EU stops short of ban on Chinese 5G suppliers, plans joint risk assessment

News Wireless Europe 26 MAR 2019
EU stops short of ban on Chinese 5G suppliers, plans joint risk assessment

The European Commission has stopped short of calling for a ban on Chinese suppliers for 5G networks. Instead, it wants EU members to carry out a joint assessment of security risks for 5G networks, based on existing network and cybersecurity legislation, and then will decide by year-end whether any mitigating action is needed. The decision follows pressure from the US to act against suppliers such as Huawei and ZTE, which the Americans believe could use 5G network equipment to share intelligence with the Chinese state. 

The European Council at its meeting 22 March and the European Parliament earlier this month called for the European Commission to coordinate action on the matter, following lobbying from the US and countries such as Australia banning Huawei. Several EU states have already been assessing the security risk and stepping up their own requirements for operators developing 5G networks, such as Germany ahead of its spectrum auction. 

The European Commission wants the EU members to take a coordinated approach on the matter and laid out a plan to ensure action by the end of 2019. By June, each EU country is expected to conduct its own national assessment of 5G security risks and update any national security regulations as necessary. The Commission and the European Agency for Cybersecurity (Enisa) should receive the national assessments by 15 July.

At the same time, the Commission will work with the states and Enisa through the NIS Cooperation Group, a mechanism set up by the Network and Information Systems (NIS) Security directive which took effect last year in the EU. Enisa will complete a 5G threat landscape report that will support EU states in the delivery by 1 October of the EU-wide risk assessment. By year-end, the NIS Cooperation Group should agree on any mitigating measures needed to address the cybersecurity risks identified at national and EU levels.

The Cybersecurity Act, which is expected to come into effect in the coming weeks in the EU, offers an additional tool, to set up an EU-wide certification framework. The Commission called on the EU members to make setting up such a scheme for 5G networks and equipment a priority. The work would be coordinated by Enisa and the Commission. 

The actions would be assessed by October 2020 to see whether they are having the desired effect and if further measures are needed.

'Fact-based' approach welcomed by industry

The Commission's recommendation was welcomed by ETNO, the association of European telecom network operators, which said it supports a "harmonised and fact-based approach to security of digital networks". Some of ETNO's members had cautioned against an outright ban on Chinese suppliers, saying it could set back the pace of 5G roll-out and innovation. 

ETNO noted that telecoms networks and services are already subject to high security standards and strict regulation, and this has led to a 5G ecosystem designed to be "trustworthy" and offering new opportunities to secure networks, including network slicing, network virtualisation, authentication and encryption. With the significant investment planned to deliver 5G, "a crucial enabler of socio-economic growth for all sectors of economy and society", ETNO said it was important to agree quickly a harmonised European approach and provide predictability to the market.

Categories:

Mobile

Regions:

Europe

Tags:

Security, Devices, Regulations, 5G, Government policy

Related Articles

EUROPE 10 DEC 2020

EU audit body to review 5G progress

The European Court of Auditors has started a review of the European Union's 5G policies. The roll-out of the new mobile networks is seen as important to the functioning of the single market and achieving the EU's digitisation agenda, and 5G already was flagged as a security issue by the audit court's review of Chinese investment earlier this year.

EUROPE 10 DEC 2020

Enisa updates telecom network security guidelines for EECC, 5G

The EU's cybersecurity agency Enisa has issued new guidelines on telecom network security for national authorities. Updating its previous guidelines from 2014, Enisa said it incorporated the security elements from the new European Electronics Communications Code, which must be implemented in national law by the end of this year, and the latest recommendations on 5G network security.

EUROPE 29 JAN 2020

EU states to implement tighter 5G security checks by April

The EU members have approved a 'toolbox' of measures designed to help limit security risks on the new 5G mobile networks. These include adopting new security requirements for mobile operators, encouraging the use of multiple vendors to avoid reliance on single suppliers, and screening network suppliers for potential non-technical risks. 

EUROPE 19 DEC 2019

Outlook 2020: European telcos to ramp up spending on 5G

European operators are starting to get serious about 5G. Telefonica Germany is the latest to announce a new investment plan and subsequent cut in the dividend, following similar steps by Orange, Deutsche Telekom and Vodafone. With 5G services commercially available in less than half the EU countries, the operators need to accelerate their planning to meet the target for 5G available in all 28 states by the end of 2020.

SPAIN 6 DEC 2019

Huawei contracted to roll out part of Telefonica Spain's 5G network - report

Telefonica has decided to award part of the contract to roll out its 5G core network to China's Huawei, according to unnamed sources cited by business daily Expansion. The operator is hoping the decision to award Huawei the first phase of the 5G network build will serve to pressure rival vendors including Ericsson, Nokia, Afirmed or Mavenir into providing more commercially aggressive offers to deploy a second core in the summer of 2020, said the sources, adding that Telefonica intends to award that contract

EUROPE 3 DEC 2019

EU states call for 5G supplier vetting based on legal, political risks

EU telecom ministers have stopped short of calling for a ban on specific 5G suppliers such as Huawei. However, they said in a joint declaration that EU countries should take into account non-technical factors when assessing 5G network risks, such as the legal framework suppliers may be subject to in third countries. Furthermore, additional efforts beyond standardisation and certification schemes may be necessary to mitigate the risks.  

EUROPE 2 DEC 2019

ETNO CEOs call on EU to focus on new digital services to ensure leadership

The European Telecom Network Operators association (ETNO) has issued a statement signed by the CEOs of its members to emphasise that the extensive use of next generation digital infrastructure as well as the development of new digital services will be fundamental if Europe is to achieve its ambitious socio-economic goals, as set out in the agenda of new EC President Ursula von der Leyen. "Faster, more responsive, more intelligent and higher capacity connectivity with 5G, fibre and other gigabit networks wil

EUROPE 28 NOV 2019

German Chancellor supports European approach to China, 5G security

German Chancellor Angela Merkel has called on members of the European Union to agree a common policy towards China, Reuters reports. A fragmented European policy leads to a mix of "signals" being sent to China, Merkel said, adding that this would be "one of the biggest dangers".  

EUROPE 21 NOV 2019

Enisa releases detailed threat assessment for 5G architecture

The EU's cybersecurity agency Enisa has published a detailed analysis of potential threats to 5G infrastructure. The report is part of the ongoing work by the EU to decide on potential security requirements for the new generation of mobile networks. Enisa said further tools to help operators and authorities determine what action is needed will be published by year-end. 

SPAIN 19 NOV 2019

Spain launches public consultation on 5G security standards

The Secretary of State for Digital Advancement of Spain's Ministry of Economy and Business has launched a preliminary public consultation on its proposal to draft a set of 5G network security standards. In a statement, the government body said the aim of the consultation, which is open until 13 December, is to gather contributions in connection with the security challenges faced by 5G networks and services, above all in view of the technology's role as a "powerful catalyst" of changes in multiple areas beyo

EUROPE 10 OCT 2019

EU member states publish 5G risk assessment

EU member states, with the support of the Commission and the European Agency for Cybersecurity (Enisa), have published a wide-ranging report warning of the risk of increased cyber attacks on 5G networks throughout the continent. Although the EU has until now resisted US pressure to boycott Chinese companies such as Huawei and ZTE, the report highlights the risks to 5G from non-EU state or state-backed actors. "Among the various potential actors, non-EU states or state-backed are considered as the most serio

ROMANIA 19 SEP 2019

Romania plans law on 5G networks security

Romania's government did not single out any state or specific company in its report sent to the EU on security measures for the implementation of 5G in the country, according to Minister of Communications and Information Society Alexandru Petrescu. He was answering questions in Parliament over the government's position on accusations of spying against the Chinese company Huawei, reports Economica.net. 

EUROPE 22 JUL 2019

EU states submit 5G security assessments for Commission to develop common policy

A total 24 of the EU's 28 member states have completed national risk assessments on the security of 5G networks. The European Commission said it will use the input to develop a harmonised approach to 5G networks for the EU by the end of the year. 

NETHERLANDS 3 JUL 2019

Dutch govt plans new supply chain security checks for 5G network operators

The Dutch government has proposed additional security measures for telecom networks, in order to prevent international espionage, the justice minister announced. This follows a report from a special taskforce set up to look at the security risks of new 5G networks. 

EUROPE 26 JUN 2019

Enisa becomes EU Cybersecurity Agency

The EU's networks security agency Enisa will see its name change and powers enhanced when the EU Cybersecurity Act enters into force on 27 June. Enisa will become the European Union Agency for Cybersecurity, with a new permanent mandate to help protect critical networks and information systems in the EU.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.