In January, the UK announced that Huawei could provide equipment for the 5G network, and in response, the US threatened to downgrade the UK’s access to its intelligence. But is it risky to give the Chinese firm access to our infrastructure?
Between the Internet of Things and smart cities, we expect half a trillion objects to be connected by 2030, from streetlamps to autonomous cars, factories and clothes. The overwhelming majority will rely on 5G and its successor, making wireless technology essential to our daily life, our security, and economy.
British internet providers are already upgrading their networks alongside existing 4G hardware. On the consumer side, the first 5G-capable smartphones hit the market last year, and the UK has allowed Huawei to help build ‘non-core’ parts of the 5G network.
This has been met with concern, because China seems to be building a surveillance state that is tracking, ranking and controlling its entire population. The fear is that the Chinese government could leverage that data flowing through the parts of the network they build to expand its propaganda and censorship regime beyond its shores.
For example, in early February, the US Department of Justice charged four members of the Chinese military of hacking into the Equifax credit agency in 2017 and stealing the data of 145 million Americans.
A matter of values
Pervasive connectivity of the Internet of Things raises security and human rights concerns, as the confidentiality of citizens’ data may be at risk. Back in 2007, local authorities in Estonia removed a Soviet-era statue; in response, Russian servers paralysed the Estonian banking system.
Similarly, if there was a diplomatic or military crisis between Chinese and European powers – whether about Taiwan, Hong Kong or the Uighurs – Huawei may not be able to resist pressures by the Chinese government to disrupt public transportation, industry, or energy grids in Paris, Berlin or London.
A matter of trust
To alleviate the UK government’s concerns, Huawei opened its source code to selected experts in 2010. So far, audits have revealed poor software engineering practice rather than malicious intent. However, manufacturers can always remotely update the software running on these platforms.
Usually, this is done to improve performance, introduce new features or fix vulnerabilities. Yet, they could be used to covertly introduce back door access, as well. This is particularly critical for 5G platforms, due to their dependence on software configurability.
At best, it is possible to balance these risks by diversifying providers and segregating virtual networks depending on their sensitivity. Even then, the UK National Cyber Security Centre states they are only able to provide “limited assurance” that the risks of embracing Huawei solutions could be mitigated. It is thus a matter of trust and risk balancing.
A matter of fair competition and strategic vision
One of the reasons why Europeans are facing difficult policy decisions is down to under-investment in research and development of 5G.
Huawei has become one of the largest telecommunication companies, with tremendous financial capabilities. Huawei spends a third more on 5G research and development than its European competitors, Ericsson and Nokia, combined.
In early February, France, Germany, Italy and Poland asked the EU Commission to push back against what they deemed to be unfair competition from both US and Chinese firms. But Europe’s weakness on 5G, and new technological development more widely, cannot only be attributed to skewed competition. It is as much the result of a lack of strategic vision and industrial policy.
If anything, this controversy emphasises the importance of political will. Without it, in the UK just as elsewhere, market forces are likely to take precedence over considerations of sovereignty or strategic autonomy.