Not Trustworthy: Why Austria Needs a Serious Debate on 5G Security Risks
In terms of critical infrastructure, it hardly gets more ‘critical’ than 5G. Not only our communication, but also our future mobility, health care and industrial production will be based on high-speed mobile technology. Therefore, it is crucial that we have a fundamental debate on security risks throughout Europe, including in Austria.
For this debate, it is worth taking a look at Germany. In the Bundestag, various parliamentary groups, including the Social Democrats (SPD), the Greens, the Free Democrats (FDP) and parts of the Christian Democrats (CDU/CSU), are collaborating on a regulation that would lead to the exclusion of high-risk Chinese suppliers, including Huawei and ZTE, from the German 5G network. This measure would thwart the plans of German Chancellor Angela Merkel, who advocates an open-door policy towards Huawei. Her goal is to keep the Bundestag out of the far-reaching 5G decision, and instead use subordinate agencies to put forward Huawei-friendly regulations — against the warnings of the German Secret Service, Ministry of the Interior and Ministry of Foreign Affairs.
On Tuesday, the SPD set a party regulation to exclude network providers who run the risk of unchecked state influence. There is a similar party convention resolution for the CDU, though the parliamentary group is currently quarreling over its implementation.
The underlying rationale for the move by the SPD and others to exclude Huawei is that technical test methods for network providers are insufficient to guarantee their safety. This thinking is in line with the European Council’s conclusions on 5G security — which were adopted at the EU level at the beginning of December with Austria’s support. These points emphasize the importance of non-technical — i.e., political — factors and demand that “components critical for national security only be sourced from trustworthy parties.”
Depending on untrustworthy providers for 5G would be an irresponsible move. Chinese providers are not trustworthy because they are under the direct control of the party state, which could leverage the network against the West in the case of a conflict.
The party state has unchecked control over Chinese companies, regardless of whether they are partly state-owned, as is the case with ZTE, or nominally private. Huawei touts itself as being a strictly employee-owned, private company that acts independently of the party state. That doesn’t quite gel with the Chinese government’s acts as Huawei’s doorstep brigade. The Chinese ambassador in Berlin threatened Germany with consequences in the event of Huawei’s exclusion and in the same breath mentioned the German automobile industry’s high sales numbers in China. And in the case of the Faroe Islands, China made its expansion of salmon imports dependent on the country choosing Huawei.
Excluding Chinese network suppliers would align with the US government’s position, but it would do more to benefit European companies than the US. Huawei’s two main competitors are Ericsson and Nokia — today, their products are technologically equivalent to those of Huawei. In the medium and long term, these companies will depend on a strong home market in Europe in order to compete with Chinese companies, who enjoy the unfair advantage of support by Chinese state capitalism. We can only maintain Europe’s often-invoked ‘technological sovereignty’ if we strengthen European providers of core technologies like 5G.
In the context of the Austrian 5G discussion, these considerations have so far played a lesser role than the fear of electromagnetic waves. To date, there have been no efforts on the part of the Austrian government to establish special security standards for 5G networks. As recently as September, the regulatory authority RTR said that “no risks have been identified that are related to a particular manufacturer or country of origin of network components.”
This blindness has allowed network operators to make their own decisions. Fortunately, Telekom Austria has opted for Nokia — but Huawei is very popular with its competitor, Magenta. Hutchinson Drei even relies on ZTE, which the United Kingdom decided to exclude completely in 2018 due to “risks to national security.” It is absurd that network providers today are de facto the ones making far-reaching decisions about the security of critical infrastructure.
This must change under the new Austrian government. So far, Austrian Chancellor-in-waiting Sebastian Kurz has said little about the issue, but sang Huawei’s praises at a meeting with its top management in 2018. During the election campaign, the Austrian People’s Party falsely claimed that Austria was the first country to roll out 5G nationwide. In Germany, the Greens are among the most outspoken critics of high-risk providers. They warn against becoming dependent on Chinese suppliers who, like Huawei, proudly provide services to the Chinese surveillance state in the province of Xinjiang, which is primarily inhabited by the persecuted Uighur minority.
It is high time for Austria’s Green Party to push Kurz into engaging on 5G during the coalition talks and to initiate a thorough debate on 5G security risks in parliament.
This commentary was originally published in German in Der Standard on December 19, 2019.