**********
***** ********, *** ********** *** **** disclosed **** ** *** ******* ** a ****** *** **** ************ *** of *** ****'* ******* *** ("*********** ** ******* ****************** *** ***** Surveillance ******** ** *********.") * ***** report ** *** ******** **** *** due ********** ** ***** **; ** has *** **** ******** ******** *** comment **** ******** ***.
From *** *** **** ** ***
*******, *** ****** ***************************** **** *** *** ******** *** separate *** *****. *** *** **** ** being ******* ************ ** ********* *** blacklist ******, *.*. ********* (*)(*)(*) ** Section ***, ********* *****:
***. ***. *********** ** ******* ****************** AND ***** ************ ******** ** *********.
(*) *********** ** *** ** ***********.
— (*) *** **** ** ** executive ****** *** ***—
(*) ***** **** * ******** (** extend ** ***** * ********) **** an ****** **** **** *** *********, system, ** ******* **** **** ******* telecommunications ********* ** ******** as * *********** ** ********* ********* ** *** ******, ** ** ******** ********** ** **** ** *** ******. [emphasis added]
**** ********* **** ******* *********** **** any ****** **** **** ******* ********* as ** "*********" ** "***********" **** of ***** ******* **********.
*** ****** ** **** *** **** is *** ** *** *, ****; however **** ****** **** **** ** into ****** *** ***** ***** *** NDAA ******, *.*. ****** **, ****, as ****** ** ******* *** (*)(*) ("Effective *****").
*** ***** *** **** ******* *** on ***** **, *** ********** ********* (a)(1)(A) ** ******* ***. **** ********* is *** **** ** *** **** ban, ******* **** ** ******* ********** agencies ****** *** ********* ******* ** the ***. ** **** **** ****** one **** ***** *** **** *** passed **** ****, *.*. ****** **, 2019.
Context - ********* ****** ***** ****
*** ********* ****** *** **** ***** fire **** ***, ********* * ******** *** ********** ******* ****:
**** ***-******** *********** would ****** ** * **********-**** ******* ** “************” of businesses that utilize the covered equipment in a general sense, potentially encompassing the sale of such products to non-federal customers. Such an outcome would impose crippling ********* ******* on many U.S. security companies that serve the commercial marketplace and other non-federal customers, and ultimately increase ******** ***** to the U.S. business community at-large
******* ****** **** ****** **** ** well:
- ********* ** ************************** *** * "****** ** ************* intent" ******* **** ******* ** *** NDAA, *** ***** ***** ********
- *** ****************** ******** ***********, ***** ********** ******* ****** **** ******* *** **&*, **** * ****** ** *** ********** on ******* *, ******* *** ****** ***** “******* serious ********* ** ******* *********** ** ICT *******”
- ** ********* ************** ******* ***, ****** ****** *** blacklist ****** "** *********" ***** ** penalizes ********** ***** ****** ********* **** "nothing ********** ** ** **** ***** performance ** ********** *********"
**********
*** **** **** *** ** ********** is ******* * ******** *** **** specifically ** ******* *** ********* ****** may ** * ********** ** *** amount ** ******** *** ******* *** received **** ******** ******.
*******, ** ******* ******* ** ***** groups **** *** **** **** ****; the **** ******** *** *** **** could **** **** ********* ** ********** without ******* ****** **** *** ********.
****** ***, *** **** **** *** blacklist ****** ** ***** ********* ** a ******** *** **** **** * substantially ***** *** **** (*** * of **** ****) ***** ** **** need ** **** ****** ****** *** clarity ** *** *****.
Vote / ****
Comments (10)
Undisclosed #1
I strongly disagree with SIA's lobbying on this. There are plenty of alternatives to Hikvision and Dahua, even where cost is a consideration (Hanwha Wisenet X, Avigilon SL, Axis Companion, and others). It seems unrealistic that integrators doing a lot of business with the government, who would be banned from purchasing these products, would not be able to maintain a profitable business if they could not sell these systems at all. The likelihood that someone is doing substantial government business and substantial low-cost commodity business should be fairly low. Some integrators may need to pick one channel or the other, but I do not buy that they would be subject to "crippling" effects.
Additionally, if you believe these products represent a potential high risk of cyber security compromise, then this makes even more sense. Most integrators will have the equipment they sell and install setup in some kind of a lab, which may not be properly isolated from the rest of their network. If these devices represent a risk of remote attack, I would not want an integrator that does a lot of government-related business having their internal network open to an easy attack which could reveal compromising data about those government systems.
Finally, Hikvision, Dahua and Huawei have mostly brought this on themselves. Hikvision has an absolutely horrible cyber security record, and despite a lot of talk and hiring fashionably dressed security spokesmodels, has not shown true dedicated to making their devices truly secure. Dahua and Huawei have plenty of security knocks against them as well.
That Hikvision, Dahua, and Huawei are not choosing to address this by offering up the integrity of their products for inspection, and instead relying on money-driven organizations like SIA to campaign for them instead is very telling.
Create New Topic
Undisclosed Integrator #3
This area needs some translation to IPVMs savvier audience.
Create New Topic
Charles Rollet
UPDATE: the due date for the FAR rule implementing paragraph (a)(1)(A) of Section 889 - that's the core part of the law, which bans federal agencies from buying Hikvision/Dahua equipment - has been extended yet again to March 27. (See page 5 of this latest government disclosure).
Create New Topic
Undisclosed Integrator #4
Where i live (Puerto Rico), there are a lot of " truckslammers" selling this equipments(myself included althought i'm not a truckslammer) AND the biggest names in monitored alarm are selling hik/epcom as part of their package. The biggest one offers 5 year warranty on hikvision/epcom equipment with a 3/5 year monitoring contract so yes, if that rules passes their gonna be hard financial burdens on a lot of security companies in PR. Im still looking for a replacement on hikvision/dahua equipment(non IP) that has the same quality/ price point with no luck.
Create New Topic
Charles Rollet
Update: the latest government disclosure indicates that a draft FAR rule implementing the core of the NDAA - i.e. clause (a)(1)(A), which bans federal government procurement of Huawei, Hikvision, and Dahua equipment - has been written. As of June 29, the draft rule was sent by the GSA's Civilian Agency Acquisition Council (CAAC) chair William Clark to the Office of Information and Regulatory Affairs (OIRA), which is part of the White House's Office of Management and Budget, for review.
Create New Topic