EU lacks unity on 5G policies — Court of Auditors

EU countries are not pursuing a unified policy on the security of 5G networks, according to the European  Court of Auditors (ECA).

The news comes at the start last week of a year-long investigation into the security of EU 5G networks by auditors at the ECA.

The auditors say their research has already uncovered evidence of a divergent approach to 5G security among Member States, as well as differences in the timelines for the technology’s deployment on the continent.

According to a series of measures unveiled by the Commission as part of its 5G 2020 toolkit, Member States were responsible for assessing the risk profile of telecommunications providers, with a view to applying restrictions to providers considered to be at risk. high risk.

The toolkit points out that “a particular threat arises from cyber-offensive initiatives by non-EU countries”, in a veiled reference to Chinese telecommunications providers Huawei and ZTE.

“Several Member States have found that certain non-EU countries represent a particular cyber threat to their national interests, based on the previous modus operandi of attacks carried out by certain entities, or the existence of a cyber program offensive of a given third State, against them, ”adds the toolbox.

A progress report on plans, released in July, urged member states to make “urgent progress” to mitigate the risks some high-risk providers pose to 5G telecommunications networks.

Speaking Thursday, January 7, Paolo Pesce, a member of the European Court of Auditors who is part of the team responsible for the 12-month planned review, said that the harmonisation of these security standards across the board Union had not yet taken place.

“Member States have developed and started implementing the necessary security measures to mitigate the risks,” said Paolo Pesce. “But based on the information gathered so far, some Member States appear to be moving at a different pace as we implement this measure.”

Annemie Turtelboom, who is a member of the CEC and who heads the audit, added that the report would seek to probe the compromise that EU nations seem to want to reach when considering security and speed of deployment.

Under the 2018 European Electronic Communications Code, Member States were required to assign frequencies for 5G in the 700 MHz band by June 30, 2020, while for the 3.6 GHz and 26 GHz bands, assignments had to be done before December 31, 2020.

However, it appears that security concerns associated with contracting with various vendors have caused delays along with the coronavirus pandemic.

In a recent example, Sweden had to suspend auctions to allocate its 3.4-3.6 GHz and 3.6-3.8 GHz bands, after telecoms regulators PTS banned the use of equipment from Chinese companies Huawei and ZTE.