European Union: Tallinn Administrative Court referred questions relating to authorisation requirements for telecommunications network hardware and software on national security grounds to Court of Justice of European Union

On 15 May 2024, the Tallinn Administrative Court (Estonia) referred 6 questions to the Court of Justice of the European Union (CJEU) (C-354/24 / Elisa Eesti). The case concerns a challenge by telecommunications provider Elisa Eesti AS against the Cybersecurity Council of the Security Committee of the Government of the Republic and the Consumer Protection and Technical Regulatory Authority. The case relates to provisions in Estonia's Electronic Communications Act that require communications companies to obtain prior administrative authorisation to use hardware and software in their networks for reasons of national security. The referring court has asked the CJEU whether such measures fall within the scope of Directive 2018/1972 establishing the European Electronic Communications Code and whether they constitute a restriction on the freedom to provide electronic communications networks and services that requires notification to the European Commission. It also asks whether these measures are within the competence of Member States for national security purposes, whether they comply with the proportionality requirements set out in Article 36 of the Treaty on the Functioning of the European Union (TFEU) and whether limiting the authorised use of equipment that has already been deployed would constitute a deprivation of property under Article 17(1) of the EU Charter of Fundamental Rights.