Germany reviews security risks posed by China’s 5G technology

Germany is reviewing the use of Chinese components in its 5G network as Berlin scrutinises its ties with Beijing in the wake of Russia’s invasion of Ukraine.

The federal interior ministry said the government was conducting a review of the security risks posed by components already installed in the country’s 5G networks — and that the authorities were also reviewing whether a change in the law was required.

“In particular, there are risks of misuse with regard to the security, confidentiality, integrity, availability or functionality of these critical telecommunications infrastructures,” it said. “Of course, it is also about not being too dependent on certain providers.”

The ministry added the government was examining the need for a change in the law in order to “better exclude security risks and to be able to reduce dependencies on certain manufacturers”.

It would not confirm German media reports that the government was planning an outright ban on certain parts made by Chinese telecoms giants Huawei and ZTE, which have played a large role in German communications networks.

Germany for years took a more relaxed approach to Huawei technology in its telecoms networks, taking a sceptical view of US claims that the Shenzhen-based company had deep ties to the Chinese state.

It toughened the law two years ago, introducing rules that stopped short of an outright ban but gave authorities the power to refuse telecoms operators the right to use “critical components” of Chinese origin. The move was hailed at the time as an important step in limiting Beijing’s control over critical European infrastructure.

But the federal government last month admitted it had “no conclusive information on the respective percentage ratio of components from Chinese and other manufacturers in German mobile and fixed networks”.

Janka Oertel, director of the Asia programme at the European Council on Foreign Relations, said forcing Chinese vendors to phase out existing equipment “would be something that had been requested by security experts for a while”. Despite those calls, she said, operators continued to deploy Chinese technology “as they seemed to not have expected government action”.

A crucial issue, according to Thorsten Benner, director of the Berlin-based Global Public Policy Institute, was whether authorities would reassess the risks of Chinese technology not only in sensitive “core networks”, but also “access networks” which include masts that broadcast mobile signals.

“It’s unclear how far they will go, [and] what they will classify,” Benner said. “But if they go after most of the access network . . . that would be very far-reaching and an overdue step in my view.”

Berlin was forced to radically reassess the economic and security implications of its deep dependence on Russia for energy in the wake of Vladimir Putin’s invasion of Ukraine.

The harsh lessons learned through that experience, in which Putin halted gas supplies to Europe, have prompted calls for a similar review of its dependencies on China.

Last year, the European Commission repeated a warning against the use of “high-risk vendors” in telecoms networks.

However, deep divisions remain within Olaf Scholz’s three-way coalition government about how far it should go.

China’s government has previously threatened to retaliate if Berlin were to ban Huawei, though Beijing has stopped short of punishing other European countries that have limited the use of Huawei since 2020, such as the UK and France.

The biggest telecoms operator in the UK, BT, said removing Huawei equipment from its core network will cost it £500mn.

German officials have previously rebutted the idea of a Huawei-specific ban, saying that security standards would be applied equally to all vendors, in an attempt to avoid the diplomatic fallout caused by a ban that could be seen as focused on one company.

Huawei said in a statement that it has had “a strong security record in Germany” and that “restrictions [on] a reliable supplier with a strong security record will not make infrastructure more secure”.