A few things to add to this:

Harper also may have signed away our ability to defend against this in Canadian court and could result in a huge payout from the government in addition to whatever further economic sanctions China decides to put on us, as the canola industry is learning can hit pretty hard. So if we do ban it then we should be damn sure it’s because the potential security risks can’t be mitigated. But on the other side we may face political issues with the US if we do include them, although it’s unclear to what degree they would follow through with threats, especially if the UK proceeds with Huawei 5G. While we may not be as big of a contributor to the five eyes community and tend to take more than we give, the UK most certainly is.

In theory, you would hope online services use proper encryption for any data that leaves their internal network (as well as the data stored within the network). We shouldn’t be leaving that data out in the open even if it wasn’t traveling on Huawei’s networks. 5G won’t be able to magically unscramble information that travels on their networks. We may have to worry about quantum computers in the future but that has the potential to break everything so we’d have much bigger issues at that point.

So far only the US has been really pushing for the ban. Australia went ahead on the behest of the US. So did New Zealand but they have since backpedaled (although China has quite a bit of influence on their infrastructure which could be at issue). The UK’s review found a few vulnerabilities but believe it was not intentional or malicious (and we don’t have other competitors to compare with since they were not subject to the same scrutiny) and seem to be moving towards allowing Huawei for 5G, excluding in core government/financial infrastructure (as we currently do for Huawei in 4G), and we’re currently doing our own review through the CSE.

Vulnerabilities are not as rare as people think and are constantly being found, patched and new ones being inadvertently created. Software is complex with so many moving parts and so many people working on it and then hardware can have issues on top of that. Even if we look at Apple which is well-known for their security, Jailbreaking is based on these kinds of vulnerabilities. Even there, usually only the scraps are released for public use to be put into jailbreaks since Apple, intel agencies and private firms pay very generously for them (look up NSO’s Pegasus for how some of the more powerful vulnerabilities have been used)

My guess is the current government is letting the Huawei decision until after the election. Scheer has already committed to banning them. Should he become PM and he goes ahead with it, then he gets to bear the political brunt of any massive economic fallout that could result from it. I would argue we should at least see what the CSE has to say before committing to a ban though.