16.07.2026

EU Cybersecurity Act might expose member states to expensive funding treaty claims, authorized opinion warns

A brand new authorized opinion by main worldwide funding legislation professional Professor Christoph Schreuer warns that the European Fee’s proposed Cybersecurity Act (CSA) might place EU member states in a troublesome authorized place, doubtlessly exposing them to compensation claims from Chinese language buyers underneath current bilateral funding treaties (BITs).

The opinion, commissioned by worldwide legislation agency Gaillard Banifatemi Shelbaya Disputes and dated 4 Could 2026, examines the authorized penalties of a possible battle between the proposed EU cybersecurity laws and funding safety agreements that the majority EU member states preserve with China.

Beneath the draft laws, the European Fee would acquire intensive powers to establish and exclude so-called “high-risk suppliers” from European info and communications know-how (ICT) markets. The proposed measures might have an effect on suppliers concerned in key digital infrastructure, together with 5G networks, telecommunications methods and different strategic ICT property.

Potential authorized collision

In keeping with Schreuer, the central problem is that whereas the Cybersecurity Act could be straight relevant throughout the European Union, EU member states stay sure by their separate bilateral funding treaties with China. These treaties usually assure protections in opposition to expropriation, discriminatory remedy and unfair remedy of Chinese language investments.

The opinion concludes that compliance with EU laws wouldn’t mechanically defend member states from legal responsibility underneath worldwide legislation.

“Member States would stay sure by their respective BITs with China within the occasion of a battle between their obligations underneath the CSA and people arising underneath the BITs,” Schreuer writes.

The evaluation argues that worldwide legislation doesn’t permit to invoke home laws—together with EU legislation—as a justification for breaching treaty obligations. In consequence, if measures taken underneath the Cybersecurity Act adversely have an effect on Chinese language buyers, member states might nonetheless face worldwide arbitration claims.

Commercial

Chinese language buyers might search compensation

A key discovering of the report is that Chinese language buyers might have entry to binding arbitration mechanisms underneath current funding treaties.

The opinion notes that every one EU member states besides Eire at present have BITs in drive with China, and most of those treaties present avenues for investor-state arbitration. Profitable claims might lead to compensation for the Chinese language buyers who could be harmed by particular person awards in opposition to the member states involved.

Schreuer argues that the authorized threat wouldn’t disappear even when EU member states tried to terminate their funding treaties with China. Most of those agreements include “sundown clauses” that proceed defending current investments for durations starting from 10 to twenty years after termination.

The report, due to this fact, concludes that terminating BITs wouldn’t present a sensible resolution to any battle between EU cybersecurity guidelines and worldwide funding obligations.

EU legislation and worldwide legislation function at totally different ranges and stay separate

The opinion additionally rejects arguments that European legislation mechanically overrides the funding treaties or that the treaties can merely be interpreted consistent with EU laws.

In keeping with Schreuer, China is a 3rd state and never a celebration to EU treaties and due to this fact can’t be sure by EU laws. He argues that from China’s perspective, EU legislation stays res inter alios acta—a authorized association between different events that doesn’t alter rights.

The report additional notes that present EU legislation continues to permit member states to take care of funding treaties with third international locations pending the negotiation of future EU-level agreements. Nevertheless, this doesn’t take away member states’ obligations both underneath EU legislation or underneath worldwide treaty legislation.

Wider implications

The authorized opinion arrives as Brussels seeks to strengthen Europe’s digital sovereignty and scale back perceived cybersecurity dangers in important infrastructure provide chains.

Whereas the proposed Cybersecurity Act is meant to reinforce the safety of European networks and provide chains, the report means that policymakers may want to think about the monetary and authorized penalties of measures affecting international buyers.

Schreuer’s conclusion is stark: if the Cybersecurity Act is adopted in its present kind and creates a battle with current funding treaties, EU member states might discover themselves caught between two authorized methods, going through potential legal responsibility if their worldwide obligations are breached, whichever plan of action they select.

Picture by Lewis Kang’ethe Ngugi on Unsplash

Share this text:

POVEZANE VIJESTI

LEAVE A REPLY

Please enter your comment!
Please enter your name here

POVEZANE VIJESTI