That is one of the reasons we wanted to place all this as part of CNI.

Baroness Kidron: You have mentioned already that you are looking at the repair ships.

Sir Chris Bryant: Yes. We need to make sure that we have the right kit to be able to deal with this into the future, not just for the next two or three years.

Baroness Kidron: Is there a world in which the UK would look for some sovereign capability in laying cables?

Sir Chris Bryant: It is unlikely.

Baroness Kidron: If there is perhaps an economic risk or a political risk, is there a risk of non-carry from the private sector, if it controls the infrastructure?

Sir Chris Bryant: Again, one of the advantages is that we have spare capacity. Not everything is in a small number of hands, although, as you say, two are. My estimation is that we have the mix about right in the UK at the moment, but, again, it is something that we have to keep under review. If the ownership structure changed, we would have to consider that, just as we would if the ownership of BT changed substantially. That would be a matter for us as well.

Baroness Kidron: Yes, exactly. I am interested because we got evidence from more than one person that, as we move to different forms of technology and as the cables get faster, bigger and carry more, the system itself will be in even fewer hands and more brittle as a result.

Sir Chris Bryant: I accept that that is a potential danger. We are trying to mitigate that in various ways, not least innovations that British universities are bringing forward in terms of making cables that are more efficient, more effective and able to deliver at higher speeds with smaller latency. It is a well-made point and something that we have to keep in consideration. As I say, in the whole of the telecoms sphere, these are matters that will always concern us. Ownership is not just a blank piece of paper. It can be significant.

Q71            Sir Julian Lewis: This is the last topic. I will combine everything into one question in order to stay within time. The topic is spatial planning. Some stakeholders have suggested introducing what are called cable protection zones where certain maritime activities, such as fishing, dredging or anchoring, are banned, or introducing mandatory cable corridors requiring cables to be routed in defined areas. Do you support either of these proposals?

If you do support them, how worried are you about the risk that creating approved spaces for laying cables might inadvertently create chokepoints and a concentration of high-value targets? If you are not interested in these two options, what are you doing to ensure that the best routes for future cables are not being blocked by other offshore developments such as energy?

Sir Chris Bryant: I am interested in both. We want to exploit what we can of both of those in an effective way that is proportionate to the needs we have. For instance, I mentioned earlier that we are looking at the moment at where we are going to have offshore wind farms. One thing that matters there is where the MoD has requirements and where cables have requirements.

It is a perfectly well-made point. If we limit it too much to certain areas, that creates a pinch point, which could be problematic. Yes, we are aware of all of those as potential issues that we need to address.

Sir Julian Lewis: Can you accept the vulnerability, then?

Sir Chris Bryant: Risk is always a matter of assessing risk, is it not? It is not just risk on or off. It is a matter of quantity of risk. You judge that in various ways. Fortunately, we have quite a lot of potential landing points in the UK.

Sir Julian Lewis: Would you like to add anything from the defence side?

Luke Pollard: No, I would agree with Chris on all those matters.

Q72            The Chair: Can I thank our witnesses for today’s session? There were a couple of points that you did offer to write to us on.

Sir Chris Bryant: We will.

The Chair: I would appreciate that. One was on war-gaming; the other was about Atlantic Bastion.

Sir Chris Bryant: I take the point that Tan was making earlier about the financial services sector. I did not say that we would write on that, but we will write on that as well.

The Chair: That would be greatly appreciated. That concludes today’s session and that concludes this inquiry.