Telecommunications (Security) Act 2021

Policy background

5G and Full Fibre networks

5. As outlined in the 2018 Future Telecoms Infrastructure Review , the widespread deployment of 5G and full fibre networks is a primary Government objective. These networks will help to drive future economic growth, enabling a wide range of new products and services that require faster speeds and more processing power. 5G has the potential to connect a vast network of people, objects and communication systems, including those within critical sectors.
6. The development of 5G and full fibre networks also creates new security challenges. The speed, scale and processing power of the UK’s future digital infrastructure will create new economic and social opportunities for greater connectivity, including across the UK Critical National Infrastructure (CNI) sectors that are likely to have a greater dependence on 5G infrastructure compared to that of legacy arrangements (2G/3G/4G). The technical characteristics of 5G networks increase their risk profile compared to previous generations of networks. 5G networks will run at much faster data speeds and will be based on software running on commodity hardware, rather than proprietary hardware. Over time, to achieve the full potential of 5G, some of the ‘core’1 functions will move closer to the ‘edge’2 of the network. As this happens, it will be necessary to ensure security arrangements are able to protect both the edge and core of the network.
7. The security of telecoms infrastructure needs to be considered within an international context. Certain state, state-sponsored and other actors have the intent and capability to carry out espionage, sabotage and destructive or disruptive cyber-attacks, including through access to the telecoms supply chain. Since 2017, the UK Government has, based on National Cyber Security Centre (NCSC) assessments, attributed a range of malicious cyber activity to Russia and China, as well as North Korean and Iranian actors.

The Office of Communications (Ofcom)

8. Ofcom is the independent regulator for communications in the UK. Its remit covers the regulation of broadband and telecoms, TV, radio, video-on-demand services and postal services. It is also responsible for the effective management of use of the radio spectrum.
9. Ofcom is established under the Office of Communications Act 2002. Ofcom’s powers are found in the Communications Act 2003 and the Wireless Telegraphy Act 2006, as well as other enactments including the Broadcasting Acts 1990 and 1996, and the Postal Services Act 2011.
10. Ofcom is a statutory corporation. Its governance arrangements are set out in the Office of Communications Act 2002 and as a public authority it is also subject to other legal duties, including requirements to ensure it acts compatibly with human rights (under the Human Rights Act 1998) and complies with data protection legislation. The Act does not affect those obligations.