A top executive of Shenzhen-based Chinese technology giant Huawei has invoked the example of market rival Nokia's Chinese joint venture to say that the assessment of cybersecurity should not be based upon the location of mobile equipment vendors' headquarters. 

Catherine Chen, Huawei's board member and senior vice president, told a media roundtable in Brussels on Thursday afternoon that its "equipment has components manufacturing and assembly done in a lot of countries around the world, like European countries, the United States, Japan and other Asian countries. So, do you think the product is a Chinese one or a global one?" 

Chen went on to take Nokia, one of its two main rivals headquartered in northern Europe, as an example.

"Nokia has established a joint venture in China and to be more precise, the Chinese state has shares in this joint venture. They provide their technology and solutions not only to the Chinese market – they also provide that to around 50 overseas markets. So, would you call that a European company or a Chinese company?" Chen said. 

She concluded that "what I'm trying to convey is that the assessment of cybersecurity should not be based upon the nationality of a vendor or a company."

No cybersecurity risk management mechanism in cooperation with Chinese government

Chen reiterated that the company has no cybersecurity risk management or mitigation mechanism in cooperation with the Chinese government.

The company only has such arrangements with the governments of the UK, Canada, and Germany, said Catherine Chen.

In both the UK and Canada, the mechanisms are led by the respective government, she said, adding that "verifications are done with third parties" in Canada.

Chen noted a dedicated Huawei Cyber Security Evaluation Center (HCSEC) was established by the company in the UK in November 2010.

For some eight years, the center has been providing security evaluation for a range of Huawei products used in the British telecommunications market.

To ensure the independence of HCSEC's judges, the British government established the HCSEC Oversight Board in early 2014, which has published five detailed annual reports scrutinizing Huawei.

Chen also said the cybersecurity risk management model in Germany is different from the aforementioned ones.

"We have a testing center established in Germany," she said, adding that while the mechanisms in Canada and Britain focus on Huawei only, "Germany wants to apply the uniform or unified standards to all vendors, all players alike."