Exploring Similarities and Differences
Fifth-generation technology, known as “5G,” is causing unprecedented upheaval in the telecommunications landscape in France and around the world. Faced with this revolution, and the challenges it presents, France developed through Law 2019-810 a new legal mechanism designed to protect its national security interests in the operation of mobile radio networks. The law focused in particular on the introduction of a new prior authorization regime. Interestingly, in the United States, the recent Secure Equipment Act of 2021 intends to empower the Federal Communications Commission (FCC) to restrict the authorized use of equipment to companies on the agency’s Covered List. In this article, we’ll explore to what extent these two regimes share similarities, and where they differ.
*McDermott PSL Louis-Nicolas Ricard also contributed to this article.
In France, the law is the result of a proposal by members of parliament in February 2019 which made the observation that whilst the deployment of radio communications networks to ensure digital coverage throughout the national territory of France must be one of the primary objectives of any digital development policy, the deployment of 5G increases the cybersecurity risks associated with network equipment. This is due to 1) the technical specifications of 5G (dynamic management of the access network, introduction of information processing units at the network edge, edge computing) and 2) the use cases of 5G for industrial domains for some critical sectors (e.g. connected / autonomous vehicles, emergent technology, energy networks, etc.). This increased risk places new security requirements on equipment that will support future 5G networks, both in terms of their intrinsic technical characteristics, and in terms of legal obligations that could force their suppliers to cooperate with foreign authorities in the collection of intelligence.
Considering that 5G technology would carry increased risk compared to previous technologies, the law of August 1, 2019 had at its heart the aim of protecting France’s national security interests in the operation of mobile radio networks. The law added a new article, Article L. 34-11 to the French Post and Electronic Communications Code under which prior authorization from the Prime Minister is required for the operation of certain mobile radio network equipment which, by virtue of their function, “present a risk to the integrity, security and continuity of the network’s operation“. The list of equipment whose operation is subject to an authorization shall be determined by order of the Prime Minister. Under this law, the Prime Minister may refuse to grant authorization for the operation of any hardware or software that allows end-user terminals to be connected to the mobile network as part of the rollout of the 5G network. Among the grounds for refusal are 1) the serious risk of harm to the interests of defense and national security and, 2) the lack of guarantee as to the permanence, integrity, security, and availability of the network. This risk must be assessed where an operator or its service providers may be “under the control of or subject to acts of interference by a non-member state of the Union” (L. No. 2019-810, Aug. 1, 2019, art. 1 amending the second paragraph of Article L. 34-12 of the Post and Electronic Communications Code). To issue authorization, the Prime Minister must take into consideration the level of security of the devices, their deployment and operating methods envisaged by the operator and the extent to which the operator or its service providers, including any subcontractors, are “under the control of or subject to acts of interference by a State that is not a member of the European Union.”
The law has been challenged before the Constitutional Court, with no success, however some telecommunications companies have directly challenged decisions by the Prime Minister not to grant an authorization, most notably in the case of Huawei. Companies are also seeking damages against the French government to obtain compensation for the costs of replacing equipment that is now banned.
In the United States, the Secure Equipment Act passed both the House of Representatives and the Senate near unanimously (on a vote of 420 to 4) and was signed almost immediately by President Joe Biden on November 11, 2021.
This legislation aims to solidify the authority of the FCC, an independent US government agency overseen by Congress responsible for implementing and enforcing America’s communications law and regulations. The FCC regulates interstate and international communications by radio, television, wire, satellite, and cable in all 50 states, the District of Columbia, and all US territories.
The FCC can now deny equipment authorizations from its “Covered List” of entities, a list of communications equipment and services that are deemed to pose an unacceptable risk to the national security of the United States, or to the security and safety of United States persons. The FCC it is prohibited by this law from reviewing or approving any application for equipment that is on the aforementioned list of covered communications equipment or services.
In addition, no authorization will be granted by the FCC for equipment offered by the companies on the covered list regardless of what type of funds are used to purchase such equipment.
This legislation essentially finalizes the legal efforts to protect the nation’s communications networks from security risks. Back in November 2019 the FCC adopted a ban on the use of Universal Service Fund (USF) support to purchase, obtain, or maintain any equipment or services from companies posing a national security threat to communications networks or the communications supply chain. This ban enforced the Secure Networks Act, enacted in 2020 under the Trump administration, which prohibited the use of federal subsidies for covered communications equipment and services. Before that, Congress passed and the President signed into law in 2017 and 2018, a series of National Defense Authorization Acts (NDAA) which specifically stated that government agencies could not “procure or obtain or extend or renew a contract to procure or obtain any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”
The United States has also doubled down on this protection of national cybersecurity with efforts in its international relations. For example, the United States declared that it would stop sharing information with allies that allow Huawei to supply a significant part of its telecommunications infrastructure, claiming that the security risk was too great.
It may also be of interest to note that the Secure Equipment Act came just after the FCC’s decision to revoke the authorization for China Telecom’s US subsidiary to operate in the United States, citing national security concerns. In its press release, the FCC said it “adopted an order ending China Telecom (Americas) Corporation’s ability to provide domestic interstate and international telecommunications services within the United States”, explaining such “action carries out [the FCC’s] mission to safeguard the nation’s telecommunications infrastructure from potential security threats.” In order to assist US customers with transitioning to other mobile service providers as a result of China Telecom Americas’ discontinued services, the FCC did issue a consumer guide after the Order was released that explains this decision and what other options consumers might consider for mobile services.
Both the US and French regimes have the same effect; ensuring that technology is safe for consumers and does not threaten national security. Both will develop with time, and as new technology emerges there are already calls for stricter regulation on, for example, component parts. Governments around the world will be watching the development of both legal regimes closely, perhaps to draw inspiration for adopting similar measures. However, in France, the scrutiny on the implementation of such regime will continue as the Prime Minister’s decisions continue to be challenged on various grounds.
See more »
DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
© McDermott Will & Emery var today = new Date(); var yyyy = today.getFullYear();document.write(yyyy + ” “); | Attorney Advertising
Refine your interests »
Back to Top
Explore 2021 Readers’ Choice Awards
Copyright © var today = new Date(); var yyyy = today.getFullYear();document.write(yyyy + ” “); JD Supra, LLC
Mobile Phone Cardiac Monitoring Market by Region, Type, Coverage, Applications, Technology, and Forecast 2025. – Hunter Women's Chronicle – Hunter Women's Chronicle
The market size of mobile cardiac telemetry systems was over 15B USD in 2016 and is predicted to exceed 37.3B USD by 2027, with global