The European Union is moving from guidance to hard law in its effort to push Chinese telecom giants out of critical infrastructure, and Huawei is treating the shift as an existential threat to its European business. What began as a 5G security “toolbox” has evolved into a sweeping plan to label entire countries as cybersecurity risks, restrict their companies from core networks and even reach into solar, cloud and drone supply chains.
As Brussels tightens the screws, Huawei is escalating its counteroffensive, accusing European leaders of discrimination, protectionism and a lack of evidence. I see a clash that is no longer just about antennas and base stations, but about who sets the rules for the next decade of digital and energy infrastructure in Europe.
The EU turns guidance into a binding purge of “high-risk” tech
For several years, EU capitals treated security warnings about Chinese vendors as political advice they could interpret loosely. That era is ending. Commission VP Henna Virkkunen is now pushing to convert the bloc’s 2020 “high-risk vendor” recommendations into a binding law that would effectively bar Huawei and ZTE from European telecom networks, a shift that would close the gap between rhetoric and enforcement across member states and directly target Chinese infrastructure dominance in 5G and beyond, according to Henna Virkkunen. The same initiative is described as an effort by the European Commission to move from a patchwork of national decisions to a single, enforceable framework that would leave operators little room to keep buying from Huawei and ZTE once the law is in place, reinforcing the earlier political signal that these suppliers are not compatible with the EU’s long term security posture, as reflected in Huawei and ZTE.
The legal architecture behind this crackdown is becoming more sophisticated. The European Commission is introducing new rules that would allow it to identify technology companies deemed to pose a risk to the European Union’s security and then force member states to align their procurement and licensing decisions with that assessment, tightening oversight of “high-risk technology suppliers” across telecoms and other sensitive sectors, according to The European Commission. Once the EU has formally designated a country as posing cybersecurity concerns, the Commission would be able to identify high-risk suppliers from that jurisdiction and require national regulators to phase them out of telecom networks, closing loopholes in states that have so far implemented only partial restrictions or none at all, a power described in detail in the reference to how Once the EU acts.
From 5G toolbox to sweeping cybersecurity regime
The current push builds directly on the 5G security “toolbox” that the EU adopted in 2020, which urged governments to curb the use of perceived high-risk vendors such as Huawei in their mobile networks. That toolbox was non binding, and several countries moved slowly or carved out exceptions, but the new plan would phase out such suppliers more aggressively and give Brussels the authority to enforce compliance, a trajectory that has already drawn fire from Huawei, according to reporting that notes how The EU is now preparing to turn that toolbox into law. The Commission has already adopted a broader toolbox of security measures for 5G networks and is now proposing legislation that would need approval from the European Parliament and national governments before it can become law, a process that would lock in the concept of “high-risk vendors” as a legal category rather than a political label, as described in the reference to how The Commission is moving.
At the heart of the overhaul is a revised Cybersecurity Act, which is designed to secure information and communication technology supply chains and give EU institutions a central role in screening foreign suppliers. The legislation includes a new, mandatory procedure for assessing the cybersecurity risks of ICT products and services, and it is explicitly framed as a way to block foreign high-risk suppliers from European mobile telecommunications networks, according to details of the Cybersecurity Act. Another account of the same legislative package notes that, to this end, the Commission wants to extend the risk based approach beyond telecoms to areas such as cloud computing, data centers, semiconductors, artificial intelligence, quantum technologies, drones and counter-drone technologies, embedding the exclusion of Huawei and ZTE in a much wider security screening regime, as described in the reference to how the Cybersecurity Act prepares to act on Huawei and ZTE.
Huawei’s fierce backlash and claims of discrimination
Huawei has not waited for the final legal text to go on the offensive. The company has already condemned earlier Commission moves to label it a high-risk vendor, with Huawei arguing that the European Commission’s assessments lack a factual basis and violate principles of fairness and non discrimination, a line of attack that was evident when Huawei Friday rejected a Commission 5G report and accused the institution of ignoring its track record. In its latest response to the phase out plan, Huawei is again portraying the EU’s approach as politically motivated, warning that excluding Chinese vendors will slow 5G deployment, raise costs for operators and consumers and undermine Europe’s commitments to open markets, a message that aligns with its earlier criticism as a Huawei backlash.
From my perspective, Huawei’s strategy is to frame the EU’s security driven restrictions as a form of industrial policy that quietly favors European and allied vendors. The company points to the lack of publicly disclosed evidence of backdoors or state control, and it stresses its long standing presence in European markets, including its role as a leading supplier of solar inverters to European PV wholesaler Sun.store, a position that shows how deeply Huawei is embedded in the continent’s energy transition, according to data cited about European PV and Sun. By highlighting its footprint in renewables and other civilian sectors, Huawei is effectively warning that a blanket “high-risk” label could disrupt not only telecoms but also solar projects and grid modernization, raising the political cost for EU leaders who want to combat cyber attacks decisively without derailing climate and industrial goals.
Germany, the United States and the global pressure on Europe
Even as Brussels designs EU wide rules, national governments are already moving ahead with their own restrictions, and those decisions both reflect and reinforce the pressure on Huawei. In Germany, Interior Minister Nancy Faeser has announced that critical components from Huawei and ZTE will be barred from 5G core networks and must be replaced by the end of 2029, a timeline that signals Berlin’s intent to unwind its dependence on Chinese vendors in the most sensitive parts of its infrastructure, according to the statement that Interior Minister Nancy made about Huawei and ZTE. That national move dovetails with the Commission’s broader effort to standardize restrictions, and it sends a signal to other large member states that the political cost of confronting Beijing on telecoms is now considered manageable in Europe’s biggest economy.
Across the Atlantic, the United States has already taken a harder line, and Washington’s stance is shaping the context in which EU leaders are acting. The United States banned approvals of new telecommunications equipment from Huawei and ZTE in 2022 and has encouraged Europe to follow suit, arguing that Chinese suppliers pose unacceptable risks to critical infrastructure and national security, a position summarized in the reference to how The United States has treated Huawei and ZTE. That same account notes that Europe is considering similar measures not only in telecoms but also in other critical sectors, suggesting that the EU’s evolving regime is part of a broader alignment with allied democracies on technology security, even as European officials insist they are acting on their own risk assessments rather than simply following Washington’s lead.
More from Morning Overview