MPs call for UK government to back sovereign IT

UK ‘at mercy’ of a handful of US tech companies

The amendment follows warnings from a cross-party group of MPs that the UK public sector is becoming increasingly reliant on a small number of US technology suppliers, including Microsoft, Amazon Web Services and Palantir.

The Science, Innovation and Technology Committee said the UK’s dependence on a small number of providers represented a “clear vulnerability” and left ambitions to digitally transform public services potentially “at the mercy” of foreign actors.

Collins has previously raised concerns over the lack of published information in the UK’s National Risk Register on the risks posed by foreign states using legal powers, such as sanctions, to disrupt or discontinue critical digital services used by the UK.

She was among four MPs to write to the Chancellor of the Duchy of Lancaster and the chairs of two influential parliamentary committees in April, urging the government to take steps to ensure the UK’s digital systems would remain resilient in the event of threats or interference by a foreign government.

The MPs pressed the government to publish a currently secret analysis of “chronic risks”, including “concentration of risk through dominance of global tech”, the UK’s “reliance on digital platforms and digital services”, and “impacts from the use and capability of artificial intelligence (AI)”.

“The UK public debate on digital sovereignty is significantly hampered by the secrecy surrounding the mitigation strategies for the chronic risks mentioned in the National Risk Register,” the MPs wrote.

“This contrasts with open discussions and analysis in other European countries. While there may be aspects of the current documents that need to be kept secret, this cannot and must not apply to the whole analysis,” they stated.

European states, including France, Germany, Denmark and the Netherlands, have engaged in national debates about the risks of overdependence on overseas technology.

France, for example, is moving to sovereign open source desktop and collaboration tools for its senior civil servants to reduce risks of surveillance or loss of services. And the German armed forces are moving to OpenDesk, an open source alternative to Microsoft Office.

European banks are also taking action to protect themselves against interference from the US by building their own electronic card payment system as an alternative to the US-run Mastercard and Visa networks.

The UK Parliament has previously discussed potential risks of relying on Chinese suppliers, including Huawei and Lenovo.

Amendment seeks ambitious approach to UK technology

Collins said the aim of the amendment was not to shut the doors to global technological innovation, but for the government to take a “smart, strategic and ambitious approach” to UK technology.

“Right now, too much of our critical national infrastructure and too many government services depend on foreign technology and supply chains. This creates real risks, from national security vulnerabilities to economic fragility,” she added.

Collins said UK technology companies are being locked out of government procurement in favour of large multinationals.

“A proper digital sovereignty strategy would change that: backing UK innovation, reducing the UK’s dependencies, and ensuring the UK is a world leader in the technologies that will define the next decade,” she added.

The Open Rights Group (ORG), a campaign group for digital rights and privacy, which supports the amendment, said the UK’s reliance on US big tech companies posed both a national security and an economic risk.

Jim Killock, executive director of the ORG, said that “by voting on this amendment, MPs can take the first step to secure the UK’s resilience and control over its digital infrastructure”.

Richard Starnes, a chief information security officer and author of a study on the UK’s cyber security and privacy legislative framework, said the amendment raises valid national security concerns. But he said it also conflates foreign interference risks and economic protectionism.

“The enormous risks facing UK critical infrastructure, vendor lock-in and the UK’s current economic climate warrant a more strategic, open-minded approach,” he said.