US Drafting Separate Rule for NDAA Dahua/Hikvision 'Blacklist'

Published Mar 14, 2019 13:58 PM

The most debated provision of the NDAA ban of Dahua, Hikvision, Huawei, et al. is the so-called 'blacklist' provision which would ban any company selling Dahua or Hikvision to, say, a pizzeria from selling at all to the US government or US government-funded projects.

Now, IPVM has verified that the US government is drafting 2 FARs (Federal Acquisition Regulations) implementing the NDAA ban which specifically addresses the law's effective blacklisting.

In this post, we examine the news, explain what FAR rules are now being drafted, and look into potential impact, including:

  • FAR Background
  • Examination of Proposed FAR Rules
  • Prior Lobbying Against Blacklist Clause
  • Conclusion

**********

***** ********, *** ********** *** **** disclosed **** ** *** ******* ** a ****** *** **** ************ *** of *** ****'* ******* *** ("*********** ** ******* ****************** *** ***** Surveillance ******** ** *********.") * ***** report ** *** ******** **** *** due ********** ** ***** **; ** has *** **** ******** ******** *** comment **** ******** ***.

From *** *** **** ** ***

*******, *** ****** ***************************** **** *** *** ******** *** separate *** *****. *** *** **** ** being ******* ************ ** ********* *** blacklist ******, *.*. ********* (*)(*)(*) ** Section ***, ********* *****:

***. ***. *********** ** ******* ****************** AND ***** ************ ******** ** *********.
(*) *********** ** *** ** ***********.
— (*) *** **** ** ** executive ****** *** ***—
(*) ***** **** * ******** (** extend ** ***** * ********) **** an ****** **** **** *** *********, system, ** ******* **** **** ******* telecommunications ********* ** ******** as * *********** ** ********* ********* ** *** ******, ** ** ******** ********** ** **** ** *** ******. [emphasis added]

**** ********* **** ******* *********** **** any ****** **** **** ******* ********* as ** "*********" ** "***********" **** of ***** ******* **********.

*** ****** ** **** *** **** is *** ** *** *, ****; however **** ****** **** **** ** into ****** *** ***** ***** *** NDAA ******, *.*. ****** **, ****, as ****** ** ******* *** (*)(*) ("Effective *****").

*** ***** *** **** ******* *** on ***** **, *** ********** ********* (a)(1)(A) ** ******* ***. **** ********* is *** **** ** *** **** ban, ******* **** ** ******* ********** agencies ****** *** ********* ******* ** the ***. ** **** **** ****** one **** ***** *** **** *** passed **** ****, *.*. ****** **, 2019.

Context - ********* ****** ***** ****

*** ********* ****** *** **** ***** fire **** ***, ********* * ******** *** ********** ******* ****:

**** ***-******** *********** would ****** ** * **********-**** ******* ** “************” of businesses that utilize the covered equipment in a general sense, potentially encompassing the sale of such products to non-federal customers. Such an outcome would impose crippling ********* ******* on many U.S. security companies that serve the commercial marketplace and other non-federal customers, and ultimately increase ******** ***** to the U.S. business community at-large

******* ****** **** ****** **** ** well:

  • ********* ** ************************** *** * "****** ** ************* intent" ******* **** ******* ** *** NDAA, *** ***** ***** ********
  • *** ****************** ******** ***********, ***** ********** ******* ****** **** ******* *** **&*, **** * ****** ** *** ********** on ******* *, ******* *** ****** ***** “******* serious ********* ** ******* *********** ** ICT *******”
  • ** ********* ************** ******* ***, ****** ****** *** blacklist ****** "** *********" ***** ** penalizes ********** ***** ****** ********* **** "nothing ********** ** ** **** ***** performance ** ********** *********"

**********

*** **** **** *** ** ********** is ******* * ******** *** **** specifically ** ******* *** ********* ****** may ** * ********** ** *** amount ** ******** *** ******* *** received **** ******** ******. 

*******, ** ******* ******* ** ***** groups **** *** **** **** ****; the **** ******** *** *** **** could **** **** ********* ** ********** without ******* ****** **** *** ********.

****** ***, *** **** **** *** blacklist ****** ** ***** ********* ** a ******** *** **** **** * substantially ***** *** **** (*** * of **** ****) ***** ** **** need ** **** ****** ****** *** clarity ** *** *****.

Vote / ****

Comments (10)
U
Undisclosed #1
Mar 14, 2019

* ******** ******** **** ***'* ******** on ****. ***** *** ****** ** alternatives ** ********* *** *****, **** where **** ** * ************* (****** Wisenet *, ******** **, **** *********, and ******). ** ***** *********** **** integrators ***** * *** ** ******** with *** **********, *** ***** ** banned **** ********** ***** ********, ***** not ** **** ** ******** * profitable ******** ** **** ***** *** sell ***** ******* ** ***. *** likelihood **** ******* ** ***** *********** government ********************** ***-**** ********* ******** ****** ** fairly ***. **** *********** *** **** to **** *** ******* ** *** other, *** * ** *** *** that **** ***** ** ******* ** "crippling" *******.

************, ** *** ******* ***** ******** represent * ********* **** **** ** cyber ******** **********, **** **** ***** even **** *****. **** *********** **** have *** ********* **** **** *** install ***** ** **** **** ** a ***, ***** *** *** ** properly ******** **** *** **** ** their *******. ** ***** ******* ********* a **** ** ****** ******, * would *** **** ** ********** **** does * *** ** **********-******* ******** having ***** ******** ******* **** ** an **** ****** ***** ***** ****** compromising **** ***** ***** ********** *******.

*******, *********, ***** *** ****** **** mostly ******* **** ** **********. ********* has ** ********** ******** ***** ******** record, *** ******* * *** ** talk *** ****** *********** ******* ******** spokesmodels, *** *** ***** **** ********* to ****** ***** ******* ***** ******. Dahua *** ****** **** ****** ** security ****** ******* **** ** ****.

**** *********, *****, *** ****** *** not ******** ** ******* **** ** offering ** *** ********* ** ***** products *** **********, *** ******* ******* on *****-****** ************* **** *** ** campaign *** **** ******* ** **** telling.

(13)
(2)
(2)
UD
Undisclosed Distributor #2
Mar 14, 2019

***'* *** ********* **** * ****** that ****** ******* *** "*************" **** Hik, ***** *** ***** ****** ******?  Purely ** *******, *** ****** *** on **** **** **** ******* *** your ***********.

(9)
UI
Undisclosed Integrator #3
Mar 14, 2019

*** *** **** * ********** **** on *****.  ** **** ***** **** are * ********* *** ** *****.

(4)
(1)
(1)
UI
Undisclosed Integrator #3
Mar 14, 2019

**** **** ***** **** *********** ** IPVMs ******* ********.

**** ** ******* *********** ****** crippling ********* ******* on many *.*. ******** ********* ************* **** ***** ************* *********** **** *********** *** ********-********** ********, *****-******* ***********, *** *********'* clubs.

(1)
(2)
(1)
(3)
(12)
Avatar
Charles Rollet
Mar 18, 2019

******: *** *** **** *** *** FAR **** ************ ********* (*)(*)(*) ** Section *** - ****'* *** **** part ** *** ***, ***** **** federal ******** **** ****** *********/***** ********* - *** **** ******** *** ***** to ***** **. (******* * ** **** ****** ********** disclosure).

(2)
UI
Undisclosed Integrator #4
Mar 18, 2019

***** * **** (****** ****), ***** are * *** ** " *************" selling **** **********(****** ******** ********* *'* not * ************) *** *** ******* names ** ********* ***** *** ******* hik/epcom ** **** ** ***** *******. The ******* *** ****** * **** warranty ** *********/***** ********* **** * 3/5 **** ********** ******** ** ***, if **** ***** ****** ***** ***** be **** ********* ******* ** * lot ** ******** ********* ** **. Im ***** ******* *** * *********** on *********/***** *********(*** **) **** *** the **** *******/ ***** ***** **** no ****. 

(1)
UI
Undisclosed Integrator #3
Mar 18, 2019

**** *** ****** ** ******?  **** seems ** ** * ******* ******.  Geovision ** ******* ******** ******.

(1)
(1)
UI
Undisclosed Integrator #4
Mar 20, 2019

***, ****** ** ** ***** ****** to **** **. **** **** *** but *** ***** ********** ******* *** low *** ***** *** ****** *** pretty ***. ** ****** ** *** prices, *** * **** ***** *** TriEd *** ******* **** ****.

GM
Greg Masters
Mar 19, 2019

* ***** ******** ** ******* *** point.  *** ** *** *********** ****** to **** ** * *******, *** past *******, ***** ******* (** ***), soft/firmware *** ***** ***** *** **** a ********?

** *** ** **** ***** ** "ban" * ****** ********, ****, **** are *** ********.  **** *** **** to ****** *** ** *** ****. A "***" ** *** *********.

** ******* *** ** *********** ******** fulfills ***** ******** *****, *** ***** they **** **** ** *** ********** if **** *** * *** ****** to ******* ***** ********, **** ** crossing *** ****.

***, ***** ******** **** ******** ******.  They *** **** ** ***** ***** SSH ******* ***/** ****.  **** ** us **** ******** ** ******** ***** is ******** ** ***** *******.  ** have ****** *** ******* ** *** lives, ** *** ***'* **** *** or ***** ** ******** **** *** way **** *** ***** ******, **** don't *** ****.  ****.

* ****** ** *****, ******, *** hardware ******* ** *** ****** *** Dahua  ** ****** ****.  *** ******** flaws *** **** ** *** **** a ***.** ***** *** *** *** at *** ********.  *** ** **** (security ******) ******* ** *** ****.

**** ** .**

 

 

 

 

.

 

(5)
Avatar
Charles Rollet
Jul 09, 2019

******: ********* ********** ********** ********* **** * ***** FAR **** ************ *** **** ** the **** - *.*. ****** (*)(*)(*), ***** **** ******* ********** *********** ** ******, Hikvision, *** ***** ********* - *** been *******. ** ** **** **, the ***** **** *** **** ** *** ***'* ******** ****** *********** ******* (****) ***** ******* ***** ** *** ****** ** *********** *** ********** ******* (OIRA), ***** ** **** ** *** White *****'* ****** ** ********** *** Budget, *** ******.

 

image