Chinese State Security Law forces companies based in the country to “provide assistance with work relating to state security,” a senior Huawei official in Brussels has said, adding however that the company “has never been requested to implement backdoors in its equipment.”
“It is true that Article 77 of the State Security Law sets out an obligation on organisations and individuals to provide assistance with work relating to State Security,” Sophie Batas, director for cybersecurity and data privacy at Huawei Europe told a Brussels event on Thursday (11 April).
However, Batas went on to defend Huawei’s position in the legal framework of Article 77, clarifying that the rules “cannot violate the laws of other countries” and that the law “does not permit the Chinese government to request manufacturers to implement backdoors” in products.
The legislation has long been a source of angst for US counterparts, with government officials citing the legislation as a reason why states shouldn’t do business with Huawei for fear of being subject to cyberespionage campaigns.
Batas said that as a result of the issues raised, the company has looked at the law in detail, adding that Huawei had faced “massive pressure” from the US over these allegations.
In a further statement, a Huawei spokesperson told EURACTIV that the company “respects local legislation wherever we operate” and that “it is crystal clear that all companies operating in China are subject to Chinese legislation, no matter their country of origin.”
EU not so far behind China in 5G
Meanwhile, security concerns from EU member states could lead to a slowdown in China’s 5G advance, a report commissioned by the European Parliament suggests.
Published on Wednesday (10 April), the study, entitled ‘5G Deployment: State of Play in Europe, USA and Asia,’ says there are “political and economic influences on the development of China’s 5G technology that may tend to slow its advance considerably.”
Such influences, the report states, are related to the “lingering security concerns of the EU member states, principally France, Germany, the UK and Poland as well as the USA and Japan” with regards to the key 5G equipment manufacturer, Huawei.
One of the authors of the report, Simon Forge, told EURACTIV that there is an illusion that China is so far ahead of the EU in terms of 5G deployment. “China has more substantial logistical hurdles than us in Europe,” he said. “For example, their indoor coverage is very poor.”
“In addition, we have our own established industry of European 5G chipset design. The narrative that the EU is so far behind in 5G development is not as accurate as many seem to believe.”
However, the study also states that there is a difference in approach between the US and the EU with regards to the concerns surrounding Chinese 5G equipment.
While the US is concerned about the breaking of economic sanctions through the sales of equipment to Korea and Iran as well as the theft of intellectual property, the EU member states “are more worried about the insecurity aspects of its core network equipment, the radio access network and any 5G smartphones.”
Recently, Germany’s Federal Network Agency, BNetzA, established stringent security standards for 5G equipment but did not commit to excluding any particular company without sufficient evidence. BNetzA President Jochen Homann said the “requirements apply to all companies equally.”
Following the German decision, US authorities were said to be “highly satisfied” with their approach, after having previously threatened to cut intelligence sharing with German counterparts should the latter decide to collaborate with Huawei in the development of 5G.
EURACTIV caught up with the US Deputy Assistant Secretary of State for Cyber, Robert Strayer, on Wednesday (10 April) to find out why the US had changed their tune.
“Our international engagement has been very consistent,” he said. “We have encouraged countries to adopt risk-based security frameworks.”
“At this point, we’re looking for governments to adopt security standards like we’re seeing in Germany.”
Strayer added that the reasoning behind his praise for the German move was due to the fact that the country has said they will review for “secrecy of telecommunications and for data protection” and as a result, “when it’s lined up with the Chinese intelligence laws, it’s hard to see how Chinese technology would meet that standard for the protection of data.”
Huawei, meanwhile, has also been forthcoming in their praise for the German approach, which could be used as a model for other EU countries.
A spokesperson on Thursday told EURACTIV that Huawei “welcomes the stringent measures put forward by the Germans” and that the company is “not afraid of high-security benchmarks.”
[Additional reporting by Jorge Valero; Edited by Zoran Radosavljevic]