BETA


2019/2575(RSP) Security threats connected with the rising Chinese technological presence in the EU and possible action on the EU level to reduce them

Progress: Procedure completed

Legal Basis:
RoP 132-p2

Events

2019/08/30
   EC - Commission response to text adopted in plenary
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   EP - Motion for a resolution
Documents
2019/03/12
   Joint motion for resolution
Documents
2019/03/12
   EP - Results of vote in Parliament
2019/03/12
   EP - Decision by Parliament
Details

The European Parliament adopted a resolution on security threats connected with the rising Chinese technological presence in the EU and possible action on the EU level to reduce them.

The resolution was tabled by the EPP, S&D, ALDE, and Greens/EFA groups.

Parliament expressed deep concern about the recent allegations that 5G equipment developed by Chinese companies may have embedded backdoors that would allow manufacturers and authorities to have unauthorised access to private and personal data and telecommunications from the EU. It was equally concerned about the potential presence of major vulnerabilities in the 5G equipment developed by these manufacturers if they were to be installed when rolling out 5G networks in the coming years. Members noted that in December 2018, the Czech national authority for cybersecurity issued a warning against security threats posed by the technologies provided by the Chinese companies Huawei and ZTE, and that in January 2019, the Czech tax authorities excluded Huawei from a tender to build a tax portal.

Parliament went on to note that concerns were raised about third-country equipment vendors that might present a security risk for the EU due to the laws of their country of origin, especially after the enactment of the Chinese State Security Laws, which impose obligations on all citizens and enterprises to cooperate with the state, in connection with a very broad definition of national security. In particular, the Chinese state security laws have triggered reactions in various countries, ranging from security assessments to outright ban. Stressing that there is no guarantee that these obligations are not applied extraterritorially, Members indicated that the benefits of the single market come with the obligation to comply with EU standards and the Union’s legal framework, and consequently, suppliers should not be treated differently on the basis of their country of origin.

Parliament called on the Commission to:

- provide guidance, in cooperation with the EU Agency for Network and Information Security (ENISA), on how to tackle cyber threats and vulnerabilities when procuring 5G equipment, for example by diversifying equipment from different vendors or introducing multi-phase procurement processes;

- mandate ENISA to make it a priority to work on a certification scheme for 5G equipment in order to ensure that the rollout of 5G in the Union meets the highest security standards and is resilient to backdoors or major vulnerabilities that would endanger the security of the Union’s telecommunication networks and dependent services. Certification should not, however, exclude competent authorities and operators from scrutinising the supply chain in order to ensure the integrity and security of their equipment that operates in critical environments and telecom networks;

- assess the robustness of the Union’s legal framework in order to address concerns about the presence of vulnerable equipment in strategic sectors and backbone infrastructure, and present initiatives, including legislative proposals where appropriate, to address any shortfalls detected, since the Union is in a constant process of identifying cybersecurity challenges.

At the same time, Parliament called on Member States to inform the Commission of any national measure they intend to adopt in order to coordinate the Union’s response. It reiterates the importance of refraining from introducing disproportionate unilateral measures that would fragment the single market. It stressed the need to develop a strategy aimed at reducing Europe’s dependency on foreign technology in the field of cybersecurity.

Parliament urged those Member States that have not yet fully transposed the Directive (EU) 2016/1148 concerning measures for a high common level of security of network and information systems across the Union (the NIS Directive) to do so without delay, and to make sure that the reporting mechanisms introduced by the NIS Directive are properly applied. The Commission was asked to assess the need to further enlarge the scope of the NIS Directive to other critical sectors and services that are not covered by sector-specific legislation.

Member States were also asked to:

- ensure that public institutions and private companies involved in ensuring the proper functioning of critical infrastructure networks such as telecoms, energy, health and social systems, undertake relevant risk assessments that take into account the security threats specifically linked to technical features of the respective system or dependence on external suppliers of hardware and software technologies;

- make security an obligatory aspect in all public procurement procedures for relevant infrastructure at both EU and national level;

- impose sanctions on legal persons that have committed criminal offences such as attacks against such systems, in accordance with Directive 2013/40/EU on attacks against information systems;

- report to the Commission and ENISA any evidence of backdoors or other major vulnerabilities that could compromise the integrity and security of telecoms networks or infringe Union law and fundamental rights.

Lastly, Parliament welcomed the upcoming entry into force of a regulation establishing a framework for the screening of foreign direct investments (FDI), underlining that this regulation establishes for the first time a list of areas and factors, including communications and cybersecurity, which are relevant for security and public order at EU level.

Documents
2019/03/12
   EP - End of procedure in Parliament
2019/02/13
   EP - Debate in Parliament

Documents

Activities

History

(these mark the time of scraping, not the official date of the change)

docs/0/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0153_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0153_EN.html
docs/1/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0154_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0154_EN.html
docs/2/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0155_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0155_EN.html
docs/3/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0159_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0159_EN.html
docs/4/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0160_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0160_EN.html
docs/5/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0162_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0162_EN.html
docs/6/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/B-8-2019-0164_EN.html
New
https://www.europarl.europa.eu/doceo/document/B-8-2019-0164_EN.html
docs/7/docs/0/url
Old
http://www.europarl.europa.eu/doceo/document/RC-8-2019-0154_EN.html
New
https://www.europarl.europa.eu/doceo/document/RC-8-2019-0154_EN.html
events/0/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20190213&type=CRE
New
https://www.europarl.europa.eu/doceo/document/CRE-8-2019-02-13-TOC_EN.html
events/2
date
2019-03-12T00:00:00
type
Decision by Parliament
body
EP
docs
url: https://www.europarl.europa.eu/doceo/document/TA-8-2019-0156_EN.html title: T8-0156/2019
summary
events/2
date
2019-03-12T00:00:00
type
Decision by Parliament, 1st reading/single reading
body
EP
docs
url: http://www.europarl.europa.eu/doceo/document/TA-8-2019-0156_EN.html title: T8-0156/2019
summary
docs/0/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0153_EN.html
docs/1/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0154_EN.html
docs/2/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0155_EN.html
docs/3/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0159_EN.html
docs/4/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0160_EN.html
docs/5/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0162_EN.html
docs/6/docs/0/url
http://www.europarl.europa.eu/doceo/document/B-8-2019-0164_EN.html
docs/7
date
2019-03-12T00:00:00
docs
url: http://www.europarl.europa.eu/doceo/document/RC-8-2019-0154_EN.html title: RC-B8-0154/2019
type
Joint motion for resolution
docs/8
date
2019-08-30T00:00:00
docs
url: /oeil/spdoc.do?i=32396&j=0&l=en title: SP(2019)444
type
Commission response to text adopted in plenary
body
EC
events/1
date
2019-03-12T00:00:00
type
Decision by Parliament, 1st reading/single reading
body
EP
docs
url: http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0156 title: T8-0156/2019
summary
events/1
date
2019-03-12T00:00:00
type
Results of vote in Parliament
body
EP
docs
url: https://oeil.secure.europarl.europa.eu/oeil/popups/sda.do?id=32396&l=en title: Results of vote in Parliament
events/2
date
2019-03-12T00:00:00
type
Decision by Parliament, 1st reading/single reading
body
EP
docs
url: http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0156 title: T8-0156/2019
summary
events/2/docs/0/url
Old
http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0156
New
http://www.europarl.europa.eu/doceo/document/TA-8-2019-0156_EN.html
procedure/legal_basis/0
Rules of Procedure EP 132-p2
procedure/legal_basis/0
Rules of Procedure EP 123-p2
commission
  • body: EC dg: Internal Market, Industry, Entrepreneurship and SMEs commissioner: BIEŃKOWSKA Elżbieta
docs
  • date: 2019-03-12T00:00:00 docs: title: B8-0153/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0154/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0155/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0159/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0160/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0162/2019 type: Motion for a resolution body: EP
  • date: 2019-03-12T00:00:00 docs: title: B8-0164/2019 type: Motion for a resolution body: EP
events
  • date: 2019-02-13T00:00:00 type: Debate in Parliament body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?secondRef=TOC&language=EN&reference=20190213&type=CRE title: Debate in Parliament
  • date: 2019-03-12T00:00:00 type: Decision by Parliament, 1st reading/single reading body: EP docs: url: http://www.europarl.europa.eu/sides/getDoc.do?type=TA&language=EN&reference=P8-TA-2019-0156 title: T8-0156/2019 summary: The European Parliament adopted a resolution on security threats connected with the rising Chinese technological presence in the EU and possible action on the EU level to reduce them. The resolution was tabled by the EPP, S&D, ALDE, and Greens/EFA groups. Parliament expressed deep concern about the recent allegations that 5G equipment developed by Chinese companies may have embedded backdoors that would allow manufacturers and authorities to have unauthorised access to private and personal data and telecommunications from the EU. It was equally concerned about the potential presence of major vulnerabilities in the 5G equipment developed by these manufacturers if they were to be installed when rolling out 5G networks in the coming years. Members noted that in December 2018, the Czech national authority for cybersecurity issued a warning against security threats posed by the technologies provided by the Chinese companies Huawei and ZTE, and that in January 2019, the Czech tax authorities excluded Huawei from a tender to build a tax portal. Parliament went on to note that concerns were raised about third-country equipment vendors that might present a security risk for the EU due to the laws of their country of origin, especially after the enactment of the Chinese State Security Laws, which impose obligations on all citizens and enterprises to cooperate with the state, in connection with a very broad definition of national security. In particular, the Chinese state security laws have triggered reactions in various countries, ranging from security assessments to outright ban. Stressing that there is no guarantee that these obligations are not applied extraterritorially, Members indicated that the benefits of the single market come with the obligation to comply with EU standards and the Union’s legal framework, and consequently, suppliers should not be treated differently on the basis of their country of origin. Parliament called on the Commission to: - provide guidance, in cooperation with the EU Agency for Network and Information Security (ENISA), on how to tackle cyber threats and vulnerabilities when procuring 5G equipment, for example by diversifying equipment from different vendors or introducing multi-phase procurement processes; - mandate ENISA to make it a priority to work on a certification scheme for 5G equipment in order to ensure that the rollout of 5G in the Union meets the highest security standards and is resilient to backdoors or major vulnerabilities that would endanger the security of the Union’s telecommunication networks and dependent services. Certification should not, however, exclude competent authorities and operators from scrutinising the supply chain in order to ensure the integrity and security of their equipment that operates in critical environments and telecom networks; - assess the robustness of the Union’s legal framework in order to address concerns about the presence of vulnerable equipment in strategic sectors and backbone infrastructure, and present initiatives, including legislative proposals where appropriate, to address any shortfalls detected, since the Union is in a constant process of identifying cybersecurity challenges. At the same time, Parliament called on Member States to inform the Commission of any national measure they intend to adopt in order to coordinate the Union’s response. It reiterates the importance of refraining from introducing disproportionate unilateral measures that would fragment the single market. It stressed the need to develop a strategy aimed at reducing Europe’s dependency on foreign technology in the field of cybersecurity. Parliament urged those Member States that have not yet fully transposed the Directive (EU) 2016/1148 concerning measures for a high common level of security of network and information systems across the Union (the NIS Directive) to do so without delay, and to make sure that the reporting mechanisms introduced by the NIS Directive are properly applied. The Commission was asked to assess the need to further enlarge the scope of the NIS Directive to other critical sectors and services that are not covered by sector-specific legislation. Member States were also asked to: - ensure that public institutions and private companies involved in ensuring the proper functioning of critical infrastructure networks such as telecoms, energy, health and social systems, undertake relevant risk assessments that take into account the security threats specifically linked to technical features of the respective system or dependence on external suppliers of hardware and software technologies; - make security an obligatory aspect in all public procurement procedures for relevant infrastructure at both EU and national level; - impose sanctions on legal persons that have committed criminal offences such as attacks against such systems, in accordance with Directive 2013/40/EU on attacks against information systems; - report to the Commission and ENISA any evidence of backdoors or other major vulnerabilities that could compromise the integrity and security of telecoms networks or infringe Union law and fundamental rights. Lastly, Parliament welcomed the upcoming entry into force of a regulation establishing a framework for the screening of foreign direct investments (FDI), underlining that this regulation establishes for the first time a list of areas and factors, including communications and cybersecurity, which are relevant for security and public order at EU level.
  • date: 2019-03-12T00:00:00 type: End of procedure in Parliament body: EP
procedure
reference
2019/2575(RSP)
title
Security threats connected with the rising Chinese technological presence in the EU and possible action on the EU level to reduce them
subject
geographical_area
China
type
RSP - Resolutions on topical subjects
subtype
Resolution on statement
legal_basis
Rules of Procedure EP 123-p2
stage_reached
Procedure completed