The U.S. Senate voted 87-10 on Wednesday to approve the 2019 National Defense Authorization Act (NDAA), which includes a provision barring U.S. government agencies from purchasing video surveillance products from Hikvision, Dahua and Hytera Technologies. The ban was initially introduced as an amendment to the House version of the bill in May. To read our full story on the original amendment, click here.
Under the language adopted in the final version of the NDAA, federal agencies cannot buy video surveillance equipment “for the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes…” from these companies nor any subsidiary or affiliate.
The bill now moves on for approval by the President who, by all indications, is expected to sign it.
In a letter sent to the company’s partners on Thursday, Jeffrey He, President of Hikvision USA and Hikvision Canada, said the quick drafting and passage of the bill has resulted in “ambiguous interpretations of various definition within the provisions relevant to Hikvision” and that the ban on federal agencies procuring the company’s products “may or may not” extend to other areas unrelated to U.S. government contracts.
A full copy of the letter was provided to SecurityInfoWatch by Hikvision:
“The decision by Congress to approve this provision was not based on any evidence, review or investigation of potential security risks. It represents a rejection of the U.S. government’s obligation to use a standards-based approach when evaluating security risks in federal procurement,” Mr. He wrote in the letter. “It also ignores Hikvision’s commitments to comply with all applicable laws and regulations and the company’s efforts to ensure the security of its products go beyond what is mandated by the U.S. government, including the Federal Information Processing Standard (FIPS) 140-2, which is a U.S. government standard established by the Computer Security Resource Center of the National Institute of Standards and Technology.”
Mr. He also pointed to the opening of the company’s Source Code Transparency Center (SCTC) earlier this year as part of Hikvision’s ongoing commitment to transparency and compliance. The center, which Mr. He said is the first of its kind within the industry, provides law enforcement authorities and government agencies in the U.S. and Canada with the ability review the company’s source code.
“We want to be clear: security and transparency are our top priorities and part of our long-standing commitment to you,” Mr. He wrote. “Hikvision has engaged external legal counsel to analyze the NDAA language. That analysis is currently underway. As soon as we can provide guidance, we will get that information out to you. The provisions within the NDAA will come into effect in either one or two years from being signed into law, which we expect to occur this month.”
Mr. He said that the company would also work with federal authorities on the implementation of the legislation to minimize potential impacts to its partners.
In an article published last month in The Hill, Missouri-based contractor Chris Nickelson argued that a ban on Hikvision products would actually harm small American businesses like his. Nickelson said the allegations against Hikvision have hurt his business and decried the lack of evidence supporting the allegations. “Somebody still needs to show me that there’s any real meat and potatoes behind any accusations that have been made towards Hikvision,” he told the publication.
For its part, Dahua also issued a statement stressing its commitment to cybersecurity in the wake of the bill’s passage.
“We understand that in today’s security industry, cybersecurity is the biggest challenge. We have provided remedies to correct those issues with our customers. We take cybersecurity very seriously by implementing a 7-module cybersecurity baseline into our product design,” the company’s statement said. “Meanwhile, we continue to work with third-party partners like DBAPP Security and Synopsys Technology, to rigorously test our products to combat against current cybersecurity vulnerabilities.
“With over 6,000 R&D Dahua professionals, we strive to provide secured products and solutions to our valued customers to secure what they care about. Although local laws and regulations may present challenges, we never lose sight of our goals – to provide top-tier products and services for the North American market. We will continue to invest in resources and employees to ensure our customers and partners retain the highest quality of services to support future growth in this market.”
Hikvision Announces Leadership Changes
Also this week, Hikvision announced it was making a change in its North American leadership structure. According to a statement, Mr. He has been promoted to Vice President of Hangzhou Hikvision Digital Technology Co., the company’s parent organization, and will remain President of Hikvision USA and Canada to “focus on a range of strategic challenges.”
Eric Chen has subsequently been promoted to the position of General Manager for Hikvision North America, where he will oversee the company’s business operations. Mr. Chen, who initially joined Hikvision Digital Tech. Co. in 2008 as Key Account Manager, has climbed the company’s ranks in recent years. After being named as Senior Account Manager in 2012, he was quickly promoted to the role of Director of the North America Business Unit (NABU), a role he served in for two years before being promoted once again to Senior Director of Strategic Global Accounts (SGA), where he supported the company’s partners in the U.S., Canada and EMEA regions.
Hikvision’s Presence at GSX
As part of an effort the company says is aimed at personalizing its interactions with customers at the upcoming Global Security Exchange (GSX) conference in Las Vegas, Hikvision confirmed to SecurityInfoWatch that it will not have a booth on the show floor. Rather, the company says it will have a contingent of representatives who will attend the show and host partner meetings and product demos in facilities throughout the conference center.
“As a total solution provider, Hikvision looks forward to meeting with end-users, A&E consultants, integrators and other partners to discuss how Hikvision's full suite of products can help address the challenges facing security directors and the broader C-Suite,” the company said in a statement.
The company reiterated that the decision to not have a booth at the show was made earlier this summer, and not in response to the Senate vote.
About the Author:
Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].