A top adviser to the EU’s highest court says member states are entitled to ban Huawei equipment from their telecommunications networks on national security grounds. The non-binding opinion, issued by Advocate General Tamara Ćapeta, marks a significant moment in Europe’s years-long reckoning with Chinese telecoms hardware. A final ruling is expected later this year.
In a legal Opinion to the European Court of Justice, Advocate General Tamara Ćapeta found that “member states may exclude hardware and software from 2G-4G and 5G telecommunications infrastructure on the basis that the manufacturer of that equipment poses a risk to national security.”
However, she added that any such decision rooted in national security must undergo judicial review for proportionality. A risk assessment for third-country manufacturers, such as Huawei or ZTE, may differ from that of EU manufacturers. But it must not rest on “general suspicion”. It must be based on a targeted evaluation of the particular use case.
The Estonian case
In 2022, Estonian telecommunications provider Elisa asked if it could use Huawei’s hardware and software for its 2G to 5G networks. But the Estonian authorities deemed Huawei to be a ‘high-risk’ manufacturer and declined to allow it. A legal challenge followed, leading to the current AG Opinion.
Ćapeta also said that telecom operators do not need to be compensated for replacing Huawei equipment. The exception is if a national court finds the burden ‘disproportionately heavy’. In other words, telco operators should not hold their breath for financial assistance.
You might be interested
The Opinion is not legally binding. But it is a blow for operators wanting to use Huawei equipment, as the court usually follows AG advice. Telecom operators have repeatedly argued that blanket approaches are disproportionate. Not all network elements are equally sensitive, they say.
Paul Maynard, Special Counsel at Covington & Burling specialising in tech sovereignty, says the final ruling—expected later this year—will have significant implications for the European Commission’s proposed revisions to the EU Cybersecurity Act.
Wider implications
“The EU Cybersecurity Act as drafted would — among other things — allow the Commission to require Electronic Communication Network (ECN) providers to remove and cease using components from designated high-risk jurisdictions in their networks,” Mr Maynard said.
He added that Ćapeta found the Estonian regime fell within the scope of EU law. “The requirement to obtain prior authorisation from the Estonian government for use of network equipment constituted a restriction on the freedom to provide an ECN, but that this could be justified on national security grounds if the decision was based on a genuine risk assessment that meets the requirements for proportionality under EU law.”
Member states may exclude hardware and software […] on the basis that the manufacturer poses a risk to national security.
—Tamara Ćapeta, Advocate General, Court of Justice of the EU
Huawei was the manufacturer in this case. But the same argument could apply to others. Ćapeta was clear: “member states may exclude hardware and software from […] telecommunications infrastructure on the basis that the manufacturer […] poses a risk to national security.” Telco companies fear this would cause confusion about which equipment is allowed in critical networks. The final ruling, expected later this year, will determine how far that uncertainty extends.
