A law signed this week prevents NASA, the Justice Department, and the Commerce Department from buying IT-related equipment from China without a “cyber-espionage” risk consultation with law enforcement. The story is worth a read.
The topic has been stewing for a while. In the past lawmakers wanted to ban it altogether.
The rationale: The U.S. is scared of buying electronics from China because its thinks it'll be buying gear with pre-loaded hardware or software that facilitates Chinese spying.
I’ve written about this topic in the past. Back then, lawmakers I talked to were toying with the idea of introducing legislation prohibiting the U.S. from buying any IT or security-related gear from Chinese companies. This included surveillance and any security-related gear, IT equipment, electronic parts for weapon systems, electronic aircraft parts and medical devices.
The new law shows the idea is gaining some traction, however, the law didn’t go as far as putting this requirement on law enforcement agencies like the FBI and DHS or venture into regulating where businesses can buy from (but it could be a precursor). It may not have much local impact immediately, but keep in mind that local politicians often mimic decisions from Washington when making their own city and state laws.
If something broader passes in the future, it could be a headache for the surveillance industry -- especially for people who do business with government agencies (federal, state and local).
Thoughts?