The Draft law on the adoption of certain measures concerning informatic and communications infrastructures of national interest and the conditions for deployment of 5G networks (the "5G Draft Law")1 initiated by the former Ministry of Transportation, Infrastructure and Communications ("MTIC")2 has undergone a new series of examinations from the relevant public authorities as part of the legislative procedure.
Although the formal endorsements have been issued, several authorities, i.e., the Ministry of Justice3, the Competition Council4, the Economic and Social Council5 and the Legislative Council6 have made critical observations on essential aspects that seemed to have been entirely ignored by the initiators of the 5G Draft Law.
These authorities have unanimously flagged out that the 5G Draft Law failed to observe the provisions of the 5G EU Toolbox7. This failure stems from at least two perspectives, namely:
- the lack of technical, objective criteria; and
- the lack of a proper categorization of network assets into critical and non-critical.
These issues are briefly presented below, along with certain considerations regarding potential next steps.
1. The lack of technical criteria
Along with the authorities mentioned above, both the providers of electronic communication networks and the equipment manufacturers have pointed out the importance for the 5G Draft Law to observe the 5G EU Toolbox on the conduct of a coordinated assessment with the other EU Member States, based on clear criteria of technical nature8.
It therefore seems that there is a consensus between, on one hand, the relevant private stakeholders and, on the other hand, relevant public authorities, with regards to the need of amending the 5G Draft Law with a view to include objective, technical criteria of assessment in line with the approach supported by the European Union through the 5G EU Toolbox.
Nonetheless, by resubmitting for endorsement an identical text to the original draft, the former MTIC has blatantly disregarded not only the feedback received during the public consultation process, but also (i) the opinion issued previously by the Ministry of Justice by letter 2/88892/2020 from 15 October 2020, (ii) the observations provided by the Competition Council by its two letters from 27 August 2020 and 20 October 2020 and (iii) the observations provided by the Economic and Social Council by the point of view from 22 October 2020.
These observations have been reiterated within the latest set of endorsements issued by these authorities. Moreover, the Legislative Council (which, at first, had not provided any comments on the substance of the 5G Draft Law) has at its turn noted in its latest endorsement the need to observe the EU 5G Toolbox and has criticized the 5G Draft Law for the lack of objective, necessary and proportionate criteria, expressly pointing out its agreement with the views expressed by the Competition Council.
As pointed out by both the Ministry of Justice and the Legislative Council, such criteria are required, amongst others, to ensure that the courts of law would be able to effectively examine the legality of the authorisation process.
2. A different categorization of network assets: critical and non-critical
The EU 5G Toolbox makes a distinction between the critical and non-critical network assets, where the core network functions of the 5G network are generally considered as critical. This is since other components than the core network would have little to no impact should they be compromised.
The Competition Council has expressed its concerns with the fact that if the 5G Draft Law were to be implemented in its current form, competition would be negatively affected. In line with the EU 5G Toolbox, the Competition Council proposed that the equipment be categorised based on its nature and importance (strategical/current, used in the core network, radio transmitter-receiver equipment, cabling, interfaces, passive or active network equipment).
According to the Competition Council, since the 5G Draft Law makes no distinction between types of equipment and since manufacturers are the ones being authorised rather than their equipment, the need for a complete change of all the equipment delivered by an unauthorized manufacturer arises, although in practice a good part of the components would present little to no risks.
3. A draft law with an uncertain future
Taking into account the strong criticism met by the current form of the 5G Draft Law from both private and public stakeholders, it should be reasonably expected that, when discussing the adoption of the 5G Draft Law in view of its being sent to the Parliament, the Romanian Government will give due consideration to the major concerns expressed by the Ministry of Justice, the Competition Council, the Economic and Social Council and the Legislative Council, as well as to those voiced by various stakeholders during public consultations.
It should also be reasonably assumed that the Government will give due consideration to the conclusions of the European Council,9 which has called Member States to make full use of the 5G EU Toolbox, and in particular to apply restrictions only for key assets defined as critical and sensitive in the EU coordinated risk assessments, as well as to the common Union Toolbox of best practices to foster connectivity ("Connectivity Toolbox").
The Connectivity Toolbox is a report of best practices that the Member States consider most efficient in rolling out fixed and mobile very high-capacity networks, including 5G. Within it, the European Commission alongside Members Sates acknowledge the high cost for the development of the 5G networks, seeking solutions to support the providers of electronic communication networks in their efforts to implement 5G networks.
Thus, any unnecessary or disproportionate restrictions (such as the ones envisaged by the current form of the 5G Draft Law) that will increase network development costs to the providers of electronic communication networks will be at odds with the EU good practices.
Considering all the above, it seems unreasonable to assume that the Government will adopt the 5G Draft Law in the form proposed and that it will send it as such to the Romanian Parliament. Rather, a reasonable approach would call for a major overhaul of the draft enactment, with a view to accommodate the sensible views of the public and private stakeholders, as well as to observe the EU recommendations and best practices in the field.
1. The 5G Draft Law was launched on August 4, 2020 for public consultation by the MTIC and slightly revised by the latter on September 2, 2020
2. On December 30, 2020, the Government Emergency Ordinance no. 212/2020 on setting certain measures at the level of the central public administration and for amending and supplementing certain normative acts ("GEO no. 212/2020") established a new Ministry for Research, Innovation and Digitization ("MCID") by taking over, amongst other, the activities, the staff and the patrimony corresponding to the communications field from the Ministry of Transportation, Infrastructure and Communications (that became the Ministry of Transportation and Infrastructure).
3. The document can be found here: https://www.ces.ro/newlib/PDF/proiecte/2020/Lege-retele-5G.pdf. Ministry of Justice endorsed again the slightly amended form of the Draft 5G Law, but this time the endorsement was not made public. It can be assumed that Ministry of Justice maintained its initial observations since the initiator of the Draft 5G Law did not take them into account.
4. The document can be found here https://www.ces.ro/newlib/PDF/proiecte/2021/Lege-5G.pdf.
5. The documents can be found here https://www.ces.ro/newlib/PDF/avize/2020/Avize-Plen-CES-22-10-2020.pdf and here The documents can be found here https://www.ces.ro/newlib/PDF/avize/2020/Avize-Plen-CES-22-10-2020.pdf and here https://www.ces.ro/newlib/PDF/avize/2021/Avize-Plen-CES-16-03-2021.pdf.
6. The document can be found here http://18.104.22.168:83/MyUploadedDocs/2021/AvizeCL/0202.pdf.
7. Cybersecurity of 5G networks EU Toolbox of risk mitigating measures ("EU 5G Toolbox").
8. Technical measures include measures to strengthen the security of 5G networks and equipment by reinforcing the security of technologies, processes, people, and physical factors.
9. Source of the information: https://www.consilium.europa.eu/en/press/press-releases/2020/10/02/european-council-conclusions-1-2-october-2020/.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.