US government agencies bought Chinese surveillance tech despite federal ban – TechCrunch

At least three US federal agencies, including the military, have purchased Chinese-made CCTV equipment and banned it from use within the federal government.

Purchase records seen by TechCrunch and the CCTV news site IPVM show that the agencies collectively spent thousands of dollars to purchase CCTV equipment made by Lorex, a wholly owned subsidiary of Dahua Technology. Dahua is one of several China-based companies banned from selling to the federal government under a 2019 defense spending law over concerns the technology could help the Chinese government conduct espionage activities.

Dahua was also added to the US government’s list of economic trade restrictions in 2019 after the company was linked to China’s continued efforts to suppress ethnic minorities in Xinjiang, where most Uyghur Muslims live. The United States says Beijing relies on technology made in part by Dahua to provide the surveillance equipment to monitor the Uyghur population. The Biden administration has called human rights abuses in Xinjiang “genocide” and accused tech makers of being “involved in human rights violations and abuses” in surveillance, repression and mass detention of more Uyghurs in China.

After the ban went into effect, purchasing records show agencies purchased Lorex equipment from federal contractors.

According to records, the Drug Enforcement Agency purchased nine Lorex hard drives for surveillance systems in May 2021 through a Washington, DC-based technology vendor called IS Enterprises. DEA spokeswoman Katherine Pfaff said the purchases were made through the government purchasing portal operated by the General Services Administration – known as GSA Advantage – and deferred comment to the GSA , but declined to say whether the Lorex equipment had been removed from service.

When contacted for comment, GSA spokeswoman Christina Wilkes said in an emailed statement: “GSA has several means to review vendors and products sold on GSA Advantage in accordance with the Federal Acquisition Regulation (FAR)” In addition, contractors must comply with the terms and provisions found in the FAR requiring them to disclose whether they are selling covered technology. Products that are confirmed non-compliant are removed from GSA Advantage. »

The GSA would not say why the banned products were available for purchase after the ban took effect, but said it was making improvements, including launching a new portal. of verified products aimed at ensuring that off-the-shelf commercial products comply with the 2019 ban.

The 2019 ban was enacted as a specific provision of the National Defense Authorization Act (NDAA) called Section 889, which prohibited federal agencies from procuring or purchasing electronic devices manufactured by certain companies. based in China, including Huawei, Hikvision and Dahua, as well as their subsidiaries, such as Lorex. Section 889 also prohibits federal contractors from selling prohibited electronic devices to federal agencies. The Department of Defense obtained a waiver allowing certain exceptions under Section 889 to purchase low-risk items like food and clothing, but not electronics or surveillance equipment.

Purchase records also show that the Defense Finance and Accounting Service, a DOD agency responsible for the department’s financial management and service member compensation, purchased Lorex CCTV cameras through a New York-based store called Focus Camera in July 2021.

“In July 2021, one of our DFAS locations identified the need for a security camera to monitor an isolated area within a building. Mindful of Section 889(a)(1)(A) of the John S McCain on National Defense Fiscal Year 2019 Authorization and restrictions associated with certain telecommunications and video surveillance services or equipment, we have conducted our due diligence using a GSA Contract. supplier to provide information certifying that the product and/or components purchased were not restricted by the NDAA FY19.Based on your communication, out of an abundance of caution, we have removed the camera and controller from service until “Further analysis can be done. We appreciate you bringing this to our attention,” DFAS spokesman Steve Lawson said in an emailed statement.

Records also show the Department of the Army purchased Lorex CCTV cameras and recording equipment between 2019 and 2021 from three vendors, IS Enterprises, Focus Camera and a Glendale, Calif.-based company called JLogistics. .

In an emailed statement, the military suggested that the responsibility lies with the contractors who supplied the equipment.

“On August 13, 2020, the Department of Defense implemented the prohibitions of Section 889 of the National Defense Authorization Act for Fiscal Year 2019 and Public Law 115-232. Companies offering federal contracts are required to affirm compliance with the various provisions and clauses of the Federal Acquisition Regulation and Defense Supplement, including those required by PL 115-232 on the Award Management System website. Title 18 of the United States Code, or civil liability under the False Claims Act, applies if a company misrepresents itself,” said Army spokesman Lt. Col. Brandon Kelley.

In a statement, Monica Matoush, Democratic spokeswoman for the House Armed Services Committee, said the committee “expects the Department of Defense to take appropriate steps to investigate these reports and, if substantiated, that ‘he takes action to mitigate the damage and prevent future problems.’

Purchase records also showed that several other federal and military agencies allegedly purchased Lorex equipment after the ban took effect. TechCrunch contacted these agencies prior to publication. Of the agencies that responded, their spokespersons were unable to immediately confirm or provide comment on when they received purchase records. A military agency said a response would take “weeks”.

Senator Mark Warner (D-VA), chairman of the Senate Intelligence Committee, told TechCrunch, “While I haven’t heard the details of this case, I think we need to better understand the origin of the equipment. purchased by government departments and agencies, and we need to ensure that those making those purchasing decisions are aware of the risks involved, which is the very reason Congress included these provisions in the 2019 legislation. simple, we should never use our federal purchasing power to support companies that may pose security risks or that have been found to actively engage in human rights abuses, including facilitating the campaign of PRC crackdown on Uyghurs and other minorities.If this allegation is true, we need to make sure it never happens again.

Asked about the purchases, IS Enterprises co-founder Eddie Migues said the company is looking into the matter. Focus Camera and JLogistics did not respond to requests for comment.

Contractors who supply prohibited equipment to the government may lose their contracts. But industry groups have argued that federal contractors have little time to comply with the ban before it goes into effect.

“Due to the extended time it has taken to deploy rules for these far-reaching requirements, contractors may not be able to consistently achieve the law’s goals,” the Board of Trustees said last year. the information technology industry.

Reached for comment, an anonymous Lorex spokesperson told TechCrunch, “Lorex products are intended for home and office use only and not for U.S. federal government agencies, federally funded projects, or contractors subject to at the NDAA. Lorex does not market directly to any person or organization subject to the NDAA and we encourage buyers to familiarize themselves with and observe these regulations.

Ashley C. Reynolds