On 29 January 2020, the Commission tabled an EU toolbox of mitigating measures with the consensus of EU Member States in order to address security risks related to the rollout of 5G, the fifth generation of mobile networks. Ensuring protection of 5G from cybersecurity threats is one of the EU’s top strategic priorities. The concrete proposals in the toolbox follow the European Council conclusions, which called for a concerted approach to the 5G security, as well as the ensuing Commission Recommendation for Member States to take concrete actions to assess cybersecurity risks of 5G networks and to strengthen risk mitigation measures (both adopted/issued in March 2019).

The toolbox lays out a range of security measures, allowing the effective mitigation of risks and ensuring that secure 5G networks are deployed across Europe. It sets out detailed mitigation plans for each of the identified risks and recommends a set of key strategic and technical measures to be taken by all Member States and/or by the Commission. Member States should take first concrete, measurable steps to implement the key measures by 30 April 2020 (see also the Commission Communication “Secure 5G deployment in the EU − Implementing the EU toolbox,” COM(2020) 50 final). They are also invited to prepare a joint report on implementation in each Member State by 30 June 2020. By October 2020, the Commission plans a review of its March 2019 Recommendation.