The European Union is poised to bar Chinese tech heavyweights with sweeping new rules that will mandate their exclusion from 5G and energy networks.

The Cybersecurity Act which is expected to be presented today, will scrap the patchwork of voluntary restrictions in favour of strict, bloc-wide legal obligations.

For more than five years, Brussels has urged national governments to reduce reliance on Chinese suppliers in sensitive parts of their infrastructure. While some capitals acted swiftly, others delayed or resisted, citing cost, technical dependency, and fears of economic retaliation from Beijing. The result has been an uneven security landscape across the single market.

Henna Virkkunen, the Commission’s executive vice president for tech sovereignty, security and democracy, has delivered a scathing critique of the EU’s progress on 5G cybersecurity. She highlighted that, despite years of warnings and the implementation of the bloc’s 5G cybersecurity toolbox, high-risk vendors continue to operate within vital segments of Europe’s network infrastructure.

The Cybersecurity Act will transform advisory guidelines into mandatory rules. The legislation empowers Brussels to require Member States to exclude high-risk suppliers from essential network infrastructure, starting with telecoms and expanding to other sectors.

Several Member States remain heavily dependent on Chinese equipment, particularly in radio access networks. Replacing it will require time, capital investment, and alternative suppliers – raising concerns about network delays and higher consumer costs.

Industry groups have quietly urged Brussels to allow sufficient transition periods and avoid blanket bans that could disrupt services. Commission officials say the Act will include timelines to safeguard network continuity, while still delivering long-term security gains.

Chinese business groups have hit back at the measures arguing that the move risks poiticising trade. Brussels maintains that its forthcoming Cybersecurity Act is driven by an assessment of risk, not by the nationality of suppliers, despite mounting geopolitical tensions.

In a tense meeting earlier this year with Chinese leaders, European Commission President Ursula von der Leyen said “We have very frankly and openly raised our concerns…on the trade, investment and geopolitical issues… We have partially identified solutions”.

The proposal now moves to negotiations in the European Parliament and the Council, where resistance from some Member States is expected. Several capitals remain wary of what they see as Brussels encroaching on national security prerogatives, while others fear diplomatic and economic fallout.

RELATED STORIES

Unpacking the UK’s new Cyber Action Plan and what it means for security

The UK Cybersecurity Bill that could cost organisations millions