Top EU technology official still concerned about Beijing’s access to data from Chinese firms

The top official overseeing 5G technology policies for the European Union said on Wednesday he is concerned that Chinese companies are legally bound to share information with the government’s intelligence apparatus back home – a stark example of the high-level resistance confronting Chinese officials as they fight Western attempts to block Chinese tech giants.

Andrus Ansip – one of the European Commission’s five vice-presidents, under President Jean-Claude Juncker – made the remarks in an interview with the South China Morning Post, just a day after Chinese Premier Li Keqiang disputed diplomatic concerns about industrial espionage.

Ansip highlighted the urgency for the EU to complete its assessment of potential security threats, as several member nations plan to issue licences for 5G networks soon.

“Indeed, we will have to deal with risk assessment and the need for action is now; otherwise it will be too late,” Ansip said. “This has an influence on our economy and our democracy.”

“Any vulnerability in 5G networks or a cyberattack targeting the future networks in one member state would affect the union as a whole,” he said.

While these concerns have been raised before, they have become a priority in the last year. Not only have nations begun to plan for their next-generation 5G communications networks, but the US has pressed its allies to keep Chinese tech companies out of their plans.

US seeks to freeze out Huawei from Europe

American officials fear that the Chinese government may force companies such as Huawei, a global leader in 5G technology, to incorporate software code or hardware that would let Beijing spy on the US or its allies and perhaps even disrupt a nation’s power and transport grids in a crisis.

US President Donald Trump banned US government agencies from buying Huawei equipment last year, and US diplomats have pressured European countries not to grant Huawei contracts.

In an attempt to allay such concerns, Li in Brussels on Tuesday insisted that Beijing “has never requested, let alone imposed any laws or regulations requiring, Chinese enterprises overseas to … conduct eavesdropping”.

Ansip, though, cited the specific Chinese law that troubled him.

“As far as we are aware, China’s 2017 national intelligence law includes broad requirements for all organisations and citizens to support, cooperate with, and collaborate in national intelligence work,” Ansip said.

“There are no provisions about limiting the application of these requirements to not apply extraterritorially.”

Ansip also noted what he called a “general context of alleged large-scale espionage and intrusion activities by some entities in China” and called it a relevant concern for the EU.

It is not the first time an EU official has expressed concern about the law, but the very timing of Ansip’s statement – just hours after Li delivered a joint statement with Juncker and European Council President Donald Tusk – speaks volumes concerning the EU’s continued scepticism towards Chinese reassurances.

As China-EU summit ends, Premier Li Keqiang vows reforms

According to that EU-China statement, the two sides recognise that “5G network will provide the basic backbone for future economic and social development”.

“China and the EU welcome progress and further exchanges in the China-EU dialogue and working mechanism on 5G based on the 5G Joint Declaration of 2015, including on technological cooperation between respective business communities,” it read.

Even so, China faces increasing pressure from Western countries – from the US to Poland; from Australia to Britain – amid widespread fears that Chinese telecoms firms like Huawei or ZTE would compromise 5G networks and provide sensitive information to Chinese intelligence.

Ansip, the EU official overseeing its effort to tighten scrutiny on foreign companies planning to build the 5G networks in its member states, is a man on a wire. While acknowledging his own scepticism about China, he still managed to displease Washington when the EU chose not to join the US in banning Huawei.

Why the price of following the US Huawei boycott may be too high

“The European Union has regular policy dialogues in place with the United States on cybersecurity and information security,” Ansip said. “During this type of dialogue, we are discussing the increasing need for global coordination and cooperation, to safeguard an open, stable and secure cyberspace.”

Austria, Belgium, the Czech Republic, France, Germany, Greece, Hungary, Ireland, the Netherlands, Lithuania and Portugal are all preparing to auction 5G licences this year; six other EU countries will do so next year.

According to Ansip, individual EU countries may decide whether they want to ban any company on national security grounds.

While admitting that “a large part of the public debate focuses on China”, Ansip said that the EU was not targeting any specific country or company.

Across the EU, he said, “we have an open market. Everybody who complies with the rules can access it”.

The European Commission in March rolled out a three-step plan in a bid to ensure cybersecurity among EU states.

By June, EU nations will have completed risk assessments on 5G infrastructure, especially when granting rights of use for radio frequencies in 5G bands.

By October, the states will exchange information with each other and complete a coordinated risk assessment.

By the end of this year, they will agree on a set of mitigating measures that can be used at a national level. These can include certification requirements, tests, controls, as well as the identification of products or suppliers that are considered potentially non-secure.

Huawei has welcomed the European approach while strongly rejecting US allegations. The company has launched a lawsuit against the Washington ban.