The government plans to introduce security legislation that will allow it to exclude “high risk” telecommunications providers from being used in critical parts of Ireland’s next generation broadband network.
The Cabinet decided to give Communications Minister Eamon Ryan the legal authority to conduct assessments of potential providers of 5G services – the replacement mobile broadband network for the 4G network – and designate some providers as “high risk.” “.
The proposed legislation will allow parts of the 5G network or infrastructure to be designated as “critical” to the state and allow the minister to ban high-risk companies from working in those areas.
Last November, the UK government announced that Chinese company Huawei would be banned from UK 5G telecommunications infrastructure.
This was due to fears within the UK government of alleged links to the authoritarian Chinese state and claims that Chinese intelligence agencies could gain access to 5G networks – claims the company rejected.
Ireland’s current electronic communications infrastructure relies heavily on 4G mobile networks and fixed broadband, but many operators offer 5G networks.
A statement issued by the Ministry of Communications does not refer to any specific company – like the position taken by the European Commission and EU cybersecurity body ENISA – and only refers to companies in general that could present a risk.
The department’s statement said the government had agreed to a number of measures to strengthen the security of electronic communications, including 5G networks.
He said the government had approved the ‘EU 5G Security Toolkit’ as the framework through which Ireland will secure its next-generation electronic communications networks.
The EU Toolkit was released in January 2020 and is a coordinated European approach based on a common set of measures, aimed at mitigating key cybersecurity risks of 5G networks.
While private operators are largely responsible for the secure deployment of 5G, Member States are responsible for national security and network security is seen as of strategic importance to the EU.
The government has announced the publication for consultation of the Electronic Communications Security Measures (MSCE) – a comprehensive set of technical and organizational measures that providers of public electronic communications networks and publicly available electronic communications services will be required to implement. artwork.
He said the requirement would “secure” the electronic communications infrastructure within the state.
The statement said: âThe government also announced that it plans to introduce primary legislation that would allow the Minister of Environment, Climate and Communications to assess the risk profile of providers of communications network equipment. electronic and, if necessary, designate certain suppliers as high risk.
“The legislation will also provide that certain parts of electronic communications networks will be designated as critical and certain powers that would ensure that high-risk providers are not used in our critical electronic communications networks,” he said.
He added: âNo decision has been made regarding the individual suppliers. Any assessment will follow clear objective criteria, such as those recommended in the EU’s 5G Security Toolkit, and follow a defined process defined in legislation.
He said the legislation would be drafted in consultation with relevant ministries and agencies, and that a regulatory impact assessment and consultation process would be conducted in early 2022.
Over the past year, the department, through the National Cyber ââSecurity Center, has worked closely with industry to produce a comprehensive set of security measures aimed at addressing many of the technical security concerns. highlighted by the European risk assessment process.