EU Plans to Ban ZTE and Huawei from Network and Solar Infrastructure

The European Union is preparing new cybersecurity legislation that aims to exclude certain Chinese technology providers, specifically ZTE and Huawei, from participating in the development of critical infrastructure. The proposed regulation, set to be introduced shortly, targets sectors such as telecommunications, solar energy, and security scanning systems.

According to sources familiar with the legislative draft, the new law will require EU member states to prevent the use of technology supplied by companies identified as high-risk in essential networks, including those used for 5G and emerging 6G mobile communications. This marks a significant change from the EU's previous approach, where the exclusion of such suppliers was left to the discretion of individual countries rather than mandated at the union level.

The European Commission's initiative reflects an ongoing reevaluation of its technology and security policies. The EU has long sought to decrease its reliance not only on major American technology firms but also on providers from countries it considers to pose potential security risks. The United States has already taken similar steps, having effectively barred Huawei from its telecommunications networks due to concerns about data security and the possibility of foreign influence.

The proposed EU law is expected to categorize certain suppliers as high-risk based on security assessments. As a result, companies like ZTE and Huawei would be systematically phased out from involvement in the construction and maintenance of vital infrastructure. This would affect not only telecommunications networks but also extend to areas such as photovoltaic power generation and critical security screening equipment.

European policymakers have expressed increasing concern about the possibility of sensitive data being accessed by foreign actors, particularly in cases where equipment might be managed or maintained from abroad. The new regulation is designed to address these vulnerabilities by setting uniform standards across all member states, rather than relying on voluntary compliance. This approach aims to strengthen the collective security of the EU, ensuring that all countries adhere to the same high level of risk mitigation.

The transition away from Chinese technology in critical sectors is expected to occur in stages. The timetable for removal will vary depending on the specific sector, the costs associated with switching suppliers, and the availability of reliable alternatives. This gradual process is intended to minimize disruption to ongoing operations while ensuring that infrastructure remains secure and resilient.

In addition to telecommunications and solar energy, the EU is also reviewing its policies regarding the sourcing of technology for other critical infrastructure, such as railway systems and wind power installations. This broader assessment reflects the union's commitment to maintaining technological sovereignty and protecting the integrity of its essential services.

The new cybersecurity law represents a strategic shift in European policy, signaling a more unified and assertive stance on technology security. By making the exclusion of high-risk vendors compulsory, the EU aims to safeguard its infrastructure against potential external threats, while also encouraging the development and adoption of secure alternatives from within Europe or trusted partner countries.

Once enacted, the legislation will require member states to conduct regular reviews of their critical infrastructure, ensuring ongoing compliance and adaptation to evolving security challenges. The introduction of these measures is expected to have significant implications for the global technology market, influencing supplier choices and investment decisions across the continent.