Why the U.S. – and the world – should trust Huawei

Andy Purdy, Chief Security Officer Huawei USA Andy Purdy, Chief Security Officer Huawei USA

Chief Security Officer for Huawei Technologies USA and former White House Adviser.

Read more posts by Andy

Huawei's Chief Security Officer (CSO) in the US and former White House Adviser, Andy Purdy discusses the importance of a global approach to Cyber Security.

On Tuesday last week the government of Prime Minister Boris Johnson announced it would allow Huawei equipment to stay in Britain’s 5G networks, despite intense pressure from Washington not to do so.

Although most Americans had not heard of Huawei until Washington began its campaign about one year ago, it is the world’s largest maker of telecommunications equipment and the number-two seller of smartphones. Those achievements – extraordinary for a Chinese company – stem from an entrepreneurial culture that America’s free-market capitalists, including members of the U.S., government, could be expected to praise, rather than condemn.

Huawei was founded in Shenzhen, a city the Chinese government in 1980 designated a Special Economic Zone where companies could try their hand at a capitalist-style business. The Chinese government allowed Shenzhen-based companies to keep whatever profits they could generate. Huawei founder and CEO, Ren Zhengfei, saw a business opportunity to help build China’s rudimentary telecoms infrastructure. He launched Huawei as a five-person start-up in 1987 with about U.S.$3,000 dollars in seed capital.

In its early days, Huawei bought telephone switching gear in Hong Kong and took it across the border into the mainland to sell at a mark-up. Ren realized that being dependent on one supplier was risky and began investing heavily in R&D so the company could make its own equipment. Historically, the company has allocated 10% to 15% of its annual revenue sales to R&D. Today the company is ranked 5th in the world in R&D. In 2018 it invested $14.3b, or 13% of its annual revenue – more than Apple, Intel, or Cisco, and about 30% more than the combined R&D spending of Ericsson and Nokia, its two largest competitors in the telecoms equipment industry. Last year, the company spent $18 billion on R&D; this year, the number will rise to about $20 billion.

Ren Zhengfei created a privately held company owned entirely by its employees through a share ownership program. Today, shareholding employees account for roughly half of its 190,000-strong workforce, while many other employees have revenue-sharing incentives. Some employees’ holdings, built up over decades, are worth millions of dollars. Any attempt to build a backdoor into a network by tainting the equipment would, if detected, cause the company to collapse overnight. No employee with a substantial equity stake would risk destroying his net worth by participating in such activities.

Huawei is one of the most closely scrutinized, extensively tested makers of telecommunications in the world. Its gear is regularly examined in a U.K. lab run by technicians with security clearances from the British intelligence agency, equivalent to America’s N.S.A. Testing is done under the strict supervision of an Oversight Board made up of representatives from the British government. Huawei also operates a testing facility in Bonn, Germany and a transparency center in Brussels. The company has offered to build similar centers in Australia and the U.S., the only two countries that have formally rejected its 5G technology. It may be the only equipment vendor in the world that has opened itself up to that degree of scrutiny.

According to statements by Ren Zhengfei which, thus far, no one has contradicted, , no government has ever asked Huawei to provide unauthorized access to its technology, or to furnish data on any citizen or organization. Mr. Ren has stated publicly and repeatedly that he would never permit Huawei equipment or personnel to be used to spy if asked to do so by the Chinese – or any other — government, saying he would sooner sell the company or shut it down than destroy the enterprise he and others have spent the last three decades building.

In the more than 30 years since its founding, no one has ever uncovered any significant, malicious vulnerabilities in Huawei’s products. A widely misreported story about Vodafone in Italy did involve a remote access capability, but Vodafone quickly clarified that the access was part of a routine diagnostic function, and explicitly said there was no evidence that Huawei had ever acquired, or sought, unauthorized access to Vodafone’s network. Nevertheless, a number of media outlets continue to report this inaccurate story.

In addition, news outlets have reported on alleged multiple thefts of intellectual property (IP) by Huawei employees, many dating back over a decade. Many of these stories are slanted to imply that Huawei attained its present leadership position in technology and innovation simply by copying the work of others.

Let me make two points in response to this line of argument. First, Huawei has developed a substantial amount of its own intellectual property. In 2018, it filed more than 5,000 patents with the World Intellectual Property Organization. It is the #1 patent-holder for 5G technology, holding roughly 20 percent of all 5G patents, and its 5G technology is widely regarded to be 12 to 18 months ahead of its competitors.

Second, Huawei pays substantial royalties for the IP it licenses from others and has innumerable cross-licensing agreements with competitors and other companies. Since 2001, Huawei has paid more than $6 billion to license IP from third parties, 80 percent of which was paid to U.S. companies.

Like any company, Huawei is not perfect. While the U.K. oversight body found no evidence of malicious backdoors in its network gear, it did find that the company’s software development processes needed to be improved. In response, Huawei has launched a five-year initiative and earmarked more than US$2 billion to revamp its software engineering processes.

The company has spent the better part of the past 12 months defending itself against Washington’s claim that, although it may not have committed any significant cyber security wrongdoing to date, it could be forced to do so in the future at the bidding of the Chinese government. Observers are increasingly pointing out that the U.S. government has never made any specific allegations of significant cyber security wrongdoing against Huawei, much less provided evidence that the company poses a security threat or even that Huawei has illicit ties to the Chinese government.

Washington’s failure to provide any evidence of wrongdoing or otherwise substantiate its concerns about what might happen in the future, has led some to question the global anti-Huawei campaign.

In particular, there has been a growing realization of the potential damage that the U.S. government’s treatment of Huawei could inflict on industries, economies, and digital ecosystems. The dual aims of Washington’s campaign are to prevent Huawei equipment from being used in 5G communication networks in the U.S. or other countries, and to restrict or eliminate Huawei’s ability to purchase components from hundreds of American companies, which before the campaign against Huawei amounted to 30% of the components of all Huawei products globally.

In a letter to U.S. Commerce Secretary Wilbur Ross, the Semiconductor Industry Association (SIA) said President Trump’s decision to prevent U.S. companies from selling technology to Huawei makes it hard for American semi-conductor makers to compete with foreign companies not subject to the same restrictions. Each year, American companies sell more than $11 billion worth of technology to Huawei. That number is sure to fall steeply if blacklists force Huawei to permanently re-orient its supply chain away from the United States.  The impact has been estimated to directly risk 40,000 to 50,000 American jobs.

In 2019, Microsoft co-founder, Bill Gates, said Huawei’s products “should be subject to an objective test.” He added, “The rule that everything that comes from China is bad – that is one crazy approach to trying to take advantage of innovation.” Microsoft’s president and chief legal officer, Brad Smith, called Washington’s treatment of Huawei “unfair,” saying the company should be allowed to buy U.S. technology.

New York Times columnist Thomas Friedman wrote that Washington’s blacklist was tantamount to “China telling Apple that it can never make or sell another phone in China.” Friedman warned that the U.S. risks starting a technological Cold War, “with a Chinese zone and an American zone, and a digital Berlin Wall running right down the middle.

Jeffrey Sachs, a Harvard economist, said Washington’s actions threaten the rules-based system of global trade by attacking a company merely because it is headquartered in China. In an editorial published last year, Sachs wrote, “I asked top industry and government officials for evidence of wayward activities by Huawei. I heard repeatedly that Huawei behaves no differently than trusted industry leaders.”

Ren Zhengfei has offered to license Huawei’s entire 5G platform to a U.S. company, even allowing the licensee to modify Huawei’s 5G software code to meet specific security requirements. So far, there has been no official response to this offer, either by a U.S. company or the U.S. government. Significantly, the U.S. government has not been willing to speak with Huawei about its concerns, or about the possibility of allowing Huawei to employ the kinds of government-monitored risk mitigation procedures that currently allow Nokia and Ericsson to do business in the U.S., despite those companies’ deep business connections and manufacturing operations in China.

It is not clear what the U.S. government will do next. But with trade tensions poised to weaken global growth, and roughly half the world’s population still lacking internet access, one can only hope that Washington will begin focusing on how to promote the spread of safe digital technology, rather than thinking of ways to cripple one of the world’s leading tech companies.

Andy Purdy is chief security officer at Huawei Technologies in the U.S. He served previously as the lead U.S. government cybersecurity official, working in the U.S. Department of Homeland Security.

This blog was first published on InsideSources.com

(https://www.insidesources.com/why-the-u-s-and-the-world-should-trust-huawei)

Back to posts

Subscribe to receive new content