Europe cools internet monopoly rhetoric

Almost every politician around the world is currently using Silicon Valley as a metaphoric punching bag, but the European Commission will not be drawn into the monopolies debate.

While 2020 Presidential hopeful Elizabeth Warren has painted a target on the backs on the internet giants, Europe has once again proven it will not be drawn into making such short-sighted and shallow promises. Warren is effectively warming up for the world’s biggest popularity contest, and perhaps hasn’t considered the long-term realities of the dismantling of companies such as Facebook and Google.

Speaking at the South by Southwest festival in Austin (thank you Recode for the transcript), Margrethe Vestager, the European Commissioner for Competition, made a very reasonable and measured statement.

“We’re dealing with private property, businesses that are built and invested in and become successful because of their innovation,” said Vestager.

“So, to break up a company, to break up private property, would be very far-reaching. And you would need to have a very strong case that it would produce better results for consumers in the marketplace than what you could do with sort of more mainstream tools.”

Vestager’s point is simple. Don’t punish a company because of its success. Don’t make rash decisions unless there is evidence the outcome will be better than the status quo. While the fence is proving to be very comfortable, it is a logical place to sit now.

Following up with the European Commission press team, Telecoms.com was told the Commission does not have an official position when it comes to breaking up the internet monopolies. Vestager’s comments are representative of the Commission, and it will evaluate each case on its own merit. Effectively, the breaking up the monopolies is a last resort, and will only be done so in extreme circumstances.

This position is supported by a recent report, put together for HM Treasury in the UK by former Chief Economist to President Obama, Professor Jason Furman. Furman suggests new rules and departments need to be created for digital society, but monopolies, when regulated and governed appropriately, can be good for the progression of products, services and the economy overall.

This will of course be an unpopular opinion, but it makes sense. Sometimes there simply isn’t the wealth to share around. Monopolies are perhaps needed to create efficiencies and economies of scale to ensure progress is made at a suitable pace. However, the right regulatory framework needs to be in place to ensure this dominant position is not abused. A catch-all position should not be welcomed.

This is where the European Commission has been playing a notable role. Numerous times over the last few years, technology giants have been punished for creating and abusing dominant market positions, take Google as an example with Android antitrust violations last June, though it has not gone as far as breaking up these empires. The key here is creating a framework which encourages growth across the board but does not punish success.

Some would argue success in the pursuit of this delicately balanced equation has been incredibly varied, but this should not form the foundation of rash decisions and potential irreversible actions. Big is not necessarily bad.

This is the marquee promise of Senator Elizabeth Warren. In attempting to woo the green-eyed contradictory wannabee capitalists of Middle America, the Presidential contender has promised to split up the internet giants. The complexities and realities of this promise do not seem to have been thoroughly thought out, and it does seem to be a shallow attempt to lure the favour of those who seek fortunes but are unable to congratulate those who have found them.

That said, there are Presidential candidates who are suggesting good ideas. Senator Amy Klobuchar has suggested companies who monetize data through relationships with third-parties should be taxed. This is somewhat of a radical idea, but we do quite like the sound of it.

Firstly, for those companies who say they are collecting data to ‘improve customer experience’, there would be no impact. If the data is being used to enhance current or create new services, and therefore kept in-house, then fair enough. However, if the company is moving data around the digital ecosystem, monetizing personal information, why not place a levy on this type of activity. It might just encourage these companies to be more responsible when more scrutiny is being placed on these transactions.

This is the challenge we are all facing nowadays; the digital economy is a different beast and needs to be tamed using different techniques, regulations and practices. We all know this, but we haven’t actually figured out how to do it.

This is why we kind of like the non-committal, hands-off approach from the European Commission. For an organization which usually likes to run wild with the red-tape, this seems to be a much more sensible approach. Over regulating nowadays could create a patch-work from hell which would only have to be undone. It might seem like a cop-out, but governments should let business be business, while casting a watchful eye over developments.

When no-one really knows how the future is going to evolve, regulation is needed to hold companies accountable and protections are needed to safeguard the consumer. But rash decisions and ridiculous promises are the last thing anyone wants.

GSMA blasts EC over connected car tech choice

The battle for the soul of the European connected car industry has come down to G5 vs 5G and the European Commission has just picked a winner.

Today the EC adopted new rules around connected an automated mobility on EU roads that amounted to an endorsement of Cooperative Intelligent Transport Systems (C-ITS). On the surface this would appear to be quite a generic thing, but it seems to refer specifically to a set of technologies supported by ETSI, which include the ITS-G5 short-range wireless communications standard that uses 802.11p wifi rather than cellular.

“This decision gives vehicle manufacturers, road operators and others the long-awaited legal certainty needed to start large-scale deployment of C-ITS services across Europe, while remaining open to new technology and market developments,” said the European Commissioner for Mobility and Transport, Violeta Bulc. “It will significantly contribute to us achieving our ambitions on road safety and is an important stepping stone towards connected and automated mobility.”

Mobile trade association the GSMA isn’t so sure, however. In fact it reckons Europe is seriously missing a trick by going for this tech over cellular-based C-V2X, as you might expect. Not only that, but the GSMA reckons that by picking the wrong winner for connected vehicle tech, the EC is setting back the development of 5G on the whole.

“This piece of legislation relies on a biased view of technology and impedes innovation,” said Afke Schaart, VP & Head of Europe of the GSMA. “If the EU stays on this road, it will isolate itself further in the global 5G race and severely harm 5G investment in Europe.” Strong words Afke and we’re not sure accusing the EC of being biased is the best way to win it around, but you’re the lobbying expert so go for it.

The arcane matter of G5 vs 5G is a bit above our pay grade here at Telecoms.com, but a spot of light Googling reveals plenty of boffins have given it some thought. A couple of years ago this paper seemed to conclude the tech itself isn’t that important, but more recently NXP decided C-V2X is still a bit rubbish. It remains to be seen how binding this EC choice will be for the European automotive industry, but as the UK is continually reminded, the EU is not a big fan of challenges to its authority.

Spotify accuses Apple of discriminating against it in the App Store

Music streaming service Spotify has declared war on Apple over alleged discriminatory treatment of its app and commercial terms.

In a blog post CEO Daniel Ek announced Spotify has filed a complaint against Apple with the European Commission. He claims “Apple has introduced rules to the App Store that purposely limit choice and stifle innovation at the expense of the user experience – essentially acting as both a player and referee to deliberately disadvantage other app developers.”

The main issue seems to be the commercial terms Apple offers Spotify, specifically taking a cut of the fees people pay for its premium services. While this is Apple’s prerogative, that behaviour is complicated by the fact that Apple operates its own competing streaming service, Apple Music, and allegedly punishes Spotify if it attempts to use an alternative payment system.

“We aren’t seeking special treatment,” wrote Ek. “We simply want the same treatment as numerous other apps on the App Store, like Uber or Deliveroo, who aren’t subject to the Apple tax and therefore don’t have the same restrictions. What we are asking for is the following:

  • First, apps should be able to compete fairly on the merits, and not based on who owns the App Store. We should all be subject to the same fair set of rules and restrictions—including Apple Music.
  • Second, consumers should have a real choice of payment systems, and not be “locked in” or forced to use systems with discriminatory tariffs such as Apple’s.
  • Finally, app stores should not be allowed to control the communications between services and users, including placing unfair restrictions on marketing and promotions that benefit consumers.”

Spotify’s timing is pretty good, since regulatory and political sentiment is quite hostile to US tech giants at the moment and Apple is expected to launch a TV streaming service later this month. Spotify has created an emotively-named website – timetoplayfair.com – to further detail its case. Apple will presumably insist rules are rules, but the case against it seems reasonably strong it’s quite possible it y eventually back down on this one.

 

European Parliament expresses ‘deep concerns’ about Chinese 5G kit threat

The European Parliament has adopted a resolution calling for the European Commission to do something about China.

The resolution cropped up as the Parliament was also adopting the EU Cybersecurity Act, which will create the first EU-wide cybersecurity certification scheme once is has finished its meandering journey though the EU’s byzantine bureaucracy. It seems to be some kind of ‘kite mark’ that will certify a piece of kit has met the EU’s cybersecurity standards, and seems to view 5G

“MEPs express deep concern about recent allegations that 5G equipment may have embedded backdoors that would allow Chinese manufacturers and authorities to have unauthorised access to private and personal data and telecommunications in the EU,” said the announcement.

“They are also concerned that third-country equipment vendors might present a security risk for the EU, due to the laws of their country of origin obliging all enterprises to cooperate with the state in safeguarding a very broad definition of national security also outside their own country. In particular, the Chinese state security laws have triggered reactions in various countries, ranging from security assessments to outright bans.”

This comes hot on the heels of reports that the US has been laying some serious pressure on Germany to play ball when it comes to China – i.e. ban Huawei from 5G. On top of all this the European Commission has also proposed ten further actions around the bloc’s ongoing relationship with China, which you can see below.

Action 1: The EU will strengthen the EU’s cooperation with China to meet common responsibilities across all three pillars of the United Nations, Human Rights, Peace and Security, and Development.

Action 2: In order to fight climate change more effectively, the EU calls on China to peak its emissions before 2030, in line with the goals of the Paris Agreement.

Action 3: The EU will deepen engagement on peace and security, building on the positive cooperation on the Joint Comprehensive Plan of Action for Iran.

Action 4: To preserve its interest in stability, sustainable economic development and good governance in partner countries, the EU will apply more robustly the existing bilateral agreements and financial instruments, and work with China to follow the same principles through the implementation of the EU Strategy on Connecting Europe and Asia.

Action 5: In order to achieve a more balanced and reciprocal economic relationship, the EU calls on China to deliver on existing joint EU-China commitments. This includes reforming the World Trade Organisation, in particular on subsidies and forced technology transfers, and concluding bilateral agreements on investment by 2020, on geographical indications swiftly, and on aviation safety in the coming weeks.

Action 6: To promote reciprocity and open up procurement opportunities in China, the European Parliament and the Council should adopt the International Procurement Instrument before the end of 2019.

Action 7: To ensure that not only price but also high levels of labour and environmental standards are taken into account, the Commission will publish guidance by mid-2019 on the participation of foreign bidders and goods in the EU procurement market. The Commission, together with Member States, will conduct an overview of the implementation of the current framework to identify gaps before the end of 2019.

Action 8: To fully address the distortive effects of foreign state ownership and state financing in the internal market, the Commission will identify before the end of 2019 how to fill existing gaps in EU law.

Action 9: To safeguard against potential serious security implications for critical digital infrastructure, a common EU approach to the security of 5G networks is needed. To kickstart this, the European Commission will issue a Recommendation following the European Council.

Action 10: To detect and raise awareness of security risks posed by foreign investment in critical assets, technologies and infrastructure, Member States should ensure the swift, full and effective implementation of the Regulation on screening of foreign direct investment.

Silicon Valley’s grip on innovation is loosening – KPMG

Silicon Valley is up there with Wall Street as a driver of US economic dominance, but this leadership position is increasingly coming under threat, including from those pesky Europeans.

As it stands, California still maintains that position as Utopia for technology enthusiasts and innovators. There are numerous reasons for this, ranging from culture to cash and climate, but this lofty position is no-longer looking as attractive as alternative cities woo the next generation of economic disruptors.

KPMG is one company which is predicting the downfall of Silicon Valley. After conducting a survey, the consultancy claims 58% of respondents believe the global centre of innovation will have moved out of Silicon Valley over the next four years. Other US cities are of course lodging a challenge, New York, Austin and Boston for example, though Europe and Asia are also having a poke.

Looking at the top ten alternatives which could lead a challenge, New York ranks first, while Beijing, Tokyo, London and Shanghai feature in the top five. Taipei, Singapore, Seoul, Boston and Austin complete the top ten, but there are several other European competitors floating around.

There are numerous factors which KPMG has taken into account, and some of these will start to play heavy on the Silicon Valley case. With 5G being hyped so considerably over the last few years, most of these cities will be on-par when it comes to infrastructure, but you also have to consider the local talent pool, immigration laws, cost of living, availability of private and public investment, mass transit systems and the attractiveness of a city to millennials.

A separate Medium post from investment manager Byrne Hobart is another which is predicting the downfall of Silicon Valley as the global centre of innovation. Hobart questions whether the culture of innovation is dying out in the region, with the money men seeking more stable and predictable investments, but another interesting point is the ‘cost of existing’ as he puts it.

“As long as higher rents raise the cost of starting a pre-revenue company, fewer people will join them, so more people will join established companies, where they’ll earn market salaries and continue to push up rents,” said Hobart.

Not only does the high cost of living prevent talent from joining start-ups, the preference for established companies and the lucrative salaries further pushes up rent, compounding the problem further. This also prevents lower-income earners in other segments living in the region (arts, fashion or media for example), restricting diversification and making it a less attractive region for liberally minded individuals, the type of person the success of Silicon Valley was built on.

When researching the availability of technology jobs across the US, there are of course numerous regions which are growing faster year-on-year than Silicon Valley, though this would be expected considering the overwhelming focus of tech in the Valley. However, cities like Seattle, Austin, Denver and Huntsville are increasingly home to more technology companies, and when you factor in the more proportionate cost of living, it might be an appealing alternative.

Another very interesting development over the last couple of weeks takes place in France. The French government has recently announced an overhaul of visas for employees working for a tech company, making it easier for talent to be recruited internationally. Considering the anti-globalisation and isolationist trends we are seeing in the US, this is development worth taking note of.

There are now 10,000 start-ups that meet the requirements to access the French Tech Visa and hire foreign employees more easily. These visas cost €368 in administrative fees, is valid for four years (and is renewable) and allows employees to switch jobs during this period. The visa also extends to family members. Just as the US is making it more difficult to hire talent, the French government is attempting to empower start-ups to go an seek the best innovators around and attract them to the country.

As far as a challenge to the Silicon Valley dominance, Europe is putting itself in a very strong position. Not only are many of the cities affordable, they are attractive to millennials (culture, arts, history) a key demographic for technology success moving forward. The European Union also creates a wider society and economy, helping organizations grow in multiple markets and source talent from a wider pool.

Another factor to consider is the focus of these regions. Another KPMG research note suggests US companies are looking towards AI as a market disruptor, while IOT is attracting the interest of European companies. Perhaps this suggests a split in the innovation pool, with AI hubs being focused in North America, while IOT dominance could be wrestled across the pond to Europe. R&D is driven by customer needs and demands, therefore this is not an impossible conclusion. Interestingly enough, Japanese companies are leading the demand for robotics, another potential fragmentation of the innovation pool.

Silicon Valley is not going to disappear, but its dominant position is not only being eroded domestically, but internationally. The technology ecosystem is of course going to evolve over the next few years, but who knows where the global hub of innovation will be; there are a lot of candidates putting their hands up.

A post-Brexit Ofcom worries us – Vodafone

With the anti-China rhetoric dominating the headlines in recent months, Brexit chatter has become unfashionable. But with the deadline fast approaching, what will Ofcom look like in the future?

Speaking at a breakfast briefing in London, Vodafone UK Chief Counsel and External Affairs Director Helen Lamprell let loose on the UK regulator. Cell tower height, rural roaming, potential reintroduction of international roaming charges, dark fibre and auction dilemmas, there seemed to be a lot of venting going on.

“The UK remains a challenging environment [regulatory], one of the most challenging in the world,” said Lamprell. “But we are seeing positive change.”

The issue which Vodafone is keeping an eye-on is Brexit. According to Lamprell, Ofcom is one of the most conservative regulators throughout the bloc, though when it is freed from the tethers of the Body of European Regulators for Electronic Communications (BEREC), there is a risk it could become even more so.

There isn’t necessarily one massive bugbear from the telco, but several little aggravations which all combine to a much larger nuisance. Let’s have a look at mast height to start with.

Everyone wants signal, but no-one wants towers

As it stands, UK cell towers are limited to 25 metres in height. This obviously doesn’t take into account those masts which are placed on the top of buildings, just the actual structure itself. In most cases, this doesn’t have a massive material impact on operations, such is the population density of the UK, but when you look at countryside locations it becomes a much larger discussion.

Part of the up-coming 5G spectrum auctions will place coverage obligations on telcos. This is a reasonable request by the government, as telcos have shown they will not bridge the digital divide on their own, though as it stands 99% of the UK population is currently covered. Geographical coverage is no-where near this figure, though as there is little commercial gain from providing coverage to these remote locations, reaching the 90% objective is difficult.

One way which this could be done is by providing exemptions to the 25-metre limit in certain situations, such as the countryside, as CTO Scott Petty pointed out, for every 10-metres you go up the coverage ring is doubled.

All four of the major UK MNOs (EE, O2, Vodafone and Three) are meeting with the Department of Digital, Culture, Media and Sport (DCMS) this afternoon, and this will be a point on the agenda. Should these exemptions be granted, it opens the door for shared infrastructure also, as the main cost of these structures is civil engineering and construction, not the equipment on the tower. Both of these developments combined would aid the telcos in reaching the geographical coverage objectives.

This brings us onto another interesting point raised by Lamprell, rural roaming.

My restless, roaming spirit would not allow me to remain at home very long

“Rural roaming takes away our incentive to invest,” Lamprell said. “It’s a really, really dumb idea.”

Three are one of the companies pushing for rural roaming, but as the Vodafone team points out, it is the only MNO which hasn’t built out its rural infrastructure. However, should rural roaming be introduced it would cause a stalemate for investment.

As Petty points out, why would any MNO invest in its own infrastructure when it could force its way onto a competitor’s? All the telcos would be sitting on the starting line, waiting for another to twitch first, such is the pressure on the CAPEX spreadsheet column when investing in future-proofed infrastructure.

Moving onto the international roaming question, Vodafone is staying pretty agile right now. As it stands, the status quo will be maintained, though the team will react to the commercial realities of a post-Brexit landscape. Currently, as a member of the European Union, Vodafone is protected from surcharges when it comes to termination charges, though those protections will end with Brexit.

Vodafone has quite a significant European footprint, in most cases there is little to worry about, but for those territories which fall outside the Vodafone stomp, negotiations will have to take place.

There are several countries, Estonia is an example, which has higher termination rates than the UK. If the reality of a post-Brexit world is Vodafone is swallowing up too many charges from international calls/SMS/data, roaming charges might have to re-introduced in certain markets. This is all very theoretical currently however Ofcom will prevent Vodafone from replicating these charges from the European nations. Vodafone is sitting and waiting for the realities of Brexit right now, though it will not be a broad-brush approach.

“Our position today is to maintain the position we are in, but we will have to evaluate the situation at the time,” said Lamprell.

Ignore Luke, the Dark Side is great

Dark fibre. It used to be a popular conversation, but everyone seems to have forgotten about it recently.

Not Lamprell.

The focus of Ofcom over the last 12 months or so has been on opening-up ducts and poles, and while this certainly is progress, it only addresses part of the problem. Dark fibre is an aspect of the regulatory landscape which could add significant benefits to the industry but has seemingly become unfashionable.

Dark fibre, fibre cabling which is not currently being utilised by Openreach, could answer the backhaul demands of the increasingly congested networks quickly and efficiently. Mainly as it is already there. There is no need to dig up roads, apply for planning permission or procure new materials, it could be as simple as flicking a switch.

Openreach resistance and Ofcom’s aggressive focus on ducts and poles is perhaps missing a trick.

Going, going, maybe not yet

The UK is currently in somewhat of an unusual and unprecedented situation. It is one of the nations leading the world into the 5G. This is not to say it is in a podium position, but compared to the 4G era, the UK is sitting pretty.

Part of the reason for this has been early auctions to divvy up spectrum assets, however, moving forward there are some irregularities which is causing some head-scratching.

Later this year, Ofcom will kick-start another auction which will see 120 Mhz of spectrum in the 3.6-3.8 GHz bands, as well as 80 MHz in the 700 MHz band go up for sale. For both Lamprell and Petty, this auction doesn’t make sense. These are two bands which will be used for different purposes (coverage and speed) so why auction them off together.

If Vodafone had known this was going to happen back in April 2018, during the first spectrum auction, it might have altered its strategy.

“We could end up with a very fragmented spectrum situation,” said Petty.

From the team’s perspective, it seems Ofcom has only just woken up to the coverage demands of the UK government, and is using this auction as a blunt tool to meet the objectives. From an engineering perspective it doesn’t seem to make much sense to Vodafone.

“We are not happy with the rules,” said Lamprell. “But it’s rare for us all [MNOs] to be happy.”

Looking good but looking suspect

The UK is currently in a good position ahead of the 5G bonanza from an engineering perspective. With test hubs being set up around the country and telcos who are acting proactively, the UK looks like an attractive environment to invest in for R&D. It is by no-means leading the global 5G race, but it is in a healthy position.

However, political and regulatory uncertainty are a threat to this perception. The activities and culture of both DCMS and Ofcom over the next couple of months will has a significant impact on the 5G fortunes of the UK, as well as the ability to attract new talent, companies and investment.

Germany outlines its 5G security requirements

Short and to the point, did we expect anything from the German 5G security requirements other than meet our standards and you can operate in our country?

“We regularly adapt the applicable security requirements to the current security situation and the state of the art,” said Jochen Homann, President of Bundesnetzagentur. “The security requirements apply to all network operators and service providers and they are technology-neutral, covering all networks, not just individual standards such as 5G.”

What is worth noting is that while 5G and international security concerns might be the catalyst to these requirements, they will be applied across all networks and communications infrastructure moving forward, as well as all vendors.

The announcement from Bundesnetzagentur, the German regulator, will come as a blow to the aggressive geo-political ambitions of the US. It seems the anti-Huawei propaganda is running low on fuel, and such is the weight of Germany’s influence across Europe, Chinese executives might be letting out a sigh of relief.

Although the new safety requirements are only a concept for the moment, Bundesnetzagentur plans to release a draft of the rules for feedback over the next couple of weeks.

The requirements are quite broad-ranging, though there are enough clauses to ensure Germany is the master of its own fate. For example, critical components can only be used in communications infrastructure should there be certification recognized by the Federal Office for Information Security (BSI). Employees who install or manage this equipment will also have to be certified by German authorities.

There does also seem to be a move towards the UK’s approach to monitoring and managing risk. As part of the new requirements, network traffic must be regularly and continuously monitored for abnormalities, while safety-relevant network and system components must undergo regular and continuous safety checks. This is a more forensic approach to network management, which allows for companies like Huawei to operate in the country, but the risk is managed.

Another interesting aspect to be included in the new rules addresses ‘monocultures’. Although this is a term which is usually used in agriculture, Bundesnetzagentur is essentially ensuring there is depth in the supply chain. Redundancy must be built into the networks through using multiple vendors for different segments and aspects of operations.

While this might create more work for telcos, vendors and regulators, we feel this is a more proportionate response to the risk of nefarious external parties. Simply banning one company, or companies from a single country, will not work, such are the complexities of the digital ecosystem. Vulnerabilities are everywhere, and the most pragmatic approach should be to understand 100% secure will never exist. Its all about managing the risk most appropriately, and Germany seem to be taking a very sensible approach.

In the UK, the industry is eagerly awaiting the results of the Government’s supply chain review, which will potentially dictate how telcos interact with the vendor ecosystem. Rumours have emerged suggesting no single-vendor can own more than 50% of a certain area, but we hope the result is somewhat similar to the German approach here. This seems to be the attitude of Vodafone also.

Speaking at a briefing in London, Vodafone UK CTO Scott Petty highlighted the team has been working with the National Cyber Security Centre (NCSC) to identify the levels of risk associated with each segment of the network (Radio, Transmission, Core), and building a diverse supply chain to mitigate risk where appropriate.

This approach has led to Chinese companies being excluded from certain areas, though on the radio side where right has been deemed to be very low, Huawei supplies 32% of equipment. This approach allows best-in-breed kit to be considered but considering the sheer volume of cell towers around the UK, even if some equipment is compromised, the impact would be incredibly minor. Resilience has been built in through volume, data encryption and security gateways.

Interestingly enough, Germany is taking another very sensible approach to managing risk; the assumption that everyone is nefarious. All components and equipment will have to be certified, not just those products from countries which are deemed underhanded by paranoid opinion. Every vendor’s supply chain is becoming increasingly complex, suggesting vulnerabilities could appear anywhere. This impartial approach to suspicion will certainly place Germany is a sound position.

A considered approach to security

While certain countries have taken a knee-jerk reaction to security requirements, pinning the blame of an insecure digital ecosystem on one country or a very limited number of countries, Germany is taking a much more considered approach.

Having such a laser-like focus on security, scrutinising single elements of the ecosystem is incredibly dangerous. Cyber-criminals are incredibly intelligent, managing sophisticated networks through the dark web. If the risk of exposure becomes too high through a single route, another will be sought. Taking a blanked approach to security as Germany is doing minimises risk throughout the supply chain.

We suspect the Chinese government is not completely innocent in light of all the accusations, but we also believe they are not alone. Many of the fingers are being pointed in one direction, but Germany is not falling into that trap.

Huawei hopes to seduce Europe with new transparency centre

Huawei’s counter-strategy is becoming clearer with a move to ingratiate itself to European regulators and operators.

Today the embattled Chinese kit vendor opened a new cyber security transparency centre in Brussels. It dragged a bunch of regulators, operators, other companies, media, the GSMA and even the World Economic Forum to the opening ceremony in a clear bid to demonstrate to the whole of Europe how clean its hands are on the matter of security.

“Trust needs to be based on facts, facts must be verifiable, and verification must be based on common standards,” said Ken Hu, Huawei’s Deputy Chairman, at the opening ceremony. “We believe that this is an effective model to build trust for the digital era.” This seems to be a clear reference to the way in which the finger of suspicion has been pointed at Huawei, which the company feels has lacked concrete evidence.

The announcement stresses the need for consensus, common standards and collaboration in tackling security challenges Huawei insists are everyone’s problem. This also seems like a clever strategic play by attempting to move the security spotlight away from Huawei alone and making it a collective issue.

But there’s no escaping the fact that the main purpose of this transparency centre is to try to prove to Europe that Huawei presents no greater security threat than any other networking vendor. Here are the three main things it’s designed to achieve, according to the press release.

  • First, the Centre will showcase Huawei’s end-to-end cyber security practices, from strategies and supply chain to R&D and products and solutions. This will allow visitors to experience cyber security with Huawei’s products and solutions, in areas including 5G, IoT, and cloud.
  • Second, the Centre will facilitate communication between Huawei and key stakeholders on cyber security strategies and end-to-end cyber security and privacy protection practices. Huawei will work with industry partners to explore and promote the development of security standards and verification mechanisms, to facilitate technological innovation in cyber security across the industry.
  • Third, the Centre will provide a product security testing and verification platform and related services to Huawei customers.

“We fully understand cyber security concerns that people have in this digital world,” said Hu. “I believe that good solutions to solve the issue start from mutual understanding, which is the purpose we set up the transparency centre here today. We welcome all regulators, standards organizations, and customers to fully use this platform to collaborate more closely on security standards, verification mechanisms, and security technology innovation. Together, we can improve security across the entire value chain and help build trust through verification.”

Europe will be a critical front in Huawei’s counter-attack against the US. It’s opting for direct confrontation in North America, but a softer ‘hearts and minds’ approach in Europe seems correct. Huawei must be hoping that if it can divide the US allies it will be able to conquer the world, and while that may be a bit of a reach, every concession it makes to transparency puts a greater onus on the US to present solid evidence against it.

Hu wasn’t done banging on at the event and did a great big speech too. Here it is in its entirety.

Good morning, ladies and gentlemen. Thank you for joining us today.

I am very pleased to be back in Brussels.

This city is leading the efforts to address major challenges from global warming to education, from economic development to changes in the workplace – the policymakers here in Brussels are looking for solutions to challenges that we all share. This includes cyber security.

Last year at the European Business Summit, I announced our plans to open this Cyber Security Transparency Center here in Brussels. Looking at the events from the past few months, it’s clear that this facility is now more critical than ever.

Cyber security challenges

We are getting into a digital world very fast, and we all agree that trust is the foundation for a healthy digital environment. But as technology evolves, it’s more difficult to build that trust.

Right now, we see four main challenges to building trust.

First, fast developing digital technology has brought many new security challenges. For example, traditional telco networks have evolved from closed networks to internet-based networks. More and more digital content and services are migrating to cloud data centers.

As more devices go online, and our smartphones become more powerful, networks have much greater attack surfaces than ever before.

Second, as a global community, we lack a common and unified understanding of cyber security. Governments, business communities all talk about the importance of cyber security.

However, the fact is that both the public and private sectors lack a basic common understanding of this issue. As a result, different stakeholders have different expectations, and there is no alignment of responsibilities.

Third, as a whole, the industry lacks a unified set of technical standards for security, as well as systems for verification. This is complicated by globalization of the value chain. Digital products include components from many different countries, with many different standards, or no standards at all.

There is an urgent need to invest in security standards and verification systems at the national level, as well as professional resources and skills.

The fourth challenge is governance. In some countries, cyber security management lacks legislative support, and cyber security enforcement is not mature.

These are all real challenges, and we fully understand the cyber security concerns that people have in an increasingly digital world. Cyber security is a challenge we all share. To address these challenges, I believe that mutual understanding is the starting point.

To build a trustworthy environment, we need to work together.

Laying the foundation for trust with unified standards and verification

At Huawei, we have the ABC principle for security: “Assume nothing. Believe nobody. Check everything.”

Both trust and distrust should be based on facts, not feelings, not speculation, and not baseless rumour. We believe that facts must be verifiable, and verification must be based on standards.

So, to start, we need to work together on unified standards. Based on a common set of standards, technical verification and legal verification can lay the foundation for building trust.

This must be a collaborative effort, because no single vendor, government, or telco operator can do it alone.

Second, we need to work together to clarify and align our responsibilities. This includes all stakeholders: regulators, standards organizations, telcos, and technology providers.

For technology providers like Huawei, our responsibility is to fully comply with standards. But that is not enough. Security must be embraced as a greater social responsibility.

That means embedding trust in all end-to-end processes, and enhancing security through innovation and corporate culture.

For telco carriers, their responsibility is to ensure the cyber resilience of their own networks. Following industry standards, telco carriers need to build robust processes to identify cyber security risks. They need to develop risk mitigation plans, and protect customer data.

Finally, government and standards bodies need to work with all stakeholders on standards development. This is our shared responsibility. These efforts should focus on a holistic approach, including security standards, security verification mechanisms, and enforcement.

Europe has strong experience in driving unified standards and regulation. GDPR is a shining example of this. It sets clear standards, defines responsibilities for all parties, and applies equally to all companies operating in Europe.

As a result, GDPR has become the golden standard for privacy protection around the world. We believe that European regulators can also lead the way on similar mechanisms for cyber security.

Right now, for example, the GSMA is making great progress with their NESAS security assurance scheme. We believe that all stakeholders should get behind this framework. Ultimately, the standards we adopt must be verifiable for all technology providers and all carriers.

An open, digital, and prosperous Europe requires secure and trustworthy digital environment that meets the challenges of today and tomorrow. To lay the foundation for a trustworthy digital environment, both now and in the future, transparency, integrity, and accountability are essential.

Huawei’s Cyber Security Transparency Center

Today, we are opening the Huawei Cyber Security Transparency Center to help build that environment.

This center will provide a platform to enhance communication and joint innovation with all stakeholders. It will also provide a technical verification and evaluation platform for our customers.

Huawei strongly advocates independent and neutral third-party certification. Our Cyber Security Transparency Center will support that.

It will also give us a dedicated platform for constructive discussion, sharing best practices, and jointly addressing risks and challenges with our customers and partners.

We welcome all regulators, standards organizations, and Huawei customers to use this platform to collaborate more closely on security standards, verification, and secure innovation.

Together, we can improve security across the entire value chain and help build mutual, verifiable trust.

Security or nothing

Over the past 30 years, Huawei has served more than three billion people around the world. We support the stable operations of more than 1,500 carrier networks in over 170 countries and regions. In this time, we have maintained a solid track record in cyber security.

At Huawei, our promise is “Security or nothing.” We take this responsibility very seriously. Cyber security is our top priority across product design, development, and lifecycle management, and it is embedded in all business processes.

Looking to the future, we want to do more. We will keep investing in our cyber security and technical capabilities. This center is an important milestone in that commitment.

We also commit to working more closely with all stakeholders in Europe to build a system of trust based on objective facts and verification. This is the cornerstone of a secure digital environment for all.

As a city, and as an institution, Brussels reminds us of what collective effort and a clear vision can achieve. As people, as organisations, as companies, I strongly believe that we are always more effective when we work together.

Thank you.

Competition is a problem, removing Huawei could be disastrous – Vodafone CEO

With all eyes in directed towards Mobile World Congress this week, Vodafone CEO Nick Read took the opportunity to vent his frustrations.

Competition is unhealthy, accusations are factually suspect, protectionism is too aggressive, the trust with customers has been broken, collaboration is almost non-existent. From Read’s perspective, there are plenty of reasons the 5G era will be just of much of a struggle for the telcos as the 4G one.

And of course, it wouldn’t be a telco press conference if there wasn’t a reference to Huawei.

“I would like a new contract for the industry, I want to go out and build trust with consumers and businesses,” said Read. “This will require us to engage government and build the vision of a digital society together.”

Read has reiterated his point from the last quarterly earnings call, there needs to be more of a fact-based conversation around the Huawei saga. There is too much rhetoric, too much emotion, and perhaps, too much political influence.

Huawei is the punching bag right now, but any ban or heavy-handed response to US calls for aggressive action would be a consequence for everyone.

As Read points out, Huawei is a significant player in almost everyone’s supply chain, controlling roughly 28% of mobile infrastructure, while Nokia and Ericsson also have market share in the 20s. Removing one of these players from the market will further compound a problem which plagues the industry today; the supply chain is too concentrated around a small number of vendors.

There simply isn’t enough diversity to consider removing a key cog to European operations.

Of course, you have to consider the status quo. The US is happy to ban Huawei as it has never been a significant contributor to its infrastructure. Should the same ban be enforced in Europe, negotiations would be de-railed, and operations disrupted. Read suggests this would set 5G plans back by two years across the bloc.

The issue here is of confidence to invest. Why would telcos enter into deep negotiations when future conditions have not been set in stone. This is already evident in Vodafone’s decision to pause work on the core with Huawei; delaying these important initiatives could push Europe further behind global 5G leaders. Telcos ne