As governments worldwide grapple with how to govern the mobile Internet, an unlikely battleground has emerged: technical standardization. The global debate has centered intensely on China’s role in developing 5G – the latest generation of mobile network technology that has become the primary gateway to the Internet for most people worldwide. While headlines focus on the security risks posed by Chinese equipment manufacturers in Western 5G infrastructure, our research into telecommunications standards reveals a more complex and perhaps uncomfortable reality.

In my ‘tech dive’ for PITG, I drew from three recent academic studies of telecommunications standardization that I co-authored where we found that many commonly accepted narratives deserve closer scrutiny.

Here are some of our key findings: Despite widespread allegations, evidence of China deliberately introducing vulnerabilities into 5G infrastructure remains elusive. More troublingly, our research uncovered how European and North American governments have systematically embedded their own surveillance capabilities into telecommunications networks through standardization processes. In a striking turn of events, these very access mechanisms are now reportedly being exploited in attacks against U.S. networks.

We also found that the problems run deeper than just surveillance. Known security vulnerabilities in telecommunications standards often remain unaddressed for years, with even straightforward fixes being blocked or ignored. This institutional inertia or purposeful slow-rolling of fixes may serve the strategic interests of Western intelligence agencies, who benefit from these persistent vulnerabilities. This pattern fundamentally challenges the conventional wisdom that standardization inherently promotes security. Instead, our research indicates that technical standards can actually serve to institutionalize insecurities when powerful stakeholders benefit from maintaining them.

The key take away from this research is clear: Without robust mechanisms to protect the public interest, standardization processes - whether for telecommunications or the internet - risk prioritizing state surveillance capabilities over collective security.

Further reading:

1. ten Oever, Niels, and Christoph Becker. 2024. Infrastructural Insecurity: Geopolitics in the Standardization of Telecommunications Networks. Media International Australia, January. Link.
2. Becker, Christoph, Niels ten Oever, and Riccardo Nanni. 2024. Interrogating the Standardisation of Surveillance in 5G amid US–China Competition. Information, Communication & Society, 1–18. Link.
3. Maxigas, and Niels ten Oever. 2023. Geopolitics in the Infrastructural Ideology of 5G. Global Media and China, August, Sage Journals. Link.

Niels ten Oever is Assistant Professor of Artificial Intelligence and European Democracies and co-principal investigator with the critical infrastructure lab at the University of Amsterdam. This blogpost by Niels ten Oever summarises the ‘tech dive’ he delivered to the members of the Public Interest Technology Group on 1 August 2024.