The blacklisting of Chinese companies has not stopped their tech and products from entering the U.S., leaving lawmakers searching for a solution.
The U.S. government prohibited federal agencies from using certain products, but video-surveillance research company IPVM said it uncovered municipalities, local government facilities and schools continuing to buy those products.
According to IPVM, more than 300 American government organizations bought thermal imaging and video technology from Hikvision and Dahua despite Washington’s warning of national security and public safety risks. IPVM head of operations Donald Maye said his company relied on procurement officers for its tracking and mapping the purchase and usage of blacklisted technology, so there was “probably a heck of a ton more” out there.
He described the banned Chinese tech they found as the “tip of the iceberg.”
He pointed to Modesto City, California, placing Hikvision tablets capable of taking people’s temperatures on buses as an example of how taxpayer money was spent on the allegedly dangerous tech.
“These products are banned at the federal level for a reason,” Mr. Maye said. “The fact that they continue to be used at the local and state level is concerning.”
The federal government blacklisted and restricted the acquisition and use of products from companies in several ways, including with legislation, the Commerce Department’s Entity List and the Federal Communications Commission’s covered list.
For example, a defense bill passed by Congress in 2018 prohibited the purchase and use of Hikvision and Dahua products for public safety, security, and surveillance purposes. In 2019, the Commerce Department then added that technology to its Entity List, which includes foreign people and enterprises that face strict requirements to do business in the U.S. because of national security concerns.
The FCC then added the technology in March 2021 to its covered list, which details equipment and services that the U.S. government determines is an unacceptable risk to national security and public safety.
Hikvision and Dahua are far from the only China-based companies hit with restrictions and placed on the blacklists. The 2018 defense bill also blocked the federal government’s use of Huawei and ZTE equipment. The FCC’s covered list added five technologies in March 2021, including Huawei, ZTE and Hytera.
When the Commerce Department added Hikvision and Dahua to its Entity List in 2019, it added a total of 28 entities, including one that had 18 subordinate bureaus that were also included.
Various commercial transactions involving foreign investment that successfully navigate the blacklists and other regulations also may face scrutiny from the Committee on Foreign Investment in the United States (CFIUS). The committee includes leadership from seven federal departments and several White House officials examining commercial transactions for potential national security problems, and its purview was expanded by the Foreign Investment Risk Review Modernization Act of 2018.
When the Trump administration pursued banning video-based social platform TikTok, it was CFIUS that initially directed the China-based parent company ByteDance to divest TikTok’s operations in the U.S., according to ByteDance.
Keeping up with the regulations has presented challenges for consumers trying to understand the requirements, and that knowledge gap in the supply chain has produced a vulnerability for China to exploit.
Lawmakers now are trying to close perceived loopholes and prevent the use of blacklisted technology by those outside the federal government. Sens. Marco Rubio, Florida Republican, and Ed Markey, Massachusetts Democrat, this week introduced the Secure Equipment Act of 2021. Mr. Rubio’s office said it would block the sale and use of Hikvision and Dahua regardless of whether federal spending is involved.
Mr. Rubio’s office said the bill also would block the integration of Huawei, ZTE and Hytera, which his office said were all Chinese state-backed or directed companies.
“The Chinese Communist Party subsidizes these companies and exploits loopholes in our laws to allow malicious actors to sell compromised equipment and services in the U.S.,” said Mr. Rubio in a statement announcing the proposal. “The status quo is dangerous, and we need to act now to strengthen our national security and protect our critical infrastructure.”
IPVM published new research on Tuesday saying that Hikvision partnered with China’s military, citing statements from Hikvision’s parent company and the People’s Liberation Army in China. Hikvision disputed IPVM’s claim.
“Not now, and not ever, has Hikvision conducted research and development work for Chinese military applications,” said a Hikvision spokesperson in a statement. “Any instances of such by any of our employees were done so in a personal capacity and not at the direction of the company.”
Dahua said it is reviewing the senators’ proposal closely and insisted that it is not a state-backed or state-directed company.
“Our company presents no threat to U.S. national security, and our more than 100 U.S.-based employees proudly support our partners across this country,” Dahua said in an email. “We hope to work with Congress and other stakeholders in the U.S. to clarify these issues, address their concerns and at the same time, we are fully committed to the U.S. market in providing industry-leading products and solutions for our valued customers and partners.”
Existing regulations and sanctions from the U.S. government are producing mixed results compared to their desired effects. Many American entities are not aware of the 2018 defense bill’s restrictions or other regulations, said Lawrence Ward, partner at law firm Dorsey & Whitney who specializes in national security law and international trade compliance.
“When you talk about local governments and others that may not have the same level of sophistication as a Fortune 500 company or a U.S. government contractor like Lockheed Martin or Boeing, you could certainly see how it would be easy for them to miss these restrictions,” Mr. Ward said.
He said the discovery of blacklisted technology in use around the country was not surprising. He noted that his firm had a client that was a subcontractor to a U.S. government contractor and was not aware of the restrictions.
People involved in international trade and compliance expect that in the coming months the Biden Commerce Department will take action to shut off as much of the Chinese supply chain to various industries as possible. However, it is not clear how long it would take before the restrictions are widely enforced.