European Union officials on Tuesday released recommendations for member countries to manage cybersecurity risk stemming from 5G communications networks, declining to embrace a U.S.-led effort to ditch gear made by Chinese telecom giant Huawei.
The EU’s executive body instead asked each member state to conduct a “national risk assessment” of 5G infrastructure by the end of June, and made suggestions “to protect our economies, societies and democratic systems.” The commission wants suppliers and operators of 5G networks to tighten security protocols, and member states to work to develop “EU-wide certification schemes related to 5G.”
5G networks, which Europe has lagged behind the U.S. and China in deploying, promise faster data transfers and greater connectivity. But experts warn they could also introduce greater cybersecurity risk.
“Any vulnerability in 5G networks or a cyber-attack targeting the future networks in one Member State would affect the Union as a whole,” the European Commission said in a statement.
That fact that “democratic processes” increasingly use digital infrastructure and 5G networks make the recommendations all the more important, the commission said. Millions of Europeans are set to participate in the EU parliamentary elections in May.
Huawei, the world’s largest telecom equipment supplier, is expected to play a big role in the deployment of 5G networks.
Washington has exhorted its allies to avoid gear made by Huawei out of concern that the Chinese government could use the equipment for spying or hacking, a charge Huawei vigorously denies. While Australia, for example, has adopted the U.S. hardline against Huawei, other countries, such as India, have opted to embrace the company’s massive market share.
The European Union appears to be taking a middle-of-the-road approach. The European Parliament has passed a resolution noting cybersecurity concerns related to China, but it is up to member countries how they respond to those concerns.
Member states can ban companies from their markets on national security grounds if those companies don’t comply “with the country’s standards and legal framework,” the commission said Tuesday.