Hikvision UK Partner Griffiths Objects: Human Rights Abuses vs Cybersecurity Risks

Hikvision partners are struggling to deflect the growing global criticism of Hikvision and, by extension, their sales of Hikvision products.

The objection of one Hikvision UK partner, Rhys Griffiths of Griffiths Security, encapsulates these tactics, showing willful ignorance and bad ethics in a series of comments to IPVM.

His first objection is that the title of our report ("Hikvision and Dahua Simply Cannot Be Trusted", Declares UK Camera Commissioner) is deceptive. He recommends that it be lengthened and qualified to note the reason is human rights abuses:

That emphasizing human rights abuses makes any situation better is odd.

Griffiths then falsely dismisses the quote-unquote human rights abuses as simply the byproduct of others using Hikvision products.

This excuse is patently untrue, a point that his country's own Camera Commissioner has repeatedly emphasized in his inquires. Indeed, IPVM first reported on Dahua and Hikvision billion-dollar-plus direct contracts 4 years ago. These direct contracts to supply, build, and even maintain these systems are well documented, e.g. as we explained in the video below:

Unfortunately, but unsurprisingly, Griffiths just ignored this evidence of direct participation in human rights abuses from his business partner.

Griffiths worries the public will be misled that the Commissioner's distrust of his business partner to be about Hikvision's cybersecurity:

you know absolutely full well that headline brings about feelings of distrust in regards to its cyber security etc It was a great attempt at strawmanning the fact the headline is completely misleading

However, the Commissioner is indeed concerned about both, for example, in his April 2022 letter:

I became concerned about the clear ethical and human rights issues involved in public procurement of surveillance technology from companies associated with atrocities in China. I have also been increasingly concerned at the security risks presented by some state-controlled surveillance systems covering our public spaces. [emphasis added]

Moreover, as the Commissioner said in a letter earlier this month:

almost every aspect of our lives is now under surveillance using advanced systems designed by, and purchased from, companies under the control of other governments, governments to whom those companies have data sharing obligations within their own domestic legal framework. The proliferation of these systems means we have a public surveillance infrastructure built on ‘digital asbestos’ requiring both considerable caution when handling the products installed by a previous generation and, as a priority, a moratorium on any further installation until we fully understand the risks we have created. [emphasis added]

Indeed, the Commissioner elaborated on the issue of cybersecurity and human rights issues in an email to IPVM today:

On the national security point, many government departments have declined to answer questions about whether they are using Hikvision surveillance camera systems on grounds of ‘national security’ even where, for example, Hikvision cameras can clearly be seen monitoring public space such as Great Smith Street in Westminster. If this question is regarded as being so sensitive, there must have been considerable due diligence involved in the decisions to procure, install and operate the surveillance systems and I’d simply like to understand on what basis that has been carried out and how those making the decisions have assured themselves that the company merits the status of a trusted surveillance partner given all that is emerging about the way in which they operate.

In a policing context, if you were recruiting surveillance camera staff for the police and an applicant’s CV showed they had designed, built and operated internment camps for Uyghur Muslims in Northern Xinjiang, it is unlikely that you’d offer them the job. If when asked about that period on their CV they simply refused to answer your questions, you wouldn’t dream of offering them a job – why then is it any different to giving, not just a person but a corporate entity controlled by another government, a multi-million pound contract to undertake that work within our communities?

This is a theme we have seen with Hikvision partners (on the US side, see 100 Hikvision Partners Ask US FCC Not To Ban Hikvision). They are willfully ignorant about basic facts as they defend the easy money they make from Hikvision. Unfortunately for them, the truth about Hikvision plus Hikvision's refusal to respond meaningfully to government officials, such as the UK Camera Commissioner, is increasingly clear.