The European Union’s messaging around “high-risk” vendors is increasingly pointing towards a ban on Huawei and ZTE, with mounting pressure on countries that have yet to remove them from their 5G networks. The “EU toolbox on 5G cybersecurity,” a set of guidelines adopted in 2020, initially aimed to encourage EU member states to assess the security of high-risk vendors in their networks.
Nine days ago, EU Commissioner in charge of the internal market, Thierry Breton, publicly called for EU countries to accelerate the replacement of high-risk vendors from their 5G networks. Today’s published progress report turns this sentiment into more overt instruction, highlighting the remaining EU states that have not yet removed Huawei and ZTE equipment from their networks.
The announcement notes that, out of 24 member states, 10 have imposed restrictions and three are working on it, stating: “Member States should achieve the implementation of the Toolbox without delay.” The EU Commission deems Huawei and ZTE to represent significantly higher risks than other 5G suppliers and considers member state decisions to restrict or exclude them as justified.
Breton has once again voiced his concerns about the pace of progress, stating, “Only 10 of [the member states] have used these prerogatives to restrict or exclude high-risk vendors. This is too slow, and it poses a major security risk and exposes the Union’s collective security, since it creates a major dependency for the EU and serious vulnerabilities.”
Breton concluded by urging all EU Member States and telecom operators to take the necessary measures without further delay, indicating that the Commission will implement the 5G toolbox principles to its procurements of telecoms services. While no explicit ban on Huawei and ZTE is in place, the reports, recommendations, and rhetoric effectively result in that.
It remains to be seen if any specific punitive measures are threatened for the remaining EU states that do not comply, and perhaps even the telecoms firms themselves. This situation becomes more complex as Germany, a significant player in the EU, still has a considerable amount of Chinese equipment in its networks.
