Subsea cable security UK: DSIT plans tougher law and new operator duties
In short: Subsea cable security in the UK is set for its biggest legal change in 140 years. On 29 May 2026 the government announced plans to replace the Submarine Telegraph Act 1885 with new legislation criminalising reckless cable damage, to place security duties on cable operators modelled on the Telecommunications (Security) Act 2021 (TSA), and to take emergency powers to direct businesses. A white paper is due later in 2026.
If you own, operate or invest in a subsea cable that lands in the UK, the rules on subsea cable security in the UK are about to change in a way that has no modern precedent. On 29 May 2026 the government set out plans to replace the Victorian statute that still governs deliberate damage to undersea cables, and to give cable operators, for the first time, a positive legal duty to manage security risk. The announcement followed the exposure in April 2026 of a covert Russian submarine operation around critical undersea infrastructure in UK waters. A cable security white paper will follow later this year, with a consultation on the detail.
The Submarine Telegraph Act 1885 and the subsea cable security gap
The Submarine Telegraph Act 1885 is the law that still criminalises damage to subsea cables. It implements the International Convention for the Protection of Submarine Telegraph Cables, signed in Paris in 1884. Section 3(1) makes it an offence to break or injure a cable “unlawfully and wilfully, or by culpable negligence“. The penalties have not kept pace. Wilful damage carries up to five years’ imprisonment, but culpable negligence carries only three months and a fine at level 3 on the standard scale, currently £1,000.
The current legal framework for damage to subsea cables doesn’t address the current threat. Proving a vessel acted “wilfully” is hard when the master claims the anchor dragged by accident, and a £1,000 fine is no deterrent against grey zone cable damage: the deniable, below-the-threshold interference a hostile state can pass off as an accident, such as a vessel dragging its anchor through a cable. The Continental Shelf Act 1964 extended section 3 to cables on the high seas, including the UK exclusive economic zone up to 200 nautical miles, and confirmed that the offence covers telephonic as well as telegraphic communication. Within 12 nautical miles, laying a cable already needs a marine licence from the Marine Management Organisation under the Marine and Coastal Access Act 2009, but that regime protects the marine environment, not national security. The Telecommunications (Security) Act 2021 built a modern security regime for communications providers, yet it left the physical security of the cables themselves largely uncovered.
The DSIT subsea cable proposals: three workstreams
The DSIT subsea cable proposals set out three workstreams, all of them proposals for consultation rather than law: a modern criminal offence, positive security duties on cable operators, and emergency powers to direct businesses during a major incident.
Third parties who damage a cable will be subject to a new criminal offence. A new statute is proposed to replace the Submarine Telegraph Act 1885 and recast it. The current law prohibits both wilful damage and culpable negligence, but the serious penalties attach only to wilful conduct, which is hard to prove when a master claims the anchor dragged by accident. The proposed subsea cable recklessness standard is the change that matters: a vessel that drags its anchor across a charted cable route it knew was there cannot as easily argue the damage was unforeseeable, and recklessness would carry the tougher penalties that the culpable negligence tier, capped at £1,000, never did. The quantum is for the consultation to settle. Where damage is clearly linked to a hostile state, existing criminal law already reaches further, up to life imprisonment under counter-terrorism and serious crime legislation.
Building on the framework of the TSA, the government intends to consult on subsea cable operator duties to manage security risk, maintain response plans and report incidents quickly. These apply to the cable operator itself, not the third party that causes the damage. They mirror sections 1 and 2 of the TSA, which require providers of public electronic communications networks and services to take proactive security measures and to respond to security compromises. It is the same incident-reporting discipline those providers already face under the telecoms security incident reporting regime. Cable owners have never carried a positive duty of this kind. The open question is scope: the most natural trigger, and the one that follows the 1884 Convention, is a landing-point nexus, so that the duties bind operators of any cable with a UK landing point, wherever they are incorporated.
The emergency powers would let the government direct businesses to protect infrastructure during a major incident, comparable to the direction powers the Secretary of State already holds under the TSA. It sits alongside the wider cyber security and resilience reforms moving through Parliament. Alongside the legislation, DSIT formally endorsed the European Subsea Cables Association Fishing Liaison Guidelines on 29 May 2026, a non-legislative measure aimed at the 97 per cent of cable faults that come from fishing gear and dragged anchors rather than hostile acts.
| Element | Current law (STA 1885 / TSA) | DSIT proposal, for consultation |
|---|---|---|
| Criminal standard for third party damage | Wilfully or by culpable negligence (STA 1885 s.3) | Intentionally or recklessly |
| Penalty for non-wilful damage | Three months and a £1,000 fine | Tougher fines and prison terms (quantum for consultation) |
| Operator security duty | None for cable owners; TSA ss.1 to 2 bind communications providers only | Manage risk, maintain response plans, report incidents rapidly |
| Emergency direction power | Confined to TSA designated vendor directions | Power to direct businesses to protect infrastructure |
| Geographic reach | UK waters and EEZ to 200nm (Continental Shelf Act 1964 s.8) | To be defined; landing-point nexus most likely |
Subsea cable security UK: implications for operators and investors
The proposals will be of interest to cable operators and investors who fund them. Around 64 cables serve the UK and provide the backbone of its international connectivity and internet traffic, which is why the government now treats them as critical national infrastructure telecoms assets. For operators, the direction of travel is clear even before the white paper: a compliance architecture is coming, and the preparatory work, governance, a documented risk framework, incident response plans and reporting protocols, will look familiar to anyone who has managed Ofcom TSA compliance for a communications network. The proposed subsea cable operator duties would sit on top of, not replace, the existing marine licensing and telecoms infrastructure security frameworks.
For investors, this is a new layer of regulatory risk to price into subsea cable due diligence. A prospective compliance burden on a target, and the capital it will require, belongs in the deal model. For investors assessing cable infrastructure assets, our regulatory due diligence page covers the scope of that work. Cable landing station security is the most exposed node, and DSIT has asked the National Protective Security Authority and the National Cyber Security Centre to produce guidance for landing stations. There is also a sovereign dimension: the government will decide by the end of 2026 whether to secure or require UK-flagged repair vessel capability, which matters for operators that currently rely on international repair fleets. On timing, the cable security white paper is due later this year, with consultation and then primary legislation to follow, so the legislative duties are unlikely to take effect before 2027 at the earliest. The Fishing Liaison Guidelines, by contrast, are available now and sit within the wider field of UK telecoms regulation.
Viewpoint
The criminal reform and the operator duties solve different problems, and only one is straightforward. Raising the criminal penalties is the headline, but on its own it does little against a hostile state. A new statute modelled on the Submarine Telegraph Act 1885 does not give a UK court the power to try a foreign crew on a foreign-flagged ship for damage done in international waters. International law reserves that power to the state whose flag the vessel flies, which is why the recent Baltic cable-cutting incidents have proved so hard to prosecute. To reach hostile-state actors, the new law would need to claim coastal-state criminal jurisdiction expressly, a far harder drafting task than raising a penalty.
The operator duties are the more immediate change for cable owners and for subsea cable security in the UK, because they build a compliance regime where none existed before. What to watch is whether the white paper confronts the jurisdiction problem.
Frequently asked questions
What is the Submarine Telegraph Act 1885?
The Submarine Telegraph Act 1885 is the UK statute that criminalises damage to submarine cables. It implements the 1884 Paris Convention and, under section 3, makes it an offence to break or injure a cable wilfully or by culpable negligence. The Continental Shelf Act 1964 later extended it to the UK exclusive economic zone and confirmed that it covers telephonic as well as telegraphic communication.
What new duties would subsea cable operators face?
The DSIT subsea cable proposals would, if enacted, place duties on cable operators modelled on the Telecommunications (Security) Act 2021 (TSA): a duty to manage security risk, to maintain response plans and to report incidents rapidly. These are proposals for consultation. A white paper is due later in 2026, followed by a consultation and then primary legislation, so the duties are unlikely to take effect before 2027 at the earliest.
Why can the UK not already prosecute foreign vessels that damage cables?
UK law gives the offence wide geographic reach, but international law reserves the power to prosecute navigation incidents on the high seas to the vessel’s flag state (UNCLOS Article 97). Recent Baltic attempts to prosecute the crews of foreign-flagged vessels for dragging anchors through cables have failed for this reason. Closing the gap would need an express claim of coastal-state criminal jurisdiction in the new legislation.
For advice on subsea cable security compliance, the proposed operator duties or due diligence on cable infrastructure assets, contact Rob Bratby at Bratby Law.
