ITEM: Someone in the Trump administration has been floating the idea of nationalizing America’s upcoming 5G network on the grounds that it will better secure the US internet from cyber attacks or cyber espionage by China.
To be clear, the only source for this is a PowerPoint and memo obtained by Axios. According to the report, both were created by “a senior National Security Council official”, and have been “presented recently to senior officials at other agencies in the Trump administration.” Axios also cites a source saying this is an “old draft”.
And so far, there’s no indication that anyone is taking the idea seriously enough to actually try and implement it. Even the otherwise Trump-friendly FCC has said it opposes any such plan. Which is as well, as frankly it’s a cockamamie idea apparently concocted by people who don’t understand how 5G works – or how the internet works, for that matter.
Essentially, the document argues that the US is lagging behind the development of 5G that is currently being dominated by China (particularly Huawei Technologies), which raises serious national security concerns for the US. The solution: a centralized 5G network to create a “single, inherently protected information superhighway” (billed as “the 21st century equivalent of the Eisenhower National Highway System“) that can be better defended against Chinese cyber warriors. And it needs one before 2020, which is when 5G is expected to go live in China.
The document proposes two options: either the government builds the network itself (which it says would be faster and more secure) or cellcos can build it for them and then compete on services running over it. Also, for some reason the govt would only nationalize the part running on the 3.5-3.7 GHz band – the parts using mmWave bands like 28-GHz could be built privately by cellcos.
Where to begin?
I’ll skip over the plausibility of such a project in terms of the business model (it’s like an NBN, but for 5G), the political challenges (such as superceding state and city government regulations on site acquisition across all 50 states, or convincing Republicans – Trump’s own party – that nationalizing a business is somehow consistent with conservative ideology), the budget (an estimated $200 million would be just for the fiber) and the timeline, to say nothing of getting Verizon, AT&T, Sprint and T-Mobile to go along with such a scheme, given how much they’ve already invested in 5G.
I’m more interested in the security aspect, which seems to be the prime motivation for the document. And having read through it, I feel pretty confident in saying that on that basis alone, it’s a dumb and useless idea.
In the first place, the fact that Huawei is leading the 5G infrastructure space is a red herring – Huawei is already banned from selling telecoms infrastructure in the US (it’s lucky it can still sell smartphones), and even if it wasn’t, it’s not as if there’s no non-Chinese companies making 5G gear. It’s a non-issue based on the age-old US paranoia that all Chinese-made telecoms gear is designed exclusively to enable the PLA to tap your calls (unlike the NSA, say).
Also, a centralized 5G network wouldn’t be any more secure than if Verizon, AT&T, Sprint and T-Mobile built their own networks like they’re already doing. It would arguably be less secure because it would present a single target for hackers. Also, nationalizing just the 3.5-GHz part defeats the purpose.
More importantly – and I can’t believe this needs pointing out – 5G is not the internet.
The presentation author seems to think that it is. One section is actually titled “Rebuilding the Internet”, and it stipulates that 5G isn’t just another “G” upgrade but a change more on the level of the Gutenberg printing press.
The idea is that 5G’s core capabilities – gigabit speeds, low latencies, low power consumption, support for massive IoT connectivity, etc – will enable digital transformation across just about every industry and vertical you can name. As such, the memo says, “The coming 5G revolution represents the first great leap into the Information Age.”
Much of that is true to a point – but 5G is only one of many components of that digital transformation. It’s not a replacement for the internet. The internet itself is also evolving, and will still exist, and 5G networks will be interconnected with it. Which means that any centralized government-run security-by-design 5G network will still have to be connected to the rest of the “unsecure” global internet.
To be sure, security is a crucial problem for 5G, IoT and the internet in general, regardless of whether the dangers come from China, North Korea, Anonymous, teenage punks or (and I’m just pulling this one out of the air for illustrative purposes) Russia. The recent Spectre/Meltdown vulnerabilities are the latest example of how far we have to go in that regard.
It also illustrates that security problems extend far beyond any single network. And the internet by definition is not a single network. Security-by-design has to happen across the board. Building a super-secure 5G network – while recommended – isn’t a solution to the stated problem in itself.
You can read the presentation and memo here. It’s hilariously awful, and a casebook example of what happens when government officials propose to regulate technology they don’t understand – it’s not quite up there with “It’s a series of tubes!”, but it’s close.