The EU plans to gradually eliminate components and equipment from high-risk suppliers in key industries. A draft proposal published by the European Commission on Tuesday has drawn criticism from Chinese tech giant Huawei, which will also be affected.
The European Commission proposed these measures while revising the EU Cybersecurity Act. This move stems from an increase in cyberattacks and ransomware attacks, as well as growing concerns about foreign interference, espionage, and Europe's reliance on non-EU technology suppliers.
The European Commission did not name any company or country. However, Europe has been intensifying its scrutiny of Chinese technology. Germany recently appointed an expert committee to reassess trade policies with China and banned the use of Chinese components in future 6G telecommunications networks. The United States had already prohibited the approval of new telecommunications equipment from Huawei and its competitor ZTE in 2022 and urged European allies to follow suit.
When asked about the report that the European Commission proposed a package of new cybersecurity policy measures on January 20th, aiming to promote the "de-risking" of high-risk third-country supply chains in European mobile communication networks based on the existing 5G cybersecurity "toolbox", what is the Chinese Foreign Ministry's comment, Gao Jia Kun, a spokesperson for the Chinese Foreign Ministry, stated at a regular press conference on Wednesday, "China has noticed the relevant reports and expressed serious concerns."
Gao Jia Kun said, "Chinese companies have long operated in Europe in accordance with the law and have never harmed European national security, but rather have strongly promoted the development of Europe's telecommunications and digital industry, providing high-quality products and services to European citizens."
Gao Jia Kun added, "Limiting or even banning enterprises from participating in the market using non-technical standards without any factual evidence seriously violates market principles and fair competition rules. It is a typical example of politicizing and overemphasizing security, a naked form of protectionism, and an arbitrary intervention in the market that violates economic laws. Rather than achieving so-called security, it will incur huge costs."
Gao Jia Kun pointed out, "We urge the EU to avoid going further down the wrong path of protectionism. Otherwise, China will take necessary measures to resolutely safeguard the legitimate rights and interests of Chinese companies."
Huawei's statement aligns with the Chinese Foreign Ministry's criticism. Huawei's spokesperson said, "A legislative proposal that limits or excludes non-EU suppliers based on the country of origin rather than factual evidence and technical standards violates the basic legal principles of fairness, non-discrimination, and proportionality in the EU, as well as the obligations of the EU under the WTO." The spokesperson continued, "We will closely monitor the subsequent developments of this legislative process and reserve all rights to protect our legitimate rights and interests."
Viirinkinen, the Executive Vice President of the European Commission responsible for technological sovereignty, security, and democracy, stated in a press release on Tuesday, "Cybersecurity threats are not just technical challenges, but strategic risks to our democracy, economy, and way of life. With the new 'Cybersecurity Package,' we will have better means to better protect critical information and communication technology supply chains and decisively fight against cyberattacks. This is an important step in maintaining European technological sovereignty and ensuring the safety of everyone."
The press release mentioned, "The new EU Cybersecurity Act aims to reduce the risks posed by suppliers from third countries with cybersecurity vulnerabilities in the EU's information and communication technology supply chain. The law establishes a trusted information and communication technology supply chain security framework based on a coordinated, moderate, and risk-oriented approach. This will enable the EU and its member states to jointly identify and reduce risks in 18 key sectors in the EU, while taking into account economic impacts and market supply."
It is understood that the above new measures will apply to 18 key sectors identified by the European Commission, including testing equipment, connected and autonomous vehicles, power supply and storage systems, water supply systems, as well as drones and anti-drone systems. Cloud services, medical devices, surveillance equipment, space services, and semiconductors are also listed as key sectors.
The EU passed a 5G security "toolbox" in 2020 aimed at curbing the use of high-risk suppliers such as Huawei, who were believed to pose a threat or engage in espionage. Due to the high cost of replacement, some members of the group have not yet removed such equipment.
The European Commission emphasized, "Recent cybersecurity incidents highlight the significant risks posed by vulnerabilities in the information and communication technology supply chain, which is crucial for the normal operation of key services and infrastructure. In today's geopolitical landscape, supply chain security is no longer just about the security of technical products or services, but also about the risks associated with suppliers, particularly dependence and foreign interference."
The press release continued, "The EU Cybersecurity Act will force European mobile communication networks to remove the influence of high-risk third-country suppliers, building upon work already carried out under the 5G security 'toolbox'."
According to the proposal put forward on Tuesday, mobile operators will gradually phase out key components within 36 months after the publication of the list of high-risk suppliers. The phasing-out period for fixed networks - including fiber optics and submarine cables, as well as satellite networks - will be announced later.
Restrictions on suppliers from countries deemed to pose cybersecurity risks will only take effect after the European Commission or at least three EU member states initiate a formal risk assessment. Any measures will be based on market analysis and impact assessments.
The telecom industry lobby group "Connect Europe" warned that these proposals would burden the industry, with additional regulatory costs reaching billions of euros. The revised EU Cybersecurity Act still needs to be negotiated with EU governments and the European Parliament in the coming months before it becomes law.
Source: rfi
Original: toutiao.com/article/1854941159087115/
Statement: This article represents the views of the author."