Securing the Unseen Backbone: Strengthening EU Policy for Undersea Communication Cables

Executive Summary 
Undersea communication cables play a pivotal role in facilitating about 99% of the world’s internet traffic and are essential for global financial transactions, diplomacy, and daily digital interactions. However, their critical importance often goes unnoticed by the public, and current European Union policies may not provide adequate protection. In light of recent geopolitical developments and the emergence of hybrid threats, both from state as well as non-state actors, it is increasingly important to bolster the resilience and security of these vital infrastructures. This policy brief aims to examine the existing landscape of undersea cable governance within the EU, identify potential vulnerabilities, and propose constructive recommendations to enhance Europe’s digital backbone against a range of threats. 

Critique of Current Policy 
The governance and protection of undersea cables in the EU are highly fragmented.  At the national level, approaches vary significantly: countries like France and Portugal have integrated cable security into naval operations. A clear understanding of this exists when specifically focussed on France where the Secretariat-General for National Defence and Security, ensures as well as coordinates on the national security protection, and the Secretariat Général à la Mer focuses on data cable protection.  

Other nations such as Denmark use their Coastal and Maritime authority to regulate laying cales and establish protection zones, the security of these are delegated to private industry actors. This lack of uniformity poses risks to the collective security of the EU. 

At the European Union (EU) level, various agencies including the European Maritime Safety Agency (EMSA), the European Union Agency for Cybersecurity (ENISA), and Frontex function within their own distinct sectoral silos, despite several similarities in their work that is conducted. While undersea cables are acknowledged in overarching strategies pertaining to maritime security and cyber resilience, there exists a notable absence of concrete mandates and coordinated efforts among these agencies. This gap underscores a broader policy disconnect between the EU's digital aspirations and the physical infrastructure that underpins them, raising concerns about the overall effectiveness of the EU in managing its digital and physical domains in a cohesive manner. 

The legal frameworks that currently govern undersea cables, particularly the United Nations Convention on the Law of the Sea (UNCLOS), are increasingly seen as antiquated and insufficiently enforced. This inadequacy is particularly pronounced in the context of rapidly evolving geopolitical landscapes and emerging challenges such as climate change and the intricacies of deep-sea mining, especially in international waters. Critical maritime chokepoints, including the Strait of Gibraltar and the Red Sea, are recognized as high-risk zones for potential cable sabotage or unintentional damage, further emphasizing the need for heightened vigilance. 

Moreover, the landscape of undersea cable ownership and management is becoming significantly more complex due to the rising involvement of non-EU actors, including prominent technology companies often referred to as big tech and private industries, as well as foreign state-owned enterprises. This growing participation complicates the regulatory framework and introduces additional challenges related to oversight, security, and strategic interests. 

Given the central importance of undersea cables to the digital economy, public services, and military coordination, it is evident that current policy measures are inadequate in addressing the multifaceted strategic vulnerabilities and operational dependencies experienced by EU Member States. A more integrated and forward-thinking approach is essential to ensure that the EU can effectively safeguard its critical infrastructure, enhance its resilience against potential threats, and align its digital and physical strategies in an increasingly interconnected global environment. 

Policy Recommendations 

1. Form a dedicated body within the European Commission that integrates stakeholders from EMSA, ENISA, Frontex, telecom operators, and defence ministries with the major task being to oversee threat analysis and emergency responses. 

2. Using AI-driven threat assessments, integrating anomaly detection and fault reporting as well as placing undersea cable monitoring into EU maritime surveillance systems. 

3. A mandatory requirement of all Member States to assess the vulnerability of their cable infrastructure. 

4. Coordinating defence protocols with NATO for the protection of subsea infrastructure with a joint emphasis to monitor geopolitical hotspots and bottlenecks in regions of strategic interests. 

5. A necessity to embed cable diplomacy in bilateral engagements with Egypt, Morocco, and the UK. 

6. A major emphasis on the advocacy for revisions to UNCLOS to address contemporary threats and assign enforcement responsibilities. 

Bibliography 

1. Bueger, Christian, Tobias Liebetrau, and Janosch Franken. 2022. Security Threats to Undersea Communications Cables and Infrastructure – Consequences for the EU. Brussels: European Parliament, Directorate-General for External Policies. PE 702.557.  

2. International Telecommunication Union. 2021. Measuring Digital Development: Facts and Figures. Geneva: ITU. 

3. UNCLOS (United Nations Convention on the Law of the Sea). 1982. United Nations Convention on the Law of the Sea. Montego Bay, Jamaica: United Nations. 

4. TeleGeography. 2024. “Content Providers’ Submarine Cable Holdings: Updated List.” TeleGeography Blog, February 8, 2024.https://blog.telegeography.com/telegeography-content-providers-submarine-cable-holdings-list-new.