Australia may have banned Huawei and ZTE from building the next generation of telecommunications infrastructure in the country, but will this actually defend a future Australian 5G network?
Despite the government’s decision last year to carefully vet foreign companies building Australia’s 5G infrastructure, completely excluding Chinese firms will prove near impossible. When the ban was announced, the then acting minister for Home Affairs Scott Morrison said in a press release: “The Government considers that the involvement of vendors who are likely to be subject to extrajudicial directions from a foreign government that conflict with Australian law, may risk failure by the carrier to adequately protect a 5G network from unauthorised access or interference.”
This sentence indirectly references Article 7 of China’s National Intelligence Law, that “Any organisation and citizen shall, in accordance with the law, support, provide assistance, and cooperate in national intelligence work, and guard the secrecy of national intelligence work that they are aware of.”
Connecting the dots, this means that not only are Huawei and ZTE banned, but any company heralding from China is out of the race to be part of Australia’s 5G supply chain. The only problem is, removing all Chinese products and equipment from a future Australian 5G network is going to prove extremely difficult.
The United States 2018 Report to Congress submitted by the US-China Economic and Security Review Commission in November last year bluntly makes this point in a series of recommendations about China, 5G and the Internet of Things (IoT). “US firms and the US government rely on global supply chains that in many cases are dominated by China. While not all products designed, manufactured, or assembled in China are inherently risky, the US government lacks essential tools to conduct rigorous supply chain risk assessments.”
Essentially, the United States is not even confident its 5G network will be protected from China, even if it’s built by US companies, and if the US can’t be confident, how can Australia? Meanwhile, in the United Kingdom, seven years of vetting Huawei products have left the National Cyber Security Centre less confident it can provide long-term assurance than when it started. The more you know, the less secure you feel.
2019 is also the year that the International Telecommunications Union will receive most of the key international standards for a 2020 5G rollout. 3GPP, the mobile broadband standards organisation, completed the first set of 5G standards in Release 15, agreed on January 2018. Sungho Choi, Vice President of Samsung Electronics’ network business is on the record saying the second set of 5G standards, or Release 16, will be completed by December 2019. Release 16 will include standards that cover connected cars, smart factories, enterprise networks, private networks and public safety. It is expected to be submitted to the International Telecommunications Union in December of this year.
The United States 2018 Report to Congress notes that the Chinese Government is encouraging its companies to play a greater role in international standards organisations to ensure they set global standards. Those who set 5G network standards will realise massive benefits in profit and market share, they will also set in place many elements of the underlying architecture for 5G around the world, Australia included.
The worry is not necessarily that standards will be too high, it’s that standards might favour lax security protections around universal connectivity for IoT devices. Such devices create inherent vulnerabilities that hackers and non-state actors can exploit. These types of threats will only be that much more widespread if international standards for IoT devices aren’t as high as they could have been.
Key to all this is the amount of data IoT devices collect and what they do with it. Once fridges, microwaves and ovens are all funnelling data at 1,000 times the rate current connection works, the only thing that’s going to be able to interpret and understand that data is Artificial Intelligence (AI). China is building a world-leading concentration of AI research, and the ability to deploy AI for global monitoring and surveillance will converge with the roll-out of 5G infrastructure. None of this requires Huawei or ZTE to build Australia’s 5G network, it just requires a share of Chinese components and equipment to be in the supply chain and consumer product base.
Back in 2010, the Chinese Academy of Sciences put out a strategic report, Science & Technology in China: A Roadmap to 2050. The underlying thesis of the report was that every leading nation in history had dominated science and technology during their time at the top. The report picked out a number of research areas that China saw as being of strategic importance to the 21st century and then funded them with huge amounts of money and expertise. This long-range vision is now bearing fruit. China will likely globally dominate the next era of the electromagnetic spectrum in a way that is difficult to imagine.
An alternative for Australia is to go open source for the country’s 5G network. As Michael Shoebridge writes, this would follow a model that mitigates supply chain risk by decentralising design and engineering – hedging the hack through distributed leadership. It’s a model that answers the “if not Huawei, then what?” question.
It is obviously going to be a struggle to find a large oligopolistic market actor anywhere in the world that can create Australia’s next generation nervous system without relying on Chinese-sourced products and equipment. Even if that actor could do so, it would doubtlessly be painting a giant red target on its back for state-sponsored hacking.
So, don’t. Let’s do something different. But is there the political will in Australia for something like that?
Thom Dixon is vice president for the Australian Institute of International Affairs NSW and research fellow with Remi AI.
This article is published under a Creative Commons License and may be republished with attribution.