By Strand Consult
The nations of the world face a strategic choice for security. It will determine whether the nation develops in a prosperous, inclusive, sustainable, and democratic direction, or an authoritarian one.
Nations want to ensure its citizens and enterprises enjoy world class technology; to protect and preserve human rights and sovereignty; and to innovate regionally with compelling digital solutions and services. Nations can learn and adapt from EU models for digital governance.
Given its history, experience, and coordination, the EU offers a real, actionable way forward for digital development. Digital development thrives when grounded in democratic values, and digital goods and services and their associated equipment and infrastructures should come from the nations which practice these values.
Digital Infrastructures: horizonal, vertical, and cloud
The emerging digital economy consist of three kinds of infrastructures: (1) the horizontal networks of fixed and mobile communications which transmit information; (2) the vertical layer of devices, applications and services which collect, process, and use information. (3) the cloud, a distributed set of computers which functions both as horizontal and vertical network, collecting, processing, and storing information.
Each nation depends on these three types of infrastructures, though each nation differs on the speed of its digital development. 4G / 5G wireless networks and fiber are replacing earlier telecommunications 2G, 3G, and copper-based networks. These horizontal communications networks form the foundation on which all digital development depends, binding people and communities nationally and regionally. Communications providers which provide the “horizontal” transmission services are typically licensed by the nation state and regulated to deliver a common set of connectivity services to all people, enterprises, and institutions.
On top of the horizontal infrastructure of communication networks are vertical networks for devices (smartphones, tablets, smart cars) and applications (software platforms for commerce, finance, health, education, public safety and so on). Whereas the horizonal infrastructure of communications networks transport data, vertical devices and apps collect, process, and store data.
The third type of infrastructure is cloud; it provides both horizontal and vertical processing and storing information. Cloud networks are provided by large, global information technology hyperscalers (and sometimes smaller competitors) but are not necessarily licensed or regulated within any nation. Cloud infrastructure is connected via communication networks with devices, and applications.
Ensuring security and trust across the set of horizontal, vertical and cloud networks is complicated as it involves different rules, vendors, services, and jurisdictions. Indeed the 27 nations of the European Union (EU) have promulgated data protection, network security, trust, and governance policy for decades, integrating the needs of the people, enterprise, and government into a unified regime for 27 member states. Nations can learn from this model and adapt appropriately.
The European Union shows the way forward.
The goal of the EU is a common internal market, security space, and human rights for the citizens of its 27 member states. With the digital economy, the EU adopted a set of policies which have become the global standards. The popular shorthand for the world economy is that the US innovates; China replicates; and EU regulates. Indeed, EU General Data Protection Regulation has become the global standard, with the world’s largest IT firms adopting its conventions for lawful processing, integrity, confidentiality, accountability, consent, accuracy, and the culture of privacy.
The Digital Markets Act (DMA) and Digital Services Act (DSA)package aims to create a safer digital space where the fundamental rights of users are protected and to establish a level playing field for businesses. The EU’s Artificial Intelligence Act (AI Act) offers comprehensive rules for trustworthy AI. The EU’s Gigabit Infrastructure Act promises faster rollout of gigabit-capable connectivity and a set of policies to fast-track the rollout of fiber infrastructure.
To safeguard security and resilience, the EU developed a foundational and globally unique approach to security of 5G networks with the EU 5G Toolbox. The EU deems 5G networks critical for their horizontal role underpinning the delivery of health, energy, manufacturing, media, and mobility. Hence the EU Member States, the European Commission, European Union Agency for Cybersecurity (ENISA), and the Body of European Regulators for Electronic Communication (BEREC) developed an EU-wide coordinated risk assessment. Based upon a set of identified risks, the EU 5G Toolbox was developed and agreed to include strategic (non-technical) and technical mitigating measures.
The EU Network and Information Systems Cooperation (NIS) Group supports, monitors and evaluates the implementation of the EU 5G Toolbox. It supports continuous knowledge exchange and capacity building as well as promotes resilience in other security objectives. More than half of the EU member states are already succeeding in their 5G security goals; however, the laggards create a security challenge for the region.
The implication of applying the EU 5G Toolbox for Union funding means that EU funds for 5G network deployment be it for EU internal purposes such as in the case of Slovenia or in external EU funding, such as part of the 2023 Enlargement package Ukraine, and the Western Balkans.
The EU offers comprehensive policy for the digital age, ensuring the rights and data protection of individuals, fair operating conditions for the marketplace, and the security and trust of networks. The policy aim is to direct digital development in a just, human, and modern direction which protects democratic values and guards against totalitarianism. Other nations can learn from the EU and adapt policy appropriately to local conditions.
To learn more about this complex issue, see Strand Consult’s many reports about cybersecurity.
Telecom Analysis 
Leave a comment