Chancellor Angela Merkel’s policy on 5G has effectively ended efforts in Brussels to create a common European Union (EU) policy on security risk in telecoms infrastructure, according to the Berlin-based think tank Mercator Institute for China Studies (MERICS).
In a October 24 report, MERICS says that Berlin’s decision on Huawei creates a dilemma for the EU. Berlin published its guidelines in mid-October, prepared by the Federal Office for Information Security (BSI), in a move which basically gives the green light for Huawei and ZTE to help build the German 5G infrastructure.
These guidelines came only a few days after the European Commission released its own long-awaited assessment, drafted by the NIS Cooperation Group, which consists of national cybersecurity officials, the Commission and the EU's cyber-agency ENISA.
It said that telecom networks might be more at risk if there is a higher "likelihood of the supplier [of 5G network gear] being subject to interference from a non-EU country" through intelligence legislation, government control of a company's management or a lack of "democratic checks and balances in place" to counter such espionage attempts.
The report will guide the creation of a toolbox by the end of the year, which countries can use to beef up their security requirements for vendors and operators. But the toolbox is voluntary.
While not naming China, the EU Commission’s report clearly adresses the risk from Huawei and ZTE.
According to the MERICS analysis, in contrast the German government has de facto neglected political risks in its assessment of 5G network security, reducing it to a technical matter.
The decision to drop a clause that would have prevented Huawei from supplying components for Germany’s fifth-generation cellular networks, (which MERICS notes reportedly came from Merkel herself) sends an important signal not only to other member states but also to the EU’s allies.
“Large German companies heavily depend on the Chinese market and Berlin has once again demonstrated its determination to put its short-term business interests before Europe’s security and technological autonomy,” said the MERICS analysis. It notes that a group of Parliamentarians led by Foreign Affairs Committee chairman and CDU member Norbert Roettgen strongly opposed the German position.
The guidelines simply require firms like Huawei to sign a self-declaration of trustworthiness with carriers.
The German stance comes in spite of intense pressure from Washington to keep Huawei and ZTE out, citing concerns about intelligence-sharing arrangements with European countries. Poland and Romania have both recently signed memorandums of understanding with the United States which will result in restrictions on the use of Chinese telecoms equipment.