Expert Speak Digital Frontiers
Published on Feb 05, 2020

If Europeans do not support more directly their participants in this race, they risk being taken over by third party contenders or IT giants deciding to enter as 5G providers.

EU and 5G: Between alliance and availability

5G is a shining example of why the European Union fulfills a useful and irreplaceable role. This role is bounded, of course, by the competences of member states, and the interaction between the two levels (national and supranational).

5G is one of the five priority areas under the 2018 Digitising European Industry Initiative. The European Commission had recognised the potential of 5G as early as 2013, and launched a public-private partnership which aims at collecting €700 million EU funding and €3 billion private investment by 2020 towards research and innovation in 5G technology. These figures sound less impressive once one realises that China is said to currently commit between $180-200 billion to its 5G network development until 2025, with 300,000 base stations planned by the end of 2020, and 50 cities already running trial networks. <1>

The two key reasons for the EU’s financial constraint are the absence of a common telecommunications market and, paradoxically, the very success of Europe’s domestic competition policy in this area. Unlike the United States or China, where two to three telcos dominate, the European mobile network scene is broken up by country and among multiple actors in each member state. Rules and certification processes differ by country, which also means that some member states with smaller markets are unlikely to manage security issues associated with 5G. At the same time, the Commission has successfully encouraged competition, resulting in a mostly free roaming environment across the EU for voice, and now data. If one counts virtual operators, there are almost 190 companies in the field. Average revenue per user is very low, and all this is hugely advantageous to consumers, who pay perhaps half, or even less, of what US subscribers pay and for mostly better services. The end of roaming charges across Europe is often cited as an achievement of the outgoing Commission.

Unlike the United States or China, where two to three telcos dominate, the European mobile network scene is broken up by country and among multiple actors in each member state.

Meanwhile, member states have not forgotten that the sale of wavelength bands can be a major source of public income. For example, both Germany (in spite of a large overall public budget surplus) and Italy (which has a high level of remaining public debt) have already auctioned off frequencies for billions of euros. France is taking a middle-of-the-road approach with a controlled auction system that should limit final prices. Only three Nordic countries (Finland, Sweden, and Denmark) are devising a common cross-country 5G infrastructure that has yet to be implemented.

The issue of security and trust in the supplier is forcing a rethink. Within existing 3G and 4G networks, two Chinese companies — ZTE but mainly Huawei — have come into the limelight for a number of reasons. They offer integrated solutions and they are supposed to be cheap (although it is sometimes said that downstream costs push the actual price upwards after a while). Whether their initial low price is due to large state subsidies and financing from China and from the economies of scale in China’s huge domestic market, or whether, as is the case now for Huawei, the success of smartphone sales provides a large source of financing, these Chinese suppliers may seem inevitable. In Poland, Huawei won a share of the telco market with a massive loan from the China Development Bank. In Sweden, home of Ericsson, telcos have nonetheless chosen Huawei for most of their mobile networks up to now. Germany also has a large share of Huawei equipment on its networks.

Yet globally, Huawei’s lead is less obvious: in 2017, it had a 28% share of the global market, but Ericsson followed at 27%, Nokia at 23%, ZTE at 13%, with Samsung (rising as a 5G provider) at 3%. <2> Importantly, all of them are dependent on hardware components from US, Taiwan, and Japanese companies. Furthermore, American companies in tandem with Japanese firms are leaders in achieving 5G solutions that favour virtual and cloud components, eventually coupled with open source.

More than any other global company, Huawei has also sent personnel to participate in the definition of 5G standards, both in Brussels at the EU and in Geneva at the International Telecommunications Union (which is currently headed by a Chinese national). At the same time, the security of its operations is being actively questioned for several reasons. Many cite a high number of potential backdoors as well as delays in responding and inadequate responses to vulnerabilities identified. <3> Another concern raised is the opacity of ownership structures that are in theory vested with the company’s local branches. In France, the recruitment of former military or police personnel as well as links to some politicians have been noted. There have been allegations of personnel with links to China’s Ministry of State Security and armed forces units. Claims of spying (such as in Poland, where the case is currently under investigation, or at the African Union headquarters, without clear final determination) also increase suspicions.

Yet globally, Huawei’s lead is less obvious: in 2017, it had a 28% share of the global market, but Ericsson followed at 27%, Nokia at 23%, ZTE at 13%, with Samsung (rising as a 5G provider) at 3%.

Given increased security concerns regarding 5G networks, which will be tied to daily life as never before, and strong determination against the Chinese company by four of the Five Eyes countries (with the UK as yet undecided), Europeans are faced with difficult choices. Also to be considered is the issue of Ericsson and Nokia’s market share in China: it is in relative decline, but in an overall expanding market, and the two companies avoid direct comment on their Chinese competitors. However, they do claim to be more advanced than Huawei in terms of early European 5G contracts.

The fragmented nature of Europe’s telecom market and the small size of some national markets mean that security assessments can only be performed by larger states, or in a cooperative process at the EU level. This is exactly what the Commission has undertaken, with a detailed enquiry on member state perceptions and practices, and a preliminary report on risk assessment in early November 2019. The final report was due by December 15 but has not come out as of the time of this writing; the change-over of the Commission, but also political considerations might be at play.

Like some national pronouncements from France, Germany, and the UK, the report does not target any company. But its content leaves little doubt that beyond the issue of verification and the burden of proof for any alleged wrongdoing, a primary criterium is that of trust — analogous to the American definition of “trusted vendor.” It cites four risks from suppliers outside the EU: links and dependence on a government; that government’s legislation and resulting obligations to companies; the company’s corporate structure; and the forms of pressure available to the third country on manufacture. All four criteria fit the commonly agreed picture of Huawei, even if the company would deny that picture. Separately, the EU intermediary risk assessment strongly recommends relying on several rather than a single supplier. The recommendation also does not favour Huawei because it has tended to sell closed systems with unitary solutions for updating, with therefore a large opportunity cost if one changes provider. Finally, it is clear that the risk of cybersabotage — by remote control through components or backdoors — looms even larger than that of spying.

Given this situation, the larger member states have crafted new regulations or laws that do not single out companies or third country suppliers, but that set criteria for accepting or rejecting the participation of suppliers to their telecommunications networks. This applies especially to the 5G network (there has also been discussion in the UK of a rollback for existing 4G networks). The rules are meant to be non-discriminatory, but they leave a fair amount of decision power to governments — which means that their decisions will ultimately be discretionary. These measures also stop short, as of this date, of an outright ban on supplies from certain companies, as has been instituted by the US.

The fragmented nature of Europe’s telecom market and the small size of some national markets mean that security assessments can only be performed by larger states, or in a cooperative process at the EU level.

This does not end the debate, which is currently most active in Germany. On returning from her trip to China in September, Chancellor Merkel has declared that no supplier would be excluded on account of its nationality. Another statement posited that a declaration of trustworthiness could be made by a supplier. She has also brought up the recurring issue of developing European cloud services to cut dependence on American companies, implying that this may be more important. Yet, the investment needed to achieve this would be even larger than that needed for 5G. Public debate has become agitated, including inside the German government.

In a broader perspective, the 5G dilemma is strongly linked to industrial policy, support to innovation, and economic sovereignty. The traditional European approach has often involved subsidies and so-called “national champions,” both of which are contested by advocates of open market and access to global innovation. Yet, the key European 5G companies originate from Finland and Sweden, and not from the larger member states. Will they get as much support to become “European champions”? There are huge arguments to favour this course — all the more so because the US 5G market will also be huge, and competition from state-sponsored Chinese companies in third countries is intense.

To this writer, it seems clear that if the Europeans do not support more directly their participants in this race, they risk being taken over by third party contenders or IT giants deciding to enter as 5G providers. It also seems clear that the virtualisation of networks, coupled with cloud solutions and radio access networks, open source software, and point-to-point encryption are better solutions than a large reliance on core and edge hardware. While European firms have a good position in hardware and integration, American companies have a lead in software solutions. This requires a thoughtful cooperation among like-minded parties. The American call for security has a strong basis, but it should be matched by cooperation to arrive at common solutions, including verification and criteria for trusted suppliers. Given the need for careful negotiation and reliable security safeguards, the EU has a large role to fulfill over and beyond the capability of each member state and existing telcos.


<1> Figures aggregated from various Chinese sources in 2018-2019. For overall investment estimate, see https://baijiahao.baidu.com/s?i d=1652811582557559391&wfr=spider&for=pc

<2> Data from market research firm IHS Markit.

<3> For instance, a report from a British oversight group found that flaws in Huawei’s “basic engineering competence and cyber security hygiene.” Huawei Cyber Security Evaluation Centre (HCSEC) Oversight Board, Annual Report, March 2019, https://assets.publishing. service.gov.uk/government/uploads/system/uploads/attachment_data/file/790270/HCSEC_OversightBoardReport-2019.pdf

The views expressed above belong to the author(s). ORF research and analyses now available on Telegram! Click here to access our curated content — blogs, longforms and interviews.

Author

Francois Godemont

Francois Godemont

Read More +

Contributor

Franois Godement

Franois Godement

Franois Godement is senior advisor for Asia at the Institut Montaigne Paris.

Read More +