Skip to content

93 Percent of EU Internet Traffic Routed Through Third-Country Devices

At a glance: Chinese manufacturers dominate the EU router market with 37 percent market share, while 93 percent of European internet traffic flows through components from non-EU suppliers—a security risk that must be addressed through mandatory origin labeling and supply chain controls.

A study by SAFENet and the Innovate Europe Foundation shows that Chinese manufacturers such as Huawei and TP-Link control around 37 percent of the EU market for home networking devices and thus have access to an estimated 95 million European households. The concentration on non-EU suppliers represents a significant security risk for CISOs, since routers sit upstream of all network traffic.

According to the investigation, 93 percent of European internet traffic is handled through router-based transmission, while mobile networks account for only around 7 percent. Despite this central importance, the EU lacks an independent sovereignty framework for this network component. Chinese manufacturers such as ZTE, Huawei, TP-Link, Xiaomi and Tenda already supply more than half of all installed routers and repeaters in the EU.

The study authors identify three primary areas of risk: First, potential data interception at the firmware level, which can also affect encrypted communications. Second, the weaponization of compromised devices as building blocks for botnets in cyberattacks. Third, there is legal exposure through obligations that arise from Chinese intelligence law for manufacturers based there—routers sit upstream of all network traffic from a household or enterprise and could thus be used for mass surveillance or targeted data extraction.

A YouGov survey of more than 16,000 EU citizens shows that 58 percent trust domestic network devices, while 51 percent express distrust toward Chinese manufacturers. A practical problem: many consumers do not know where their routers come from, as devices provided by internet service providers are often mistakenly regarded as European products.

SAFENet and IE.F propose a four-pillar concept: mandatory labeling of country of origin and legal jurisdiction for network devices, reform of public procurement through clear security requirements, comprehensive control of EU supply chains, and targeted strengthening of European industrial capacity. The initiators point to the 5G Toolbox as a proven regulatory instrument and call on the EU to now apply its existing institutional frameworks and coordination mechanisms to router security as well.


Source: www.it-daily.net · Published 27 June 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.

Share on: