Welcome to EURACTIV’s Digital Brief, your weekly update on all things digital in the EU. You can subscribe to the newsletter here.
“Unintentional and intentional backdoors will be easier to introduce and harder to detect.”
– Julian King, Security Commissioner, Wednesday 9 October.
5G. The European’s Commission’s bloc-wide assessment of cybersecurity for 5G networks published yesterday stressed that “threats posed by states or state-backed actors are perceived to be of highest relevance,” in what many believe to be a veiled reference to the Chinese telecommunications firm, Huawei.
Oddly, both the company itself and the US government came out with praise for the EU’s measures. The Americans have been lobbying heavily against the Chinese firm, who they say may have embedded backdoors in their software and allows data to be siphoned off to the Chinese state. Gov. Tom Ridge, former US Secretary of Homeland Security and 43rd governor of Pennsylvania said yesterday: “The group of ‘certain non-EU countries’ referenced by the report that represent a ‘particular cyber threat’ to ‘national interests’ identified by ‘several member states’ clearly includes China.” And Nate Snyder, senior counterterrorism official with the US Department of Homeland Security and the Countering Violent Extremism Task Force under US President Obama echoed his compatriot’s sentiments: “The European Commission’s report makes clear that the vulnerabilities facing a Huawei 5G global network are systemic,” he said.
On the other side of the coin, Huawei also praised the EU’s efforts. “We are pleased to note that the EU delivered on its commitment to take an evidence-based approach, thoroughly analyzing risks rather than targeting specific countries or actors,” a statement from the firm read yesterday.
Earlier this week, EURACTIV’s Alexandra Brzozowski caught up with the new chief of ENISA, the EU’s cybersecurity agency, Juhan Lepassaar, to find out more about the nature of the EU’s 5G risk assessment. ”
“Countries are in different situations when it comes to the rollout of 5G, when it comes to the vendors that they use, when it comes to the set up and architecture of their current systems,” Lepassaar told EURACTIV. “Clearly there is no single way of approaching it. Yes the national risk assessments are different, but there is also an element of commonality in all of them and this is what the EU risk assessment actually reflects these elements of commonalities.”
Amid the coordinated efforts at an EU level to find a common approach in the field of 5G security, member states are starting to rally the importance of the technology more generally. On Wednesday, the Greek State Minister responsible for digital governance issues Kyriakos Pierrakakis addressed the Athens Forum on upcoming priorities, and revealed that “a tender for the basic range of 5G networks will be held at the end of 2020.”
Meanwhile, on Monday, the Romanian Minister of Communications and Information Society Alexandru Petrescu said that the implementation of 5G technology in the country will start in 2020. The timing of his announcement was interesting, coming just weeks after Radoslaw Kedzia, Huawei vice-president for the Central and Eastern European region, arrived in Romania to discuss with officials about a potential ban against the Chinese company in the auction for 5G frequency bands.
JOUROVA. Commission hearings have continued this week. On Monday, Věra Jourová, the incoming Commissioner for Values and Transparency, fielded questions from MEPs. She plans to work on a number of key areas in the upcoming mandate, such as reforming the appointment of EU officials to top positions, as well as looking at how the Spitzenkandidaten system could be improved. She also assured MEPs that she will do her best to ensure compliance with the rule of law throughout the EU, as well as safeguarding media freedom – with the idea of establishing legal aid for journalists who come under fire. Safeguarding fundamental rights will also feature heavily in her portfolio plans.
VESTAGER. Elsewhere, Denmark’s Margrethe Vestager obtained the seal of approval from European Parliamentarians on Tuesday evening (8 October), after a hearing in which she rallied the importance of improving the EU’s digital transformation as well as the bloc’s green initiatives. She was grilled on a number of pressing digital concerns during Tuesday’s hearing, including on rights for platform workers, Artificial Intelligence and Ethics, and data protection standards.
Interestingly, on the EU’s high data protection standards, Vestager conceded that the rather tough regulatory framework that the EU yields as a mark of quality, may come to hinder the development of innovative technologies in the future.
“Data can work as an asset for innovation but also as a barrier to entering,” Vestager said in response to a question from Greek MEP Eva Kaili, adding that in particular, “this is critical to when it comes to AI.”
GOULARD. Yes, the Internal Market Commissioner Designate was summoned to appear back in front of MEPs today. A series of mishaps overshadow her potential appointment in the Commission, including receiving money from a US-based think tank and questions regarding overpayments to a former employee of hers in the European Parliament. In terms of Digital issues, at the time of writing, Goulard responded to a question from Renew’s Dita Charanzová on the Commission’s plans for a Digital Services Act – a far-reaching and ambitious regulatory framework that seeks to govern the online ecosystem. Goulard told Parliamentarians that the EU should modernize the 2000 eCommerce directive, but that country of origin and liability principles should be maintained.
DOMBROVSKIS. One thing that stood out for me during the incoming Economy VP’s hearing were the comments on a new strategy for the FinTech industry. The Latvian candidate said Europe needs a common approach on crypto-assets, such as Libra, and that he intends to propose new legislation in this area.
OCED’s DIGITAL TAX. Yesterday, the Organisation for Economic Cooperation and Development (OECD) today published its proposal for reforms related to digitalisation. A public consultation is due to run until November 12. The OECD aims to achieve overall consensus by the end of 2020. EURACTIV caught up with the Director of the OECD’s Directorate for Science, Technology and Innovation (STI), Andrew W. Wyckoff, who said that member states of the OECD establishing their own rules on digital taxation, such as France, is not the best route to go down, because in reality “there is no such thing as a digital sector, the whole economy is digital.” He added that “a lot of tech companies want to see one global rule. They want one set of policies that they can optimise.”
Indeed, Wyckoff seems to be on point here. EURACTIV heard from Christian Borggreen, Europe’s Vice President for the Computer & Communications Industry Association, who said that he agrees that “countries should not seek any unilateral taxes that would risk derailing global tax reform and ‘damage global investment and growth.”
ARMENIA. One country that is looking to go in another direction entirely on digital taxation, sits on the EU’s eastern borders. Armenia. This week, I’ve been attending Yerevan’s World Congress on Information Technology, where the country has been rallying the benefits of doing business with the tech world, following a revolution in the country last year. Deputy Education Minister Anapiosyan told EURACTIV on Monday that the notion of a digital services tax for Armenia – an additional levy for tech firms operating online – was “definitely not a priority” for her country.
In addition, members of the Black Sea Economic Cooperation group convened on Monday, in a bid to support the rollout of innovative technological solutions in the region. Moldova’s Economy Minister, Vadim Brinzan, said IT companies are afforded the benefit of “separate tax environments” in his country. Stay tuned for my full write up of developments in Armenia and Europe’s east in terms of the coming technological revolution.
IRISH DPC ‘DISAPPOINTED.’ News broke yesterday that the Data Protection Commission, tasked with dealing with some of the most high profile data breaches in the EU, received less than a third of the additional funding it sought in Budget 2020. The news led the Data Protection Commissioner, Helen Dixon to say that the DPC was “disappointed” at the lack of funds.
FIGHTING TERRORISM. On Monday, participants of the 5th EU Internet Forum, hosted by Commissioners Avramopoulos and King, committed to an EU Crisis Protocol – a rapid response to contain the viral spread of terrorist and violent extremist content online. Services providers such as Facebook, Twitter, Google, Microsoft, Dropbox, JustPaste.it and Snap all jumped on board.
On my radar. At the time of publishing, it appears that Goulard will not have the necessary majority and may well be rejected, in which case Emmanuel Macron will urgently have to put forward a new candidate for the same portfolio. The European Parliament is due to vote on the entire von der Leyen Commission on 23 October.
Inevitably, the European Council on 17-18 October, will be in the focus next week as the (short-term) fate of the United Kingdom needs to be decided ahead of the 31 October Brexit deadline. A messy no-deal exit would seriously disrupt all aspects of life and business, including connectivity, security, transport and digital.
What else I’m reading this week:
Cybersecurity represents one of the greatest challenges that companies, individuals, national governments and supranational organisations currently face. The technological devices that citizens use daily could be at risk of potential cyber-threats due to insufficient built-in security safeguards. EURACTIV invites you to a high-level stakeholder Forum on December 10 to discuss the EU’s progress on cybersecurity, the possible future mandatory nature of the Act, and the challenges the new Commission will face.