The European Commission on Tuesday unveiled its proposal to revamp the bloc’s Cybersecurity Act. The bill seeks to crack down on risky technology vendors in critical supply chains ranging across energy, transport, health care and other sectors.
Though the legislation itself does not name any specific countries or companies, it is widely seen as being targeted at China. 5G suppliers Huawei and ZTE are in the EU’s immediate crosshairs, while other Chinese vendors are expected to be hit at a later stage.
European Commission spokesperson Thomas Regnier responded to the Chinese foreign ministry, saying Europe has allowed high-risk vendors from outside the EU in strategic sectors for “far too long.”
“We are indeed radically changing this. Because we cannot be naive anymore,” Regnier said in a statement. The exclusion of high-risk suppliers will always be based on “strong risk assessments” and in coordination with EU member countries, he said.
China “urges the EU to avoid going further down the wrong path of protectionism,” the Chinese foreign ministry’s Guo told reporters. He added the EU bill would “not only fail to achieve so-called security but will also incur huge costs,” saying some restrictions on using Huawei had already “caused enormous economic losses” in Europe in past years.
European telecom operators warned Tuesday that the law would impose multi-billion euro costs on the industry if restrictions on using Huawei and ZTE were to become mandatory across Europe.
A Huawei spokesperson said in a statement that laws to block suppliers based on their country of origin violate the EU’s “basic legal principles of fairness, non-discrimination, and proportionality,” as well as its World Trade Organization obligations. The company “reserve[s] all rights to safeguard our legitimate interests,” the spokesperson said.
ZTE did not respond to requests for comment on the EU’s plans.