Trend Assessment: Security concerns and growing regulatory pressure delay 5G rollout in Europe

Introduction 

Ongoing tensions over the rollout of 5G networks in Europe will continue to cause friction among EU countries, threatening to delay the development of a revolutionary technology.  

The revolutionary potential of 5G technology

Much has been written about how 5G networks will revolutionise many aspects of modern life. From supporting autonomous vehicles to increased automation at factories, 5G development will help optimise and vastly improve existing industrial processes. By enabling greater connectivity, 5G technology will allow internet users to simultaneously access billions of devices. 

The political dimension of 5G development in Europe

Growing politicisation has become a key feature of the roll-out of 5G networks across many EU member states. Domestic intelligence agencies in Europe are concerned over the security risk governments could face if they allow companies with links to foreign states to play an important role in the process. Allowing potentially hostile state actors with backdoor access to critical national infrastructure and sensitive information on smartphones with 5G compatibility could pose a significant risk to individuals, businesses, and government agencies. The debate has largely centred on Huawei, which has been under growing scrutiny in many countries in the West due to its alleged links with the Chinese government. 

Part of the reason why Huawei has been targeted is because its founder, Ren Zhengfei, served in the People's Liberation Army (PLA) before forming the Shenzhen-based company. A report by Bloomberg in June, claiming that Huawei employees worked with military personnel in China on research projects, has fuelled existing claims over close links between the company and the country’s security apparatus. A spokesman for the company denied the allegations that Huawei worked with any PLA-affiliated institutions. In the US, authorities have banned Chinese companies, including Huawei, from working on critical telecommunications infrastructure. Moreover, on 15 May the US Commerce Department announced that it had banned Huawei and 70 affiliate companies from acquiring technology and components from US-based companies without prior authorisation from Washington.

Compared to the US, the UK has maintained a more measured approach towards the roll-out of 5G technology. The National Cyber Security Centre, a UK government agency, in February concluded in a report that the risks posed by using Huawei components in telecommunications infrastructure can be managed by governments if they take some necessary precautions. In April, the government decided to allow Huawei to provide non-core technology such as antennas, but the company would be banned from supplying core parts of the network. As the UK is seeking to position itself as a leader in digital infrastructure, allowing access to foreign businesses with expertise and competitively priced products is an integral part of its strategy. Even so, some operators such as BT – the UK’s largest telecommunications provider – have voluntarily taken steps to limit the company’s role in providing material for technology infrastructure. The moves indicate that some operators are prioritising security concerns over other considerations, including financial incentives, by obtaining competitively priced products from foreign vendors. 


EU countries have been reluctant to impose a US-type ban on Huawei in part due to concerns that it would risk delaying the network’s roll-out in Europe, which has already fallen behind the US and China. GSMA has expressed concerns that a ban on Huawei and ZTE, another Chinese telecommunications provider, will add EUR55 billion more to the cost of developing 5G networks, and could delay the technology for about 18 months in the EU. Ultimately, preventing Huawei from involvement in 5G development will consolidate the market for European providers. In turn, this could push up prices due to a lack of competition.

The reluctance is also due to the lack of a EU-wide consensus about Huawei’s role in developing 5G in the continent. France and Germany – despite US pressure – have resisted calls to ban the Chinese company. Like the UK, the Netherlands has indicated it will prevent Huawei from building core infrastructure but it could still be able to supply less sensitive equipment to the country. In January 2019, officials in Poland indicated that the government was prepared to exclude Huawei from 5G networks, after one of the company’s employees was arrested on spying allegations. In March 2019, the European Commission (EC) recommended a common approach among EU members on security considerations and 5G, while also setting out a series of operational measures. Under these, each EU member state was requested to complete a risk assessment. This will consider technical elements and assess the risks from providers, including from third countries, of 5G network infrastructure by the end of June 2019. According to an EC statement on 19 July, most member states (24) had submitted national risk assessments. These measures also give each member state the right to exclude a company from the process on national security grounds. The assessments will be integrated into an EU-wide framework, which will be completed by 1 October.

Despite the lack of an EU-wide consensus, some member states have taken steps to enhance their ability to limit the involvement foreign companies could have on 5G infrastructure on national security grounds. On 12 July, the Italian government – through an urgent legislative decree – strengthened existing powers to intervene in the private sector on national security grounds over concerns linked to the potential involvement of Chinese firms in the development of 5G networks. Similarly, the French government passed a law through parliament in July that will require operators to obtain formal permission from authorities over the use of equipment for 5G networks.  

Beyond 5G, Huawei’s involvement in public contracts has faced scrutiny elsewhere in Europe. In January, tax authorities in the Czech Republic excluded Huawei from a public tender to develop an online portal for filing returns. Even though the company was the favourite for the EUR20 million tender, the move followed a warning by the National Cyber and Information Security Agency (NCISA) – the country’s cyber watchdog – in December 2018 warning network operators and government departments against using Huawei and ZTE. While the move did not lead to an outright ban on the companies, it meant that around 160 public and private entities with interests in critical infrastructure had to conduct risk audits relating the use of equipment supplied by Chinese vendors.