The European Union’s plan to phase out equipment from so-called high-risk technology suppliers in critical sectors has triggered strong opposition from China’s Huawei, which is expected to be among the companies most affected by the proposed measures.
The European Commission on Tuesday unveiled draft revisions to the EU’s Cybersecurity Act that would require the gradual removal of components and equipment from suppliers deemed to pose security risks. The proposal comes amid a rise in cyber and ransomware attacks and growing concerns over foreign interference, espionage and Europe’s reliance on non-EU technology providers.
While the Commission did not name specific companies or countries, Huawei criticized the move, arguing that excluding suppliers based on country of origin rather than technical evidence undermines EU legal principles and World Trade Organization obligations. As reported in Reuters, a Huawei spokesperson said the company would closely monitor the legislative process and “reserve all rights to safeguard our legitimate interests.”
China’s foreign ministry echoed the criticism, saying Chinese firms operating in Europe have complied with local laws and have not threatened national security. It urged the EU to avoid what it described as a turn toward protectionism.
EU officials defended the proposals as necessary to safeguard critical infrastructure and reinforce technological sovereignty. EU tech chief Henna Virkkunen said the new cybersecurity package would strengthen protection of information and communications technology supply chains and improve the bloc’s ability to counter cyber threats.
The measures would apply to 18 sectors identified as critical, including telecommunications equipment, electricity and water systems, connected and automated vehicles, cloud services, medical devices, surveillance equipment, space services and semiconductors. Mobile operators would have 36 months from the publication of a high-risk supplier list to phase out key components, with timelines for fixed and satellite networks to be set later.
Telecoms lobby group Connect Europe warned that the proposals could impose significant costs on the industry, potentially running into billions of euros. The revised Cybersecurity Act must still be negotiated with EU governments and the European Parliament before it can enter into force.
