The European Parliament has passed a resolution calling for EU action on potential security threats from China’s growing technological presence in the EU. In particular, the MEPs want the European Commission and EU states to develop guidance on how to tackle any cyber threats and vulnerabilities when procuring 5G equipment, including having network security agency Enisa develop a system of equipment certification.

MEPs expressed “deep concern” about recent allegations that 5G equipment may have embedded backdoors that would allow Chinese manufacturers and authorities to have unauthorised access to private and personal data and telecommunications in the EU, the Parliament said in a statement. The resolution suggested the EU take measures such as diversifying equipment from different vendors, introducing multi-phase procurement processes and establishing a strategy to reduce Europe’s dependence on foreign cybersecurity technology. They also urged the Commission to mandate the EU’s cybersecurity agency, Enisa to work on a certification scheme ensuring that the roll-out of 5G in the EU “meets the highest security standards”.

The resolution will be sent to the Commission and EU states to consider further action.

Cybersecurity Act approved

MEPs passed the motion while debating the EU Cybersecurity Act. This legislation reforms Enisa to give it more powers as a cybersecurity agency and also strengthens EU coordination on protecting vital infrastructure. In addition, it establishes the first EU-wide cybersecurity certification scheme to ensure that products and services sold in EU countries meet defined security standards.

The text of the Cybersecurity Act has already been agreed with the EU Council and only needs the Council’s formal approval before becoming law.