GSMA Calls on Europe to Safeguard Network Security and Competition in the Supply of Telecommunications Infrastructure

Europe is on the cusp of the next industrial revolution: the 5G era.

5G will transform the way that European citizens live and work. 5G – working together with and built as an add on to, existing 4G networks – will connect people and things faster than ever before. It will drive efficiency, productivity and help us all use finite resources more effectively, particularly for industrial applications. In addition to the huge benefits for business and the economy it will offer important breakthroughs in the provision of health care, skills and education.

As with 4G, robust competition amongst network infrastructure suppliers is essential to European operators’ ability to deliver innovative services to European citizens and businesses at competitive and affordable prices. By 2025, mobile operators are expected to invest between €300 billion and €500 billion on the roll out of 5G across Europe, and as an industry will generate over 4 per cent of GDP.

To safeguard this investment, retain competitiveness and data affordability, as well as maintain consumer trust, mobile operators have always prioritised network integrity, will never compromise on security and already have a proven track record of deploying secure 4G networks. 5G is, in essence, an evolution of the 4G standard, with enhanced features in terms of latency, speed and security.

As European policy makers consider ways to further secure network infrastructure, we urge them not to lose focus on all relevant policy objectives – security, competition, innovation and consumer impact. This requires a fact-based and risk-based approach, including recognition that Europe’s starting points and approaches to date, have been different than some other parts of the world. Specifically actions that disrupt the equipment supply for the various segments of the network (access, transport and core), will increase costs to European operators, businesses and citizens; delay 5G deployment by years across Europe and potentially also jeopardise the functioning of existing 4G networks upon which 5G is intended to be built.

Such significant consequences, intended or not, are entirely avoidable. European mobile operators already have established working relationships with national security agencies across Europe. These operators stand ready to work with policy makers now to agree on further proportionate and risk-based methods, not least a common, consistent and agreed security assurance, testing and certification regime for Europe. This will give confidence in network security while maintaining competition and innovation in the supply of network equipment and data affordability to end-users.

The GSMA specifically asks European policymakers to consider the following points and proposal:

Security and Trust

  • Security and trust are critical to the continued success of the mobile network operators and to the entire connected economy. Reflecting the large variety of threats, operators’ security approach is risk-based, using multiple layers of protection, of which network security is one aspect;
  • Governments and mobile operators both have a role to play in safeguarding the integrity of telecommunications infrastructure;
  • To maintain the confidence of their customers, mobile operators already invest heavily in making sure their networks – and the equipment put into the networks – are secure;
  • Mobile operators have exacting supplier selection processes to ensure high quality supply partners and have teams of network security experts that undertake rigorous testing and on-going monitoring to protect network integrity and performance;
  • Mobile operators, as well as some government security agencies, have meticulously tested mobile network infrastructure for years and have not discovered any evidence of wrongdoing.; and
  • Cyber attacks are today a significant challenge for both governments and businesses everywhere. In this respect, mobile operators are ready to work with European agencies in charge of promoting certification and security requirements (e.g. Cyber Security Act).

Competition, Innovation and Consumer Impact

  • 5G promises to deliver greater economic and societal benefit than any previous generation of mobile technology;
  • 5G will empower European citizens and be transformative for European industry;
  • Mobile operators need access to the best available technology to efficiently roll out best-in-class 5G networks across Europe, which will, in turn, enable innovations in Artificial Intelligence, Internet-of-Things and Big Data;
  • Competition amongst equipment vendors has been a major driver of innovation;
  • Limiting or stalling the deployment of 5G or requiring changes to existing 4G infrastructure, risks leaving European consumers and businesses behind; and
  • Investment and innovation will move to those countries where 5G is happening first and fastest, impacting jobs and growth.

The GSMA’s Security Work and Recommendation

  • In addition to security tests carried out by individual operators, further testing is carried out in some countries by recognised third party laboratories;
  • The GSMA has experience in this area, having developed the Network Equipment Security Assurance Scheme (NESAS) in partnership with 3GPP, the international 5G- standardisation body;
  • To take this further, the GSMA is assembling a task force of European operators to identify ways to enhance and extend existing schemes; and
  • The GSMA recommends that governments and mobile operators work together to agree what this assurance testing and certification regime for Europe will be, so that it ensures confidence in network security while maintaining competition in the supply of network equipment.

This statement does not reflect the views of all GSMA members. US mobile operators, for example, have agreed to the following view