US Drafting Separate Rule for NDAA Dahua/Hikvision 'Blacklist'

By Charles Rollet, Published Mar 14, 2019, 09:58am EDT

The most debated provision of the NDAA ban of Dahua, Hikvision, Huawei, et al. is the so-called 'blacklist' provision which would ban any company selling Dahua or Hikvision to, say, a pizzeria from selling at all to the US government or US government-funded projects.

Now, IPVM has verified that the US government is drafting 2 FARs (Federal Acquisition Regulations) implementing the NDAA ban which specifically addresses the law's effective blacklisting.

In this post, we examine the news, explain what FAR rules are now being drafted, and look into potential impact, including:

  • FAR Background
  • Examination of Proposed FAR Rules
  • Prior Lobbying Against Blacklist Clause
  • Conclusion

**********

***** ********, *** ********** had **** ********* **** it *** ******* ** a ****** *** **** implementing *** ** *** NDAA's ******* *** ("*********** ** ******* ****************** and ***** ************ ******** or *********.") * ***** report ** *** ******** rule *** *** ********** on ***** **; ** has *** **** ******** released *** ******* **** industry ***.

From *** *** **** ** ***

*******, *** ****** ***************************** **** *** *** drafting *** ******** *** rules. One *** **** ** being ******* ************ ** implement *** ********* ******, i.e. ********* (*)(*)(*) ** Section ***, ********* *****:

***. ***. *********** ** CERTAIN ****************** *** ***** SURVEILLANCE ******** ** *********.
(*) *********** ** *** Or ***********.
— (*) *** **** of ** ********* ****** may ***—
(*) ***** **** * contract (** ****** ** renew * ********) **** an ****** **** **** any *********, ******, ** service **** **** ******* telecommunications ********* ** ******** as * *********** ** ********* ********* ** *** ******, ** ** ******** ********** ** **** ** *** ******. [emphasis added]

**** ********* **** ******* procurement **** *** ****** that **** ******* ********* as ** "*********" ** "substantial" **** ** ***** overall **********.

*** ****** ** **** FAR **** ** *** on *** *, ****; however **** ****** **** only ** **** ****** two ***** ***** *** NDAA ******, *.*. ****** 13, ****, ** ****** on ******* *** (*)(*) ("Effective *****").

*** ***** *** **** remains *** ** ***** 13, *** ********** ********* (a)(1)(A) ** ******* ***. This ********* ** *** core ** *** **** ban, ******* **** ** federal ********** ******** ****** buy ********* ******* ** the ***. ** **** into ****** *** **** after *** **** *** passed **** ****, *.*. August **, ****.

Context - ********* ****** ***** ****

*** ********* ****** *** come ***** **** **** SIA, ********* * ******** *** ********** ******* that:

**** ***-******** *********** would ****** ** * **********-**** ******* ** “************” of businesses that utilize the covered equipment in a general sense, potentially encompassing the sale of such products to non-federal customers. Such an outcome would impose crippling ********* ******* on many U.S. security companies that serve the commercial marketplace and other non-federal customers, and ultimately increase ******** ***** to the U.S. business community at-large

******* ****** **** ****** back ** ****:

  • ********* ** ************************** *** * "****** of ************* ******" ******* this ******* ** *** NDAA, *** ***** ***** ********
  • *** ****************** ******** ***********, which ********** ******* ****** **** ******* and **&*, **** * ****** ** the ********** ** ******* 1, ******* *** ****** could “******* ******* ********* to ******* *********** ** ICT *******”
  • ** ********* ************** ******* ***, ****** stated *** ********* ****** "is *********" ***** ** penalizes ********** ***** ****** equipment **** "******* ********** to ** **** ***** performance ** ********** *********"

**********

*** **** **** *** US ********** ** ******* a ******** *** **** specifically ** ******* *** blacklist ****** *** ** a ********** ** *** amount ** ******** *** section *** ******** **** industry ******. 

*******, ** ******* ******* if ***** ****** **** get **** **** ****; the **** ******** *** FAR **** ***** **** well ********* ** ********** without ******* ****** **** for ********.

****** ***, *** **** that *** ********* ****** is ***** ********* ** a ******** *** **** with * ************* ***** due **** (*** * of **** ****) ***** we **** **** ** wait ****** ****** *** clarity ** *** *****.

Vote / ****

Comments (10)

* ******** ******** **** SIA's ******** ** ****. There *** ****** ** alternatives ** ********* *** Dahua, **** ***** **** is * ************* (****** Wisenet *, ******** **, Axis *********, *** ******). It ***** *********** **** integrators ***** * *** of ******** **** *** government, *** ***** ** banned **** ********** ***** products, ***** *** ** able ** ******** * profitable ******** ** **** could *** **** ***** systems ** ***. *** likelihood **** ******* ** doing *********** ********** ********************** ***-**** ********* ******** should ** ****** ***. Some *********** *** **** to **** *** ******* or *** *****, *** I ** *** *** that **** ***** ** subject ** "*********" *******.

************, ** *** ******* these ******** ********* * potential **** **** ** cyber ******** **********, **** this ***** **** **** sense. **** *********** **** have *** ********* **** sell *** ******* ***** in **** **** ** a ***, ***** *** not ** ******** ******** from *** **** ** their *******. ** ***** devices ********* * **** of ****** ******, * would *** **** ** integrator **** **** * lot ** **********-******* ******** having ***** ******** ******* open ** ** **** attack ***** ***** ****** compromising **** ***** ***** government *******.

*******, *********, ***** *** Huawei **** ****** ******* this ** **********. ********* has ** ********** ******** cyber ******** ******, *** despite * *** ** talk *** ****** *********** dressed ******** ************, *** not ***** **** ********* to ****** ***** ******* truly ******. ***** *** Huawei **** ****** ** security ****** ******* **** as ****.

**** *********, *****, *** Huawei *** *** ******** to ******* **** ** offering ** *** ********* of ***** ******** *** inspection, *** ******* ******* on *****-****** ************* **** SIA ** ******** *** them ******* ** **** telling.

***'* *** ********* **** a ****** **** ****** through *** "*************" **** Hik, ***** *** ***** Huawei ******?  ****** ** opinion, *** ****** *** on **** **** **** nothing *** **** ***********.

*** *** **** * friendlier **** ** *****.  At **** ***** **** are * ********* *** of *****.

**** **** ***** **** translation ** ***** ******* audience.

**** ** ******* *********** ****** crippling ********* ******* on many *.*. ******** ********* ************* **** ***** ************* *********** **** *********** *** ********-********** ********, *****-******* ***********, and *********'* *****.

******: *** *** **** for *** *** **** implementing ********* (*)(*)(*) ** Section *** - ****'* the **** **** ** the ***, ***** **** federal ******** **** ****** Hikvision/Dahua ********* - *** been ******** *** ***** to ***** **. (******* * ** **** latest ********** **********).

***** * **** (****** Rico), ***** *** * lot ** " *************" selling **** **********(****** ******** althought *'* *** * truckslammer) *** *** ******* names ** ********* ***** are ******* ***/***** ** part ** ***** *******. The ******* *** ****** 5 **** ******** ** hikvision/epcom ********* **** * 3/5 **** ********** ******** so ***, ** **** rules ****** ***** ***** be **** ********* ******* on * *** ** security ********* ** **. Im ***** ******* *** a *********** ** *********/***** equipment(non **) **** *** the **** *******/ ***** point **** ** ****. 

**** *** ****** ** Hanwha?  **** ***** ** be * ******* ******.  Geovision ** ******* ******** option.

***, ****** ** ** first ****** ** **** at. **** **** *** but *** ***** ********** between *** *** *** epcom *** ****** *** pretty ***. ** ****** on *** ******, *** i **** ***** *** TriEd *** ******* **** week.

* ***** ******** ** missing *** *****.  *** we *** *********** ****** to **** ** * product, *** **** *******, build ******* (** ***), soft/firmware *** ***** ***** and **** * ********?

** *** ** **** wants ** "***" * direct ********, ****, **** are *** ********.  **** are **** ** ****** who ** *** ****. A "***" ** *** necessary.

** ******* *** ** independent ******** ******** ***** security *****, *** ***** they **** **** ** the ********** ** **** use * *** ****** to ******* ***** ********, that ** ******** *** line.

***, ***** ******** **** security ******.  **** *** easy ** ***** ***** SSH ******* ***/** ****.  Some ** ** **** invested ** ******** ***** is ******** ** ***** devices.  ** **** ****** big ******* ** *** lives, ** *** ***'* like *** ** ***** or ******** **** *** way **** *** ***** plants, **** ***'* *** them.  ****.

* ****** ** *****, though, *** ******** ******* of *** ****** *** Dahua  ** ****** ****.  The ******** ***** *** easy ** *** **** a ***.** ***** *** and *** ** *** location.  *** ** **** (security ******) ******* ** you ****.

**** ** .**

 

 

 

 

.

 

******: ********* ********** ********** ********* **** a ***** *** **** implementing *** **** ** the **** - *.*. clause (*)(*)(*), ***** **** ******* ********** *********** of ******, *********, *** Dahua ********* - *** been *******. ** ** June **, *** ***** rule *** **** ** *** ***'* ******** ****** *********** ******* (CAAC) ***** ******* ***** ** the ****** ** *********** *** Regulatory ******* (****), ***** ** **** of *** ***** *****'* Office ** ********** *** Budget, *** ******.

 

image

Read this IPVM report for free.

This article is part of IPVM's 6,739 reports, 909 tests and is only available to members. To get a one-time preview of our work, enter your work email to access the full article.

Already a member? Login here | Join now
Loading Related Reports