After a meeting in London, the members of the ‘Five Eyes’ intelligence alliance has released a communique to reinforce the relationship and outline quite generic objectives.
As with all of these communiques, the language sounds very impressive, but in reality, nothing material is being said. In this document, the UK, US, New Zealand, Australia and Canada have committed to countering online child sexual exploitation and abuse, tackling cybersecurity threats and building trust in emerging technologies.
Although nothing revolutionary has been said, the reinforcement of this alliance leaves questions over Huawei’s role in the aforementioned countries.
“There is agreement between the Five Countries of the need to ensure supply chains are trusted and reliable to protect our networks from unauthorised access or interference,” the communique reads. “We recognise the need for a rigorous risk-based evaluation of a range of factors which may include, but not be limited to, control by foreign governments.”
Government officials will never be so obvious as to point the finger at another nation, at least not most of the time, but it isn’t difficult to imagine who this statement is directed towards.
So where does this leave Huawei? Banned in Australia and the US, denied work in New Zealand and on thin ice in Canada. The only market from the ‘Five Eyes’ where is does not look doomed is the UK. But can the other members of the intelligence club trust the UK while Huawei is maintaining a presence in the country’s communications infrastructure?
The US has already spoken of withholding intelligence data should the partner nation allow Huawei to contribute to 5G networks, and this alliance is already very anti-Huawei. In re-affirming its position to the alliance, the UK is certainly sending mixed messages only a week after a statement which suggested Huawei might be safe.
Of course, this might mean very little in the long-run, but it is another factor which should be considered when trying to figure out what Huawei’s fate will actually be.
For its own part, Huawei is doing as much as possible to disprove collusion and security allegations. Aside from the cybersecurity centres opened to allow customers and governments to validate security credentials, it has recently signed up to the Paris Call.
“The quest for better security serves as the foundation of our existence,” said John Suffolk, Global Cyber Security & Privacy Officer at Huawei. “We fully support any endeavour, idea or suggestion that can enhance the resilience and security of products and services for Governments, customers and their customers.”
The Paris Call is an initiative launched by the French Government in November 2018. It is a call-to-action to tackle cybersecurity challenges, strengthen collective defences against cybercrime, and promote cooperation among stakeholders across national borders. To date, 67 national governments, 139 international and civil society organizations, and 358 private-sector companies have signed up to the collaborative initiative.
Although we are surprised it has taken Huawei so long to sign up to the initiative, it is another incremental step in the pursuit to demonstrate its security credentials and build trust in the brand.
Even with this commitment from Huawei, you have to question how the UK can continue to be a member of the ‘Five Eyes’ alliance and work with the Chinese infrastructure vendor. The concept of the alliance is to align activities and this communique talks about managing risk individually but also about supporting the efforts of other partners.
It does appear the UK is attempting to have its cake and eat it too. We suspect there will be pressure on the newly-appointed Prime Minister Boris Johnson to fall into line before too long, and it will be interesting to see how the newly formed Cabinet manage expectations externally with international partners and internally with British telcos who rely on Huawei.