The Federal Communications Commission voted unanimously on Thursday to adopt a rulemaking measure that could eventually lead to a ban on all future authorizations of products manufactured by Hikvision and Dahua as well as three other companies – Huawei, ZTE Corp. and Hytera Communications Corp. – that were previously designated as threats to national security.
Specifically, the “Notice of Proposed Rulemaking (NPRM) and Notice of Inquiry (NOI)” seeks comment on the proposal to prohibit new equipment authorizations from the aforementioned companies, which have been placed on the so-called “Covered List” published by the commission’s Public Safety and Homeland Security Bureau, as well as on whether or not the FCC should revoke prior authorizations for equipment from these vendors.
“The FCC through its equipment authorization process continues to approve for use in the U.S. thousands of applications from Huawei and other entities deemed national security threats,” FCC Commissioner Brendan Carr said during a hearing on the matter Thursday. “Once an entity lands on our Covered List, there doesn’t appear to be any reason why the FCC should continue to review that gear and offer the FCC seal of approval. Taking this step as I first proposed in 2019, and then expanded on in March of this year, will strengthen our national security by preventing the further installation and use of insecure gear in our networks.”
“While I do recognize that these issues are complex, we cannot continue to authorize, import and use equipment from companies deemed to present a national security threat,” added FCC Commissioner Geoffrey Starks, who also made three additions to the proposed rules, which include a requirement that equipment manufacturers filing for authorization to have a registered U.S. agent for service of process, education for the wider public on what changes to the authorization process will mean, and a request for comment from retailers on the status of internal supply chain standards and how the U.S. can play a bigger role in these efforts.
In a statement provided to SecurityInfoWatch, Dahua reiterated that its technology does not pose a threat to the nation nor is the company controlled by the Chinese government.
“As we have stated publicly many times, we respect the right of the U.S. government to regulate the domestic market. That certainly includes the authority of the FCC to regulate the country’s telecommunications network. However, we urge the FCC, and all of our company’s U.S. stakeholders, to recognize that our product and technology pose no threat to the U.S. network or to national security,” the statement read. “We are not government-owned or directed. Rather, we are a private-sector business, traded on the public markets that adheres to standards for ethical practices in our industry. We look forward to presenting these facts to the FCC and hope that the commission will keep an open mind as it embarks on what we expect will be a robust, deliberate process for considering this proposed rule.”
A spokesperson for Hikvision told SecurityInfoWatch that the company holds its products to the “highest global cybersecurity standards” and they also pose no threat to U.S. national security.
“Over the past decade, Hikvision has significantly contributed to safeguarding American property and people. We are committed to the absolute integrity, safety and security of our products. We hold our products to the industry’s highest global cybersecurity standards. But based on generic concerns about ‘national security,' the FCC has indicated it may impose drastic and unfounded penalties on Hikvision products,” the spokesperson said in a statement. “In the months ahead, Hikvision looks forward to working with the FCC in reviewing the facts and evidence which demonstrate solidly that our products pose no risk to the national security of the United States whatsoever. And we look forward to working with the FCC in showing that national security and the rule of law are not well served by arbitrarily punishing companies without any actual evidence of threat but based instead upon their country of origin.”
Impact on Previously Exempt Equipment
While the proposed ban on new product authorizations would be fairly straightforward in its implementation, the notion of pulling previously approved equipment from the supply chain has some industry observers concerned.
In a letter from Megan Brown, counsel for the Consumer Technology Association (CTA), to the FCC outlining the highlights of a meeting between CTA and regulators earlier this month, the CTA expressed concerns about the potential of the commission making retroactive changes.
“CTA explained that broad changes to the equipment authorization regime for devices currently exempt could be disruptive and impose substantial burdens on manufacturers well beyond the few covered entities,” the letter read. “CTA explained that revocation or retroactive changes to the status of equipment or components could be difficult to implement for manufacturers across the supply chain, suggesting a need for close commission review of a full record. CTA also noted that there are questions about whether the commission has sufficient existing statutory authority to implement the various proposals in the NPRM and NOI.”
The Security Industry Association (SIA) in a statement said that it is still working to determine what the potential ramifications of this ban would be for the market.
"SIA is working with our members throughout the industry to assess the potential impact of the various proposals in the FCC notice and inquiry, and we will be reviewing the final language when it is posted for public comment," the statement read. "Clearly, it would be unprecedented for the FCC to deny routine RF device authorizations based on factors outside the technical application criteria, and we understand there are questions about the legal authority of the agency to do so that will need to be addressed. While authorization directly affects whether specific products can be imported to and marketed in the U.S., a clearer understanding of other potential impacts of the proposals is needed."
Of course, Congress has already banned the purchase and installation of products from these companies by federal agencies via an amendment to the 2019 National Defense Authorization Act (NDAA), which went into full effect last year. For a full timeline of the actions taken by the federal government, as well as the Biden and Trump administrations against both Hikvision and Dahua, be sure to read this article published on SecurityInfoWatch earlier this month.
About the Author:
Joel Griffin is the Editor of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].