Huawei ban faces EU law test as adviser weighs telecom security clash

(CN) — Europe’s uneasy standoff with Chinese telecom tech hit a boiling point Thursday, as an adviser to Europe’s highest court made one thing clear: Governments can shut out “high-risk” gear like Huawei, but they need real proof of a threat, not just a national security label.

It all started when Estonia restricted the use of Huawei equipment in a telecom network, denying the Estonian unit of Finnish operator Elisa the ability to keep using its existing gear beyond set deadlines or roll out new 5G tech without approval. The company challenged the move in a Tallinn court, which then asked the Court of Justice of the European Union whether a national security measure like this fits within EU telecom rules.

Advocate General Tamara Ćapeta’s opinion threaded the needle. Governments, she said, can step in to protect telecom networks, but they don’t get to step outside EU law.

“The mere fact that a national measure has been taken for the purpose of protecting national security cannot render EU law inapplicable and exempt the member states from the need to comply with EU law,” she wrote.

Her reasoning rested on what’s at stake. Telecom networks carry the data that keeps entire economies running, moving information from devices to nearby towers and through core systems that manage traffic and security.

That system didn’t appear overnight. Early generations like 2G and 3G handled calls and basic data. 4G made mobile internet fast enough for streaming and real-time use. Now 5G takes it further, supporting far more connected devices with minimal delay.

That’s the backdrop for her warning: “A secure and trustworthy telecommunications infrastructure is not only necessary for the effective exercise of a number of EU values and fundamental rights, including the value of democracy and the freedom of expression, it also ensures social stability given that the influence over, or the disruption to, a Member States’ telecommunications infrastructure may affect other sectors of the economy and everyday life of EU citizens more generally.”

Estonia’s approach grew out of those concerns. Its law requires telecom companies to get approval before using certain equipment and allows authorities to block suppliers labeled “high risk,” a tag that has, in practice, landed on Huawei.

Ćapeta set a clear boundary. Security concerns have to be real and specific. A restriction is lawful “only if the risk to that interest is genuine, present and sufficiently serious in the particular case.” Governments need to point to concrete risks tied to actual equipment, not broad geopolitical suspicion.

That’s where the dispute sharpens. Elisa had already built parts of its network using Huawei technology, especially in the radio access network, the antennas and base stations that connect users to the system.

Estonian authorities argued Huawei posed a systemic risk, pointing to concerns about state influence, cybersecurity vulnerabilities and potential disruption. Elisa pushed back, saying those claims were never backed by a detailed, equipment-specific analysis.

Ćapeta’s opinion tackles that clash head-on. Governments can use prior approval systems to screen or block “high-risk” equipment, but those measures come with legal consequences under EU law.

In particular, she frames them as restrictions on the internal market since they can limit how telecom operators build and run their networks. Such measures, she said, “constitute a measure that, in principle, represents an obstacle to the free movement of electronic communications networks and services given that it is liable to make access to and the exercise of that service less attractive or more difficult.”

Andre Savin, a professor of IT law at Copenhagen Business School, said the opinion puts guardrails in place: Governments can invoke security concerns, but they “cannot escape [EU] scrutiny by labelling something national security” and must still meet EU law’s proportionality requirements.

Scott Marcus, an economist and telecom policy expert at the Centre for European Policy Studies, said the opinion was largely expected but still significant, confirming authorities must assess whether specific equipment poses a real risk to network security. He also flagged the real-world tradeoff, warning “the additional COST that rip and replace strategies impose on network operators” could be “vastly higher than most experts have assumed.”

Elisa welcomed the opinion, calling it “positive” for its emphasis on judicial review and a real proportionality check. The company said national security measures cannot rest on general suspicion but must be based on concrete, case-specific risks, and argued the restrictions had left some of its hardware unusable. Elisa is now awaiting the court’s final ruling, noting it has already replaced most of its network equipment with Nokia and that the transition is ongoing.

The Estonian government did not respond to a request for comment.

Behind the case sits a wider shift across Europe. Across the European Union, several member states have moved to restrict or phase out Huawei and other Chinese vendors from 5G networks in recent years, citing security risks and pressure from allies such as the United States. Germany, for example, has tightened its rules on “critical components,” forcing closer scrutiny of suppliers seen as high risk. The United Kingdom has taken a similar path outside the EU, ordering operators to remove Huawei gear from 5G networks by 2027.

The Court of Justice of the European Union is not bound by the Advocate General’s opinion, but it often follows it. A final ruling is expected in the coming months. Once it arrives, the case will return to the Estonian court, which will have to apply the EU court’s guidance to decide whether the restrictions on Elisa’s use of Huawei equipment can stand under EU law.

Courthouse News reporter Eunseo Hong is based in the Netherlands.