The Price of Choosing the Wrong Infrastructure Partner

The CyberDiplomat

7 min read
Share
The Price of Choosing the Wrong Infrastructure Partner
Spain's Zapatero corruption scandal is a window into something larger: what happens when geopolitical alignment decisions are shaped by influence networks rather than national interest—and how Chinese technology becomes the thread that ties them together.

In Madrid, what began as a financial police raid on a small social-media agency has unravelled into something far more consequential: a corruption case that allegedly reaches from a former prime minister's influence network to the heart of Spain's 5G infrastructure, its state railway communications, and its posture toward Western intelligence-sharing agreements.

The details are lurid—cash stuffed in golf bags, envelopes labelled in Chinese, a notebook filled with references to "ZP" and Huawei contracts. But the story underneath the scandal is a structural one, and it has implications well beyond Spain. It is a case study in how authoritarian-linked technology firms gain footholds in democratic infrastructure, and why those footholds are so difficult to dislodge once established.

The mechanism is not always dramatic. It rarely begins with a cyberattack or an intelligence operation. It begins, often, with a relationship.

How infrastructure decisions get made—and unmade

In 2020, as European governments grappled with US pressure to exclude Huawei from their 5G networks, most fell in line. The UK reversed course. Germany tightened restrictions. Spain did not. While allies cited security concerns backed by Five Eyes intelligence assessments, Madrid placed no limits on Huawei in its 5G core—and in 2025, went further, selecting the company's servers to store recordings of judicial wiretaps.

That decision prompted the heads of the US House and Senate intelligence committees to warn the White House that Spain had opened a pathway to the Chinese Communist Party—and to raise questions about continued intelligence sharing. Madrid responded that the system was watertight, audited, and isolated. The reassurances satisfied no one outside the government.

"When a government stores judicial wiretap recordings on servers supplied by a company legally subject to Chinese state intelligence laws, it has made a national security decision—whether or not it acknowledges it as such."

What the Zapatero investigation now alleges is that this decision was not made in a strategic vacuum. According to Spain's financial crimes unit, the former prime minister—who retained significant influence over the Sanchez government and whose allies occupied key positions across state entities—was a central advocate for Huawei's interests in Spain, and was allegedly compensated for that advocacy through a layered network of consultancies, think tanks, and his daughters' social-media agency.

A notebook found during a raid on an associate contained the entry: "Huawei – 100 end of the month" and "400 contract." Investigators believe the latter refers to a €484,000 contract, awarded to Huawei on Christmas Eve 2024, to replace switches and routers on the communications network of Adif—Spain's state railway management company.

The architecture of Chinese technology influence

The Spain case is not an isolated incident. It is, rather, an unusually well-documented example of a pattern that has repeated across multiple democracies over the past decade: the systematic cultivation of political relationships to shape infrastructure procurement decisions in favor of Chinese technology firms.

The pattern has consistent features. A politically connected intermediary—often a former official with continued access—is retained as a bridge between the technology firm and government decision-makers. A think tank or consultancy is established to provide intellectual cover and a channel for payments. The technology firm wins contracts in sensitive infrastructure categories. Oversight bodies raise concerns that are dismissed as political interference or commercial protectionism.

SPAIN–HUAWEI: A TIMELINE OF ENTANGLEMENT

Zapatero leaves office and begins work as a political intermediary in Venezuela, establishing ties with Chinese interests in the region.2019Zapatero allegedly brokers oil and LNG deals between China and Venezuela; Beijing deepens its engagement with his network.2020Spain declines to restrict Huawei from its 5G core as allies align with US security guidance. Huawei's Spanish operation employs Zapatero's former security chief and retains a lobbying firm run by his ex-minister.2022Zapatero and Huawei adviser Fangyong Du co-found the Gate Center, a pro-China think tank, which allegedly funnels €350,000 to Zapatero and €170,000 to his daughters' agency.2025Spain selects Huawei servers to store judicial wiretap recordings. US intelligence committees raise alarm over intelligence-sharing risks.2026Spain resists EU Cyber Security Act reforms that would ban Huawei from telecoms networks, power grids, and railways. Zapatero summoned to National Court as suspect.

Why this is a national security failure, not just a corruption case

It is tempting to frame this as a story about personal venality—a former leader who monetized his relationships for private gain. That frame is accurate but insufficient. The national security dimension is independent of whether Zapatero is ultimately convicted.

China's National Intelligence Law, enacted in 2017, requires Chinese companies and citizens to "support, assist, and cooperate" with state intelligence operations when requested. This legal architecture means that any Chinese technology embedded in critical national infrastructure—5G networks, judicial recording systems, railway communications, electrical grids—carries an inherent obligation that cannot be contracted away, audited into irrelevance, or isolated by technical architecture alone.

When a democratic government stores its judicial wiretap recordings on servers supplied by a company subject to this law, it has made a national security decision, whether or not it frames it as such. When it awards contracts for state railway communications to that same company, it is extending that exposure further. The question is not whether the risk is theoretical—it is whether the government has made an informed, sovereign choice to accept it.

WHAT MAKES CHINESE TECH IN CRITICAL INFRASTRUCTURE DIFFERENT

  • China's 2017 National Intelligence Law legally compels cooperation with state intelligence—no contractual "isolation" clause overrides it
  • Hardware and firmware in network equipment can carry update mechanisms that are opaque to host-nation auditors
  • Judicial and law enforcement data is among the highest-value intelligence targets; storing it on affected infrastructure is categorically different from consumer applications
  • Railway and power grid communications, once compromised, enable physical disruption—not merely data exfiltration
  • Five Eyes partners routinely downgrade intelligence sharing with governments whose infrastructure is assessed as compromised—a tangible diplomatic cost
  • EU Cyber Security Act proposals would codify these risks in law; resisting them signals a preference for the relationship over the regulation

The changing geometry of digital diplomacy

Spain's posture reveals a deeper shift in how technology infrastructure choices have become diplomatic statements. For most of the post-Cold War period, infrastructure procurement was treated as a commercial question—price, specification, delivery timelines. Geopolitics was something that happened elsewhere, in defense ministries and foreign offices.

That separation no longer holds. The infrastructure a government chooses for its telecommunications, its energy grid, its transport networks, and its data storage is now inseparable from its alliance commitments. Choosing a supplier that is legally obligated to the intelligence apparatus of an adversarial state is a choice that allies notice, assess, and respond to—through intelligence-sharing adjustments, diplomatic signaling, and, increasingly, formal trade and security agreements that condition access on infrastructure standards.

The US has made this explicit through the Clean Network initiative and its pressure on partners to align on Huawei. The EU is moving in the same direction through the revised Cyber Security Act. The diplomatic cost of non-compliance is no longer abstract: it is measured in what intelligence is not shared, what joint operations are not offered, what political capital is withheld when needed.

"The infrastructure a government chooses for its networks is no longer a procurement decision. It is a declaration of alignment—and allies are reading it accordingly."

Spain's resistance to the EU's proposed Huawei ban in telecoms, power, and railway networks—reported just days before Zapatero's court summons—now reads differently in this context. It is not simply a commercial preference or a sovereign procurement decision. It is, given what investigators allege about how that preference was shaped, a case study in how corrupted decision-making produces corrupted security postures.

The lesson other governments should draw

For governments currently navigating their own infrastructure procurement decisions, Spain's situation offers a framework for what not to do—and a warning about how quickly strategic vulnerabilities compound.

The first vulnerability is the relationship layer. Political intermediaries who bridge government and foreign technology firms operate in a space that existing procurement regulations were not designed to govern. Lobbying disclosure requirements, revolving-door restrictions, and foreign agent registration laws all exist in most democracies—but they were built for an earlier era of influence, one that did not anticipate the sophistication of think-tank-fronted, consultancy-laundered, multi-jurisdictional influence networks of the kind alleged in Spain.

The second vulnerability is the audit fallacy. Governments that accept Chinese technology on the condition of auditing and isolation consistently underestimate what audits cannot detect: firmware update channels, supply chain compromises, and the legal obligations that Chinese law places on the vendor regardless of what any bilateral agreement says. Assurances of isolation are not auditable in the way that physical security is; they are assertions.

The third vulnerability is political. Once Chinese technology is embedded in critical infrastructure, removal becomes extraordinarily costly—technically, financially, and diplomatically. The incumbent supplier has leverage. Allies pressing for removal face accusations of commercial interference. The window for a clean decision closes quickly and does not reopen cheaply.

Where this leaves Spain—and the broader alliance

The Zapatero case will play out in courts and parliaments for years. Its immediate political consequences—the pressure on the Sanchez coalition, the demands from Junts, the opposition calls for elections—are significant but ultimately domestic. What persists beyond any verdict is the infrastructure that was built, the relationships that were cultivated, and the intelligence exposure that was created.

Spain's allies will not wait for a court ruling to calibrate their intelligence-sharing posture. They are already making assessments based on what is publicly known. The notebook entries, the Christmas Eve railway contract, the judicial wiretap servers—these are not allegations that can be quarantined from the security calculations of partners.

For the wider Western alliance, the Spain case underscores an argument that security agencies have been making for years: the most consequential national security decisions of the digital era are not made in defense ministries. They are made in procurement offices, in cabinet subcommittees, and—if the Zapatero allegations hold—over WhatsApp chats between former prime ministers and their associates.

The architecture of digital diplomacy demands that democratic governments treat infrastructure choices with the same rigour they apply to treaty commitments. Because in practice, they have become the same thing.

Read more