Cybersecurity

Nationalize the 5G Network? No Thanks.

By Paul Rosenzweig
Monday, January 29, 2018, 4:56 PM

Axios has the scoop that the Trump national security team is considering a proposal to nationalize the 5G network buildout. I don't do telecoms policy, so I can't assess the proposal as a matter of good economic policy—but it is worth noting that the Federal Communications Commission chairman (who some derided for his net neutrality stance) has come out in opposition to the Trump proposal.

But the main justification for the Trump proposal is not economic; it’s grounded in national security. The justification resonates with a fear of Chinese intrusions into the 5G network as well as concern that Chinese protocols and standards might not benefit American enterprise. So let’s take a look at that aspect of the justification. Here are some quick reactions:

  • The argument underlying the leaked proposal is the idea that if China develops the networks and devices first, then China sets the standards that the U.S. will have to adopt, which could theoretically have security vulnerabilities to the benefit of the maker. This seems to be the driving force behind the references to “security”: by building out 5G first, the United States sets the standards for what the networks and protocols look like. That seems highly implausibe. In the first instance, even if China were to develop a set of 5G standards, there is no reason that the U.S. (and other western countries could not, preferentially) adopt their own protocols. Today, as I travel the globe, my handset switches back and forth from Global to CDMA to LTE, etc. In other words, the premise that a single standard will define the network seems to me to be a weak one.
  • Second, on a relative scale, the security gaps from protocol development are less than from flaws in the handsets and devices themselves. Better testing of those devices seems to me a much better investment of time and money. I think that is clearly what lies behind the various mentions of bringing manufacturing and supply chains back to the U.S., but that's totally unrelated to nationalizing the network, generally. In short, the nationalization idea is a solution in search of a problem to solve. And, again, the problem statement depends on the idea of a uniqueness to the protocol set—a premise I think mistaken.
  • Third, another theme is that the U.S. government could and would do a better job of defending a nationalized network than the private sector would do in defending their independent networks. I am simply tempted to respond “OMB,” but if anyone today seriously thinks that the government has a solid handle on security, I commend to them the ongoing Heritage Foundation’s log of federal breaches.
  • Fourth, without the FCC’s approval (and that doesn't seem to be forthcoming) this proposal seems dead on arrival. The president does have “emergency” powers over the network, but I do not think they will stretch that far.
  • Fifth, the proposal really seems to misread how the public views privacy and security. While personally, I am heartened, for example that Section 702 was reauthorized, a realistic appraisal of the difficulty of achieving that result suggests that a significant fraction of the American public mistrusts government access to the network, much less control over it. I seriously doubt that the public will support creation of a U.S. owned 5G network when it will be immediately characterized as “the NSA's network.”
  • As an aside, this tin ear for privacy can be seen in various parts of the document. For example, in the “AI Arms Race” section, the memo says that China is winning in artificial intelligence development because of “complete elimination of privacy standards.” I don’t know whether that is true or not—but I do know that Americans are not likely to see the elimination of privacy standards as a good thing—even if it means losing the AI development race.
  • Finally, it is worth acknowledging that the National Security Council proposal is on to something. The prevalence of Huawei technology globally is a real security threat to U.S. interests—of that, there can be no doubt. From the outside, it looks to me like the CFIUS process has managed this threat behind the scenes (for example, by keeping Huawei from buying a stake in some U.S. companies). While it is not clear to me why this process is inadequate, I do want to at least agree that the underlying concern is real. It just seems that the solution set the White House has chosen fails to match the problem and is, generally, poorly thought out.
Topics: