UK teleco regulator 'comfortable' with Huawei despite US concern over South Korea deal

The United States is not the only country to have its reservations about Chinese technology firm Huawei. Both the UK and Australia have been vocal in expressing concerns over allegations that Huawei is linked to China's People's Liberation Army - and that it may be involved in providing Chinese authorities with spy technology. Huawei denies the allegations.

This hasn't helped its business thrive in the US. But in the UK, Huawei has a cooperation of sorts with GCHQ, the government's communications headquarters.

In an interview with DW, Dr. Steve Unger, chief technology officer with UK telecoms regulator, Ofcom, says the UK's working relationship with Huawei is "comfortable."

DW: There's been a lot of doubt about Huawei. And now its deal to help South Korea develop its broadband network has got two top US senators lobbying the Obama administration. The US will have its concerns given its close ties with South Korea and won't want a situation that it can't control. What's your take on the situation?

Dr. Steve Unger: In the UK, Huawei is a supplier into a number of network operators and we've got a framework which means we're comfortable with that. I think there are several elements to that framework. Most importantly, it's got to remain the case that operators take responsibility for the operation of their networks, for the equipment they purchase, and that is then about them retaining a core capacity. As part of that they need to recognize that that core technical capacity needs to be able to cope with all sorts of threats. There's a lot of skeptic debate about Huawei, but there are all sorts of threats out there to network integrity.

Which threats are you referring to?

Hackers, denial of service attacks, there is a very long list of ways in which networks can be compromised, and the job of network operators is to minimize that risk - wherever it comes from. That's about good design practice, and it's about having a technical capability within the operators to enforce that. Specifically in relation to Huawei, we do also have this additional facility in the UK at Banbury, where equipment supplied into the UK undergoes a degree of testing to make sure there is not a concern. That's an additional protection.

That's an important point because there was talk about it being difficult to look at Huawei products, at the physical hardware, when they're making it and perhaps installing - so the allegations go - certain technology that could be a security concern.

The underlying point is still that it's up to operators to make sure the networks are robust. The most significant network outage in the UK over the last couple of years was - I won't name the operator and I won't name the supplier - but it did not involve equipment supplied by Huawei. That simply reflects the fact that equipment does go wrong, networks go wrong, and it's the job of the network operators with good design practice to minimize the risks. The specific additional piece of work that happens in relation to Huawei is a degree of testing of the software releases into equipment deployed to UK networks and that's carried out at the Banbury facility. That's an additional mitigation. But I wouldn't want to give too much prominence to that because the most basic point is still about good design practices - designing networks that are resilient against various forms of attack. That's the key point.

You said there's a framework in place that makes the UK "comfortable" with Huawei. That clearly means there are issues that need to be addressed. Or fears and concerns of some kind.

There is always a concern about the supply chain into any operator, into any network. And the framework is primarily about addressing that. That's why I try to deemphasize the point about the specific facility at Banbury. The general point, which applies to any supplier, is that there is a risk. Equipments can either through intent or more often through fault cause network failures, and it's the job of operators to minimize that risk. That's why I think the most important part of the framework is the general point about good practice and the capabilities that support that - rather than focusing too much on the specific mitigations around Huawei.

While there have been these allegations against Huawei, foreign technology companies are producing in China - and that is the ultimate goal isn't it - coming together and cooperating?

The ultimate goal is, I think, to be able to benefit from global trade - but to do that in a way that recognizes that it brings risks. The way you manage those risks is by making sure operators, the people responsible for operating networks, understand what they're doing. Although they might be outsourcing network operations, they might be buying kit, but fundamentally they have enough of a technical capability so that they know what's in their network and they know that there are sufficient measures in place to protect that network. There's no magic answer, I'm afraid, that's what's required.

Dr. Steve Unger is chief technology officer for Ofcom, an independent and government-approved authority, which regulates the UK's broadcasting, telecommunications and wireless communication sectors.