UK government research legislation to protect national security could prove “counterproductive” if the approach set out is not targeted precisely.
The warning comes from a report published today (17 February) by the Higher Education Policy Institute (Hepi), which recommends the government streamline the requirements of a new national security act so as not to hinder UK research and innovation.
UK legislation has a broader scope than national security laws in comparable states, the report warns, which could prove a bureaucratic headache for universities.
The new National Security and Investment Act (NISA) became law in January 2022. The Hepi report recommends the Department for Business, Energy and Industrial Strategy (BEIS) follow American and Australian counterparts and produce a “targeted exemptions list” of trusted domestic investors or allied nation-states to reduce bureaucracy.
Michael Leiter, former director of the United States National Counterterrorism Center, told MPs in a House of Commons select committee that the NSIA could spell an “explosive increase” in work for Whitehall officials, adding that “poses some real risk for management”.
The Hepi report authored by Dr Alexis Brown identifies five government departments, three government agencies, and one non-governmental public body operating agencies, units, schemes or strategies that relate, in some way, to HE research and national security. The report recommends the government signpost universities through this multifaceted research security space with a “comprehensive, interactive map”.
The report sets out underlying weaknesses the new approach must tackle. Universities, it suggests, are “keen to minimise” threats but “lack a clear sense” of the dangers with “limited access to actionable intelligence on the threats they face”.
The government, meanwhile, has “a wealth of intelligence” it cannot publicly disclose and lacks “the resources or skills required to monitor and regulate cutting-edge research, even if that were desirable”.
‘Seemingly small regulatory requirements readily spawn large bureaucratic responses’
In a foreword to the Hepi report, Prof Sir Anthony Finkelstein, a former chief scientific adviser on national security, said that the globalisation of research, more sophisticated technological developments, and new geopolitical threats had made national security “increasingly complex”. He warned the government and universities face defending multitudes of research from a similarly diverse list of threats.
The formation of the Research Collaboration and Advice Team (RCAT) within BEIS, acting as a go-between, could help, Finkelstein said, bridge the knowledge gap between Whitehall and vice-chancellor offices. The RCAT and Investment Security Unit in BEIS, according to Brown, are relatively small operations that require adequate resources to prove consequential.
Legislative and regulatory measures, however well-intentioned, do not in themselves make research safer
– Dr Alexis Brown, Hepi
Other recommendations called for in the report include a “comprehensive review of research security skills” to identify knowledge gaps and a greater use of secondments and fellowships to facilitate better understanding across academia, government and security bodies.
For universities, there are recommendations, too. More readily available information for researchers and external partners and new principles for managing risk, devised at the very highest level of university management, are both endorsed by the Hepi report.
Dr Alexis Brown, director of policy and advocacy at Hepi, said: “Legislative and regulatory measures, however well-intentioned, do not in themselves make research safer.
“Indeed, if their implementation overwhelms the administrative capacity of universities and government departments alike, identifying genuine threats becomes more, not less, difficult.”
Instead, a “more effective and resource-efficient” approach would see universities “tackle these security issues themselves”, Brown added.
“Research is a complex and highly dynamic business,” said Sir Anthony. “It is undertaken at scale by universities through a great variety of different routes, and it is an important UK soft and hard power asset, so interventions must be very carefully measured.”
“Seemingly small regulatory requirements readily spawn large bureaucratic responses,” he continued. “Partnership with the sector and a willingness to listen are strongly in the UK’s national security interest.”
On behalf of the Rusell Group, Ben Moore said the “best regulatory regimes are targeted, risk-based, and impose the minimum burden required”. Treating research with a university in Germany or the US in the same way as a state-run company in a nation like Russia or Myanmar, which the UK has sanctioned, could he said, “result in the new system being overwhelmed”.
You might also like: ‘A major triumph’: DARPA’s deputy director to head ARIA