At the Cyber Security Coalition’s Goodbye Summer Event, Mykyta Petik, PhD researcher at KU Leuven, shed light on the non-technical aspects of 5G. Using quite provocative statements, Mykyta initiated a discussion about the legal challenges related to stakeholders in 5G networks within Europe.
“The European Union is not a key player in 5G; rather, it is being played”
Mykyta Petik opened his presentation with a bold metaphor: “If we say that artificial intelligence is the brain, then 5G is the bloodstream.” 5G mobile networks will be the central conduit for data flow within a few years, barring unforeseen global events. “5G and other emerging technologies will be responsible for processing data and running the network, thus forcing law, politics and policy to be intertwined.” Mykyta continued by providing a legal and political perspective on the development and potential future of 5G.
Global significance and economic implications
Research shows that Europe is losing importance on the global IT-network scale. “5G is one of the first technologies where the European Union does not function as a leader. Currently, the top three owners of 5G patent families are China (39.9%), the United States (34.6%) and South Korea (9.2%), followed by Japan (8%) and then the European Union (3.9%),” Mykyta illustrated.
While the US is poised to reap significant benefits from 5G, China’s claim to more base stations, infrastructure and equipment might not translate into substantial gains. “This technology has become a major arena of competition, primarily between the US and China, with the EU trailing behind. The lack of cohesive and consistent legislation for 5G in the EU is bewildering.”
EU’s key legal issues
Legislation within the EU is often a time-consuming and troublesome process. For instance, some argue that the EU lacks the authority to regulate cyber security within its member states. While the GDPR is a Union-wide measure, signifying European competence in regulating personal data protection, the same level of authority does not extend to cyber security. “EU officials contend that cyber security is crucial to the digital market, justifying their regulatory role. The member states, however, are not eager to give away national security control to a higher level.”
Another big challenge to tackle is the fact that the EU does not categorise mobile networks and 5G as critical infrastructure, leaving the member states without special protection or added security. “Consequently, anything channelled through 5G may become vulnerable to hackers,” Mykyta explained.
EU actions and aspirations
To prevent Europe from completely falling behind, the European Commission launched an ambitious plan in 2016 to bolster 5G infrastructures and services deployments across Europe. “The 5G action plan is a strategic policy document that shows the ambition of the EU to regulate 5G on the Union-level. It aims to counterbalance the influence of the US and China, but requires unwavering commitment from all stakeholders, making its success highly uncertain.”
Another tool created to reach out to the member states is the EU toolbox for 5G security, which offers a comprehensive set of measures for an EU-coordinated approach to secure 5G networks. However, specific implementation instructions are notably absent. “For now, it’s the responsibility of each member state to implement it, without any clear regulations or standards. Therefore, I say that the EU’s role in 5G geopolitics is passive; it is being played rather than being a key player themselves”, Mykyta dared to express.
The European Union is actively working towards enhancing security prerequisites, imposing supplier restrictions, striving for standardised security objectives, and formulating comprehensive EU-wide certification frameworks. “However, its complex legal landscape generates a risk that the European Union may not assume a leadership role and could find itself lagging behind in this dynamic and fiercely competitive 5G arena”, Mykyta Petik, researcher at KU Leuven, concludes.