Europe bans Chinese routers: the end of Huawei and ZTE in homes

What happened?

The European Commission has taken a further step in its digital security strategy by presenting the second version of the Cybersecurity Regulation, which extends restrictions to access network equipment. According to Hipertextual, the regulation no longer only affects operators' core equipment, but also requires the removal of routers from Chinese manufacturers such as Huawei and ZTE installed in users' homes and businesses. This means that companies like Orange, Telefónica, Digi, or Vodafone will have to replace millions of devices across Europe. The measure is part of the Recovery and Resilience Facility and the EU Cybersecurity Plan, which allocates €4.5 billion to strengthen digital defenses, although most of the cost will fall on operators.

Why is it important?

This measure represents a significant hardening of the European stance towards Chinese technology, amid growing geopolitical tension and cybersecurity concerns. The decision aligns with previous restrictions on 5G networks and reflects the EU's intention to reduce dependence on suppliers considered high-risk. The impact is not only technical: it entails multi-billion euro costs for operators, potential deployment delays, and a reconfiguration of the telecommunications market. According to Reuters, the estimated cost of replacing access routers across Europe could exceed €2 billion, not including logistics and the impact on users. Additionally, the measure could delay fiber optic deployment in rural areas, where Huawei has a dominant presence due to its low cost.

Consequences for operators and users

European telecoms face a logistical and financial challenge. Replacing routers in millions of homes will require massive investments and coordination with new suppliers, such as Nokia, Ericsson, or European manufacturers like ADVA Optical Networking (Germany) or Teleste (Finland). Orange, for example, has approximately 15 million Huawei routers in France, according to Les Echos, and replacing them could cost over €300 million in that country alone. Users may experience temporary service interruptions during migration, as well as possible changes to home network configuration. In the long term, the measure aims to ensure greater network security, but could also increase costs for consumers if operators pass on part of the investment. Additionally, new routers are likely to include enhanced security features, such as default encryption and automatic updates, which will benefit users.

Historical context and comparisons

This is not the EU's first action against Huawei and ZTE. In 2020, the Commission recommended restricting these manufacturers' involvement in 5G networks, and several countries like the UK, Sweden, and the Netherlands had already imposed bans. However, the ban on access routers is more invasive, as it directly affects end-user equipment. It compares to the US decision to ban Huawei equipment in 2019, which led the company to lose much of the Western market. In that case, the impact was more gradual, focusing on core network equipment, whereas now it extends to the last mile. It also recalls the Radio Equipment Directive (RED) of 2014, which set cybersecurity requirements for connected devices but did not ban specific manufacturers. The key difference is that this is an explicit exclusion based on origin, which could generate trade tensions with China and possible retaliation. The EU has justified the measure citing the Cybersecurity Regulation (EU) 2024/2847, which establishes a certification framework for ICT products, although Huawei and ZTE have not been certified under the European Cybersecurity Certification Scheme (EUCC).

What should readers know?

Users do not need to do anything for now; the responsibility lies with operators. However, they are likely to receive notifications about the router change in the coming months. It is important to verify that the new equipment meets security and performance standards. Additionally, this measure could accelerate the adoption of open-source technologies, such as OpenWrt, and local router manufacturing in Europe. For example, the Spanish company Radiante has already announced plans to produce routers compliant with the regulation. Consumers should watch for possible changes in internet service prices, although operators will likely absorb part of the cost to maintain competitiveness. It is also advisable for users to review their contracts, as some may include clauses allowing equipment changes at no extra cost. In case of prolonged interruptions, they can contact the national regulatory authority (such as the CNMC in Spain).

The EU seeks to reduce dependence on Chinese suppliers in critical infrastructure, but the transition cost will be high and could generate geopolitical tensions. Although security is a priority, implementation will require careful coordination to minimize the impact on users.