After the German Bundesrat recently passed the IT-Security Law, things have been looking increasingly grim for Huawei’s expansion in Europe. A patchwork of different national approaches to the Chinese tech giant has emerged across Europe. EURACTIV takes a closer look.
Germany is the last of the big EU economies to regulate the 5G sector. Berlin has long been wary not to alienate China in its handling of 5G, as it feared that a firm stance on Huawei could hamper trade relations, and thereby the access of its precious car manufacturers to the Chinese market.
Chancellor Angela Merkel has continuously fended off the hawks in her own party, who urged the government to take a tougher stance on Huawei.
Germany’s tougher stance
While Germany has long been criticised for its bureaucratic approach in assessing which 5G provider is considered trustworthy, the final version of the IT-Security Law 2.0 added a political layer to the process: the German government now has the ability to veto the procurement from untrustworthy suppliers.
While the law is not a “lex Huawei” per se and does not single out Huawei directly, the message is clear. “Companies that are under the control of authoritarian states are considered to be untrustworthy,” the CDU parliamentarian Christoph Bernstiel told a plenary session of the Bundestag.
Bernstiel did not hesitate to point out Huawei directly: “If the Chinese Communist party continues to act as it has been doing in Hong Kong, in their treatment of the Uighurs, or with their aggressive expansion in the South-China sea, then I highly doubt that we would classify a company that is under the control of the Chinese government as a trustworthy 5G supplier.”
The German approach to Huawei largely followed the guidelines the EU laid out in its Toolbox and risk assessment report for cybersecurity of 5G networks. Both documents were designed to provide guidance in the selection and prioritisation of measures to mitigate potential risks in the European 5G rollout.
While neither document mentioned Huawei directly, it defined the possible interference of third states as one of the main security risks in the 5G rollout.
Such interference, the documents states, is especially likely if the country of origin does not have democratic checks and balances in place, if the 5G supplier has strong links to the government, or if governments are able to exercise any form of pressure on the supplier.
Given that the Chinese National Intelligence Law forces Chinese companies to cooperate with the national intelligence service, these are clear references to Huawei.
But while most EU countries followed the EU guidelines on 5G cybersecurity, the approaches among member states differ considerably.
Scandinavian and Eastern European countries have taken the toughest stance on Huawei.
Sweden has banned the Chinese suppliers from rolling out 5G altogether and gave telecom operators until 2025 to remove Chinese gear from their infrastructure. Denmark followed a similar path. While the Nordic country did not mention Huawei directly, it nonetheless made clear that it would not allow gear from countries that are not considered security allies.
In Eastern Europe, various countries signed memoranda of understanding with the former Trump administration to shut Huawei out of their 5G market.
In the agreements, they pledged to exclude non-trusted suppliers, aka Huawei, from their 5G rollout. Slovenia, Poland, Czechia, Romania, Estonia, Latvia, Slovakia and Bulgaria signed the agreement. Poland and Romania already took legal action.
Other EU countries have taken a different path. While France and Italy didn’t ban Huawei straight away, their governments and cybersecurity agencies have sweeping powers to block the acquisition of Huawei equipment.
In Italy, the government can veto 5G supply deals that are deemed a threat to its national security. In October 2020, the government used this power to block a deal between Huawei and the telecommunications company Fastweb over the acquisition of 5G core parts and asked Fastweb to diversify its suppliers.
The French approach is somewhat similar, but has a greater emphasis on its cybersecurity agency ANSSI. While the French President has far-reaching powers to veto the procurement of 5G parts from high-risk vendors, ANSSI plays a key role in France’s approach.
The cybersecurity agency has restricted the usage of Huawei gear and plans to phase out Huawei gear currently in use by 2028.
A similar route has also been taken in Finland, where the government secured powers to ban the use of 5G equipment from suppliers considered a threat to national security.
The Bureaucrats and the Undecided
Other countries have taken a softer approach.
Spain was cautious not to explicitly ban Huawei and alienate China in the process. Instead, it took a “neutral and independent” approach that is relying on bureaucratic procedures rather than political evaluations.
The decision whether or not to allow the Chinese company to enter the 5G market will depend solely on the level of risk, assessed by Spanish experts. The Spanish Cyber Security Act, which is expected to be approved by summer, will further highlight obligations for 5G providers and suppliers.
Other countries are more hesitant to pass laws that would keep Huawei at bay. But while Portugal, Luxembourg, Austria and the Netherlands haven’t passed any laws so far, telecom providers in Portugal and the Netherlands nevertheless announced not to use Huawei gear in their 5G rollout.
While Huawei has repeatedly tried to challenge these national legislative steps in court, it welcomed the German approach. A Huawei spokesperson told EURACTIV that the company is confident Germany will place general security concerns over political considerations.
Huawei also emphasised that the differentiation between Chinese and European 5G suppliers is arbitrary, as both of its main competitors, Erickson and Nokia, have major production sites in China and are similarly bound by the same Chinese laws.
Huawei, which has its European headquarters in Germany, has received EU innovation funding on multiple occasions, which has sparked criticism in the European Parliament. In a letter to the Commission, numerous MEPs called for putting an end to the funding of the “high-risk” vendor.
[Edited by Luca Bertuzzi/Zoran Radosavljevic]