The functioning of the EU single market itself could be at risk, warn auditors. Copyright (c) 2017 Ivan Marc/Shutterstock.

The functioning of the EU single market itself could be at risk, warn auditors. Copyright (c) 2017 Ivan Marc/Shutterstock.

Member of the European Court of Auditors Annemie Turtelboom on Monday presented a special report highlighting the delay in the deployment of 5G in Europe, the vagueness around the quality of the service provided and the gigantic problem of security for the new network.

5G in the EU will tie every single member state together in one interconnected network. This will, of course, as is the aim, improve connectivity and create potentially endless opportunities for business, as the 4th industrial revolution picks up steam: the internet of things is but a step away now. But is having a kettle that can talk back to you worth it?

Big business and the commission think so. A €1trn financial boost to the EU’s GDP between 2021 and 2025 helps to rationalise this implementation. There is also hope that it will revolutionise the efficiency and our daily lives in mobility, manufacturing and agriculture. 20 million jobs will potentially feel the effects of this new network.

“Across the EU, up to €400 billion will be spent by 2025 on developing 5G networks to support the future economic growth and competitiveness. But with many Member States lagging behind, the EU is still far from reaping the benefits 5G offers,” said Turtelboom, the member of the European Court of Auditors responsible for the report. “Moreover, Member States’ approaches towards 5G security, and in particular the need for concerted action, remains an issue of strategic importance for the EU’s technological sovereignty and the single market.”

5G and data protection

Yet, Turtelboom, when discussing the possibility of an interconnected EU network being hacked, said that maleficent actors would be able to seize control of critical infrastructure, such as the power grids, and disrupt services and compromise its core functions. Not for one country, but for the entire European economic and political bloc. “This means that any cyber-security incident involving 5G networks in one member state would also affect other member states and ultimately the EU as a whole.”

To add to the security woes, all Member States are not on the same page when it comes to 5G security. The court of auditors lamented the “low visibility” of such decisions, which results in a wide margin of scope for implementation.

There are serious concerns about the data protection of EU citizens. The commission has put together a ‘toolbox’, which was adopted in January 2020. Nevertheless, this came too late for a number of mobile network operators which had already selected their vendors.

The ‘toolbox’ is described as ‘softlaw’ ie, it is merely a recommendation that does not need to be adopted by law. This was done to fast-track the implementation of 5G.

There is also no clear definition of what could be a ‘high risk’ vendor.

According to figures at the end of 2019 relating to the current 4G network, two out of three people in the EU used telecommunication devices based on Chinese vendors. That is 286 million people or 64% of the EU’s population.

In 2015, the EU signed a joint declaration with China on strategic cooperation on 5G, committing to reciprocity and openness in terms of access to 5G networks research funding and market access.

EU data law does not affect China. Not only that, but as outlined in the report, China in 2017 adopted a national intelligence law stipulating that all Chinese organisations and citizens must collaborate in national intelligence, with safeguards on secrecy. In effect, imagine that all industry and technology development in Luxembourg was an extension of The State Intelligence Service of Luxembourg. This is why the USA took actions to limit the operations of several Chinese companies, including Huawei, a key 5G vendor.

In March 2019, the European Parliament also expressed concerns that Chinese 5G vendors might present a security risk for the EU due to the laws of their country of origin.

The court of auditors has said there is no agreement or study on cross-border issues by the commission and has recommended that it should be investigated. A study is expected by the end of the year. The functioning of the EU single market itself could be at risk, warn the auditors.

Large investments are also involved, as between 2014 -2020, over €4bn has been invested into supporting the development of 5G from the EU budget and the investment bank. Total cost of implementation is estimated to reach €400bn, Turtelboom says, who adds that “the bulk of this investment needs to be financed by mobile network operators.”

Only 11 states are likely to hit the 2025 deadline set out by the commission to have 5G implemented in all urban areas. By 2030 the commission wants the network to cover the entirety of its rural territory. Luxembourg was not mentioned as being likely or unlikely to hit the target.

Complications

However, on top of the glaring security issues, the court of auditors has also found that there are no guarantees on the quality of network. Some member states may benefit from higher or lower quality when it is rolled out. There is no explanation for this.

Furthermore, there are bandwidth implications. In Europe, Belarus, Ukraine and Russia are using 5G bandwidths for TV broadcasting and military use, Turtelboom mentioned during the press conference, “and these pioneers bands were supposed to be used in Europe for the 5G network and exclusively for the 5G network.”

There has been no investigation into the potential health impact of the 5G network, as this was deemed beyond the scope of the court of auditors report.