Finland passes new 5G security law to ban risky equipment

The Finnish parliament approved a new law to vet 5G equipment as a means to shore up the country’s defence against cyber-attacks and espionage attempts on its communications systems.

Unlike Sweden, its Nordic neighbour, Finland’s new parliamentary bill does not single out any specific companies to exclude from its 5G networks. Instead, it aims to exclude equipment “within the network’s key assets if there are strong grounds to suspect the use of such equipment would endanger national security or defense”, to quote the translation by Bloomberg.

The task to set technical requirements for network security is undertaken by the Finnish Transport and Communications Agency, to be supported by other government bodies as well as major telecom operators and vendors.

Prior to the parliamentary reading and passing of the bill, Johannes Koskinen, an MP who in the early 2000’s served as Minister of Justice, told Bloomberg that “we aren’t pointing fingers at any one party.” Though this has not stopped media and commentators reading the law as an official measure to bar Huawei and ZTE from selling to the country’s 5G networks.

Koskinen also warned his fellow law makers that they should not “take action that closes doors for Nokia as a result of any backlash.” However, in a perverse way, Nokia does not have much to lose even if there should be a backlash coming out of China. Unlike Ericsson, which has benefited from its position in China, Nokia’s 5G market share in China is negligible.

Hennariikka Andersson, Huawei’s head of public affairs and communications in Finland, recognised that, by focusing on equipment security rather than targeting vendors, Finland’s new law is fair and objective. She also lament the sorry state of affairs that “the international network-security debate has focused only on Chinese vendors when we know that vulnerabilities may be found in all manufacturers’ equipment,” quoted by Bloomberg.

Huawei is now supplying equipment to DNA (a Telenor subsidiary) and Elisa, two of Finland’s three 5G operators. The new bill does not specify how network equipment already in use should be removed if it fails to meet the security requirements.