Is the IoT-module debate about security, competition or xenophobia?

Earlier this month, two US lawmakers raised concerns about the Chinese companies supplying cellular IoT modules into the US market.

“Serving as the link between the device and the Internet, these modules have the capacity both to brick the device and to access the data flowing from the device to the web server that runs each device,” wrote Mike Gallagher and Raja Krishnamoorthi, of the House of Representatives China Select Committee. “As a result, if the CCP [Chinese Communist Party] can control the module, it may be able to effectively exfiltrate data or shut down the IoT device. This raises particularly grave concerns in the context of critical infrastructure and any type of sensitive data.”

Gallagher, the Republican chair of the committee, and the panel’s top Democrat, Krishnamoorthi, voiced their concerns in a letter to FCC Chairwoman Jessica Rosenworcel. “Is the FCC … able to track the presence of Quectel, Fibocom and other cellular IoT modules provided by PRC [People’s Republic of China]-based companies in the US? Can the FCC provide further information about these modules in US networks?”

According to Reuters, the FCC said it would investigate the matter.

Undoubtedly that investigation will look at the security situation surrounding those modules. But it might also be worth looking at the wider trade struggle between the US and China, and how that struggle affects policies, competitive positioning and politics on both sides of the Pacific Ocean.

Here we go again

If this all sounds familiar, it is. These kinds of security concerns are how US lawmakers ultimately managed to block Huawei and ZTE from the US market, partly via an FCC ruling designating the Chinese vendors as “national security threats.”

And it’s the same argument that’s now motivating US allies to block the Chinese companies from international markets stretching from India to Germany.

Of course, security sits at the heart of that debate. But it’s also about the geopolitical jostling between the US and China.

For lawmakers and executives in the US, the situation is clear: The Chinese government is helping Chinese vendors dominate industries with impossibly cheap products. And it’s potentially doing so to create backdoors allowing Chinese spies into US communications networks. The US is wary of China’s rise as a global superpower.

But for Chinese vendors like Huawei and ZTE, it looks more like the US using its clout to stymie global competition. As Reuters noted, the Chinese Embassy in Washington last year said the FCC “abused state power and maliciously attacked Chinese telecom operators again without factual basis.” The Chinese vendors generally argue that their products don’t pose a threat.

An uneven expansion

Regardless, the ban against Huawei and ZTE has opened the doors to other, similar concerns. For example, there’s now a concerted push against Chinese drone makers like DJI.

Similarly, Huawei’s smartphones have largely been blocked from US networks over security concerns.

But those same security concerns apparently haven’t stretched onto other Chinese smartphone vendors like TCL and OnePlus, which continue to sell phones in the US market. Nor do they cover Apple iPhones, many of which are manufactured in China.

Regardless, fears over Chinese espionage are now shifting into the market for cellular Internet of Things (IoT) modules. (It’s worth noting that analysts like Tantra Analyst’s Prakash Sangam have been discussing this topic for years).

According to Counterpoint Research, more than 40 percent of the cellular IoT modules shipped into the US are from leading Chinese brands such as Quectel, Fibocom and Simcom.

In response to questions from Light Reading, Counterpoint analyst Neil Shah wrote that such modules sit in everything from cellular laptops to security cameras, point-of-sale terminals, smoke detectors and connected cars. For example, Tesla uses Quectel modules in its electric cars. The modules typically connect to 4G networks via NB-IoT and LTE-M technologies. But in the future, they may also support newer IoT technologies, including RedCap on 5G.

“So far there is no clear evidence of any security risks as these modules are certified by US carriers in their labs and most of them sport either Qualcomm or MediaTek chipsets,” Shah wrote.

To read the complete article, visit Light Reading.