U.S. Defense Bill Signed Into Law Bans Dahua, Hikvision Products
The 2019 National Defense Authorization Act (NDAA) contains a provision barring U.S. government agencies from purchasing Dahua and Hikvision products, including their OEMs.
The newly enacted ban impacts branded products from Dahua, Hikvision and Hytera Communications Corp., as well as their OEM solutions.
WASHINGTON, D.C. — With the stroke of a pen Monday, President Trump ratified a $716 billion defense policy bill and with it a provision to ban United States government agencies from purchasing video surveillance products made by Dahua and Hikvision, among other telecommunications gear from Chinese firms.
The ban points to rising suspicion in the U.S. against Chinese technology and potential cybersecurity threats posed by the Chinese government. It was included as part of an amendment to the defense bill proposed by Rep. Vicky Hartzler (R-Mo.).
“We must face the reality that the Chinese-government is using every avenue at its disposal to target the United States, including expanding the role of Chinese companies in the U.S. domestic communications and public safety sectors,” Hartzler said in statement. “Video surveillance and security equipment sold by Chinese companies exposes the U.S. government to significant vulnerabilities and my amendment will ensure that China cannot create a video surveillance network within federal agencies.”
Along with the Dahua- and Hikvision-branded equipment portfolios, each company’s extensive OEM or white label agreements also fall under the technology ban, along with any other vendors that use the company’s equipment.
The bill, known as the National Defense Authorization Act (NDAA), states the ban will take effect Aug. 13, 2019. Language in the ban on U.S. federal agency procurement includes:
“For the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of such entities).”
Hytera is a provider of radio communication devices. Also included in the ban is ZTE Corp., the Chinese telecom giant, and Huawei Technologies Co., China’s largest telecom equipment maker. Products manufactured by ZTE Corp. and Huawei has been effectively blocked from the U.S. since a Congressional report in 2012 warned the equipment could pose a national security threat, which both companies have refuted.
In statement released to SSI, Hikvision said the ban “was quickly drafted without sufficient evidence, review, or investigation to warrant the video surveillance technology restrictions outlined in section 889.”
The statement continues:
“The process resulted in an ambiguous provision with potentially far-reaching implications for American business and represents a rejection of the U.S. government’s commitment to use a standards-based approach when evaluating security risks in federal procurement.”
Hikvision said it is committed to complying with all applicable laws and regulations and has made efforts to ensure the security of its products go beyond what is mandated by the U.S. government. These efforts include certification under the Federal Information Processing Standard (FIPS) 140-2, as well as opening its Source Code Transparency Center (SCTC), which makes the company’s source code available for review by law enforcement authorities and government agencies in the U.S. and Canada.
When contacted for comment Tuesday, Dahua referred SSI to a statement posted on its website Aug. 3 in reaction to the NDAA prior to it becoming law.
“We understand that in today’s security industry, cybersecurity is the biggest challenge. We have provided remedies to correct those issues with our customers. We take cybersecurity very seriously by implementing a 7-module cybersecurity baseline into our product design,” according to the statement. “Meanwhile, we continue to work with 3rd party partners like DBAPP Security and Synopsys Technology, to rigorously test our products to combat against current cybersecurity vulnerabilities.”
Lynn de Seve, president of GSA Schedules, tells SSI the ban is concerning to commercial security industry suppliers. GSA contracts for the security industry require compliance to the Trade Agreement Act (TAA). As such products from China are currently not allowed on the GSA contract. Such items must be quoted as “open market,” meaning not on the GSA contract, de Seve explained.
“The change with NDAA 2019 does pose some new serious restrictions on government procurement regarding Chinese products, but how far will that reach into the commercial marketplace? We don’t know enough of the implementation details to know the full impact of NDAA 2019 and so, of course, that is a concern,” she said.
It is understood there are lots of questions on what will be the resulting ripple to the commercial industry, de Seve continued. But since the ban is yet to be implemented, stakeholders simply do not know to what extent it will reach through to impact industry OEMs, existing end-user systems or government contractors’ building systems.
“I have heard and read some public comments on what could be premature assumptions as to possible far reaching implications. We hope to learn more from government procurement policy leadership in future meetings to have some clarity,” she said.
The Security Industry Association also continues to explore potential ramifications from the ban.
“At this point, SIA is researching the language of the NDAA and seeking guidance on how some specific provisions related to the security industry will be interpreted,” said SIA CEO Don Erickson.
Wholesale distributors, many of which carry Dahua- and Hikivsion-branded products and their OEM partners, stand to be impacted by the ban. The extent of which also remains to be seen, but ADI’s Trent Perrotto, senior director of corporate and digital communications, suggests the industry’s largest wholesale distributor of security and low-voltage electronics products will be fine.
“At this time, we do not anticipate a significant impact to our business resulting from the legislation,” Perrotto said. “We take cybersecurity seriously and will work with customers, as always, to ensure compliance with any laws and regulations.”
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!
About the Author
Rodney Bosch, Senior Editor
Although Bosch’s name is quite familiar to those in the security industry, his previous experience has been in daily newspaper journalism. Prior to joining SECURITY SALES & INTEGRATION in 2006, he spent 15 years with the Los Angeles Times, where he performed a wide assortment of editorial responsibilities, including feature and metro department assignments as well as content producing for latimes.com. Bosch is a graduate of California State University, Fresno with a degree in Mass Communication & Journalism. In 2007, he successfully completed the National Burglar and Fire Alarm Association’s National Training School coursework to become a Certified Level I Alarm Technician.
Related Content
Security Is Our Business, Too
For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.
A FREE subscription to the top resource for security and integration industry will prove to be invaluable.
[…] search engines and social media sites. While currently the law of the land, the ban is yet to be implemented. Still, as reported earlier both Hikvision’s and Dahua’s stocks have taken a beating […]
do Hikvision and Dahua have the potential to hack videos or to do cybersecurity attacks?? was there any reports about this in the past?!
these question aside, I think the USA has made a reasonable decision, although these companies may not do such things, it’s better to keep away the danger.