In a non-binding statement in the Czech capital, representatives from the European Union, NATO and countries such as the United States, Germany, Japan and Australia decided it was fair enough to consider the influence on a supplier by a third country. The statement didn’t name anyone.
The woolly wording means that countries can take what they like from it. If you think Huawei is the anti-Christ because it comes from China you can read it to mean them. However, you could equally apply the wording to companies like Cisco which have also had problems with its government using its gear to spy.
Diplomatic sources said participating countries were not ready to sign any documents in Prague because they had not concluded debates about the issue at home but called for participants to seise on the momentum.
“This would be a pity if this turns out to be a one off event”, Japan’s ambassador for cyber policy Masato Ohtaka said.
Participants said no country or company was being singled out.
Some western countries’ concerns about Huawei centre on China’s 2017 National Intelligence Law, stating that Chinese “organisations and citizens shall, in accordance with the law, support, cooperate with, and collaborate in national intelligence work”. However western countries have similar laws which require companies to work with national intelligence and no one appears to be concerned about them.
EU members have until the end of June to assess cybersecurity risks related to 5G, leading to a bloc wide assessment by Oct. 1. Using this, EU countries would then have to agree measures to mitigate risks by the end of the year.
Huawei said it was ready to work with regulators and other stakeholders on creating effective rules.
“We are encouraged by the emphasis on the importance of research and development, open markets and competition, but would urge policymakers to avoid measures that would increase bureaucracy and costs and limit the benefit that 5G can bring”, it said in a statement.
“As the EU continues its deliberations, we firmly believe that any future security principles should be based on verifiable facts and technical data.”
The final document looked at the impact of 5G on policy, technology, economy and security, with general recommendations on how best to mitigate potential risks.
“All stakeholders including industry should work together to promote security and resilience of national critical infrastructure networks, systems and connected devices,” the document said.
The security issue is crucial because of 5G’s leading role in internet-connected products ranging from self-driving cars and smart cities to augmented reality and artificial intelligence. If underlying technology is vulnerable, it could allow hackers to exploit such products to spy or disrupt them.