US government agencies bought Chinese surveillance tech despite federal ban

Lorex is owned by Dahua, a technology maker linked to human rights abuses

At least three U.S. federal agencies, including the military, have purchased China-made video surveillance equipment banned from use in the federal government.

Purchasing records seen by TechCrunch and video surveillance news site IPVM show the agencies collectively spent thousands of dollars on purchasing video surveillance equipment manufactured by Lorex, a wholly owned subsidiary of Dahua Technology. Dahua is one of several China-based companies banned from selling to the federal government under a 2019 defense spending law over fears that the technology could help the Chinese government conduct espionage.

Dahua was also added to the U.S. government’s economic trade restriction list in 2019 after the company was linked to China’s ongoing efforts to suppress ethnic minorities in Xinjiang, where most Uighur Muslims live. The U.S. says Beijing relies on technology manufactured in part by Dahua to supply the surveillance equipment to surveil the Uighur population. The Biden administration called the human rights abuses in Xinjiang a “genocide,” and blamed the technology makers of being “implicated in human rights violations and abuses” in China’s surveillance, repression and mass detention of more than Uighurs.

After the ban came into effect, purchasing records show the agencies bought Lorex equipment from federal contractors.

According to the records, the Drug Enforcement Agency bought nine Lorex hard drives for surveillance systems in May 2021 through a Washington, D.C.-based tech supplier called I. S. Enterprises. DEA spokesperson Katherine Pfaff said the purchases were made through the government’s shopping portal run by the General Services Administration — known as GSA Advantage — and deferred comment to the GSA, but declined to say if the Lorex equipment had been pulled from service.

When reached for comment, GSA spokesperson Christina Wilkes said in an emailed statement: “GSA has multiple means to vet vendors and products sold on GSA Advantage in accordance with the Federal Acquisition Regulation (FAR) “Moreover, contractors must comply with the clauses and provisions found in the FAR requiring them to state whether they sell covered technology. Products confirmed to be non-compliant are removed from GSA Advantage.”

GSA would not say why the banned products were available for purchase after the ban came into effect, but said that it’s in the process of making improvements, including launching a new verified products portal aimed at ensuring commercial off-the-shelf products are compliant with the 2019 ban.

The 2019 ban was signed into law as a specific provision in the National Defense Authorization Act (NDAA) called Section 889, which made it illegal for federal agencies to procure or buy electronics manufactured by certain China-based companies including Huawei, Hikvision and Dahua, as well as their subsidiaries, like Lorex. Section 889 also prohibits federal contractors from selling banned electronics to federal agencies. The Department of Defense was granted a waiver allowing for some exceptions under Section 889 to purchase low-risk items like food and clothing, but not electronics or surveillance equipment.

Purchasing records also show that the Defense Finance and Accounting Service, a DOD agency tasked with the department’s financial management and paying servicemembers, bought Lorex video surveillance cameras through a New York-based store called Focus Camera in July 2021.

“In July 2021, one of our DFAS sites identified a need for a security camera to monitor an isolated area in a building. Being aware of Section 889(a)(1)(A) of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 and the restrictions associated with certain telecommunications and video surveillance services or equipment, we performed due diligence by utilizing a GSA contract. In addition, we requested the supplier provide information certifying that the product and/or components purchased was not restricted by the FY19 NDAA. Based on your communication, out of an abundance of caution, we have removed the camera and controller from service until further analysis can be performed. We appreciate you bringing this to our attention,” said DFAS spokesperson Steve Lawson in an emailed statement.

The records also show that the Department of the Army bought Lorex video surveillance cameras and recording equipment between 2019 and 2021 from three vendors, I. S. Enterprises, Focus Camera, and a Glendale, Calif.-based company called JLogistics.

In an emailed statement, the Army implied that the responsibility is with the contractors that supplied the equipment.

“On Aug. 13, 2020, the Department of Defense implemented the prohibitions for Section 889 of the National Defense Authorization Act for Fiscal Year 2019 and Public Law 115-232. Companies that propose on federal contracts are required to assert their compliance with various Federal Acquisition Regulation and Defense supplement provisions and clauses, including those required by P.L. 115-232 in the System for Award Management website. Title 18 of the United States Code, or civil liability under the False Claims Act, is applicable if a company misrepresents itself,” said Army spokesperson Lt. Col. Brandon Kelley.

In a statement, Monica Matoush, Democratic spokesperson for the House Armed Services Committee, said that the committee “expects the Department of Defense to take appropriate action to investigate these reports and, if substantiated, to take action to mitigate harm and prevent future problems.”

The purchasing records also showed that several other federal and military agencies purportedly bought Lorex equipment after the ban came into effect. TechCrunch contacted those agencies prior to publication. Of the agencies that responded, their spokespeople were unable to immediately confirm or provide comment on when they were provided purchasing records. One military agency said a response would take “weeks.”

Sen. Mark Warner (D-VA), chair of the Senate Intelligence Committee, told TechCrunch: “While I haven’t heard the specifics of this case, I believe that we need to get better at understanding the origin of commercial equipment purchased by government departments and agencies, and we need to ensure that those making these purchasing decisions are aware of the risks involved. This is the very reason Congress included these provisions in the 2019 legislation. Simply put, we should never use our federal purchasing power to support companies that may pose security risks, or that have been deemed to be actively engaging in human rights abuses, including facilitating the PRC’s campaign of repression against Uighurs and other minorities. If this allegation is true, we need to make sure it never happens again.”

When asked about the purchases, I. S. Enterprises co-founder Eddie Migues said the company was looking into the matter. Focus Camera and JLogistics did not respond to requests for comment.

Contractors that supply banned equipment to the government can lose their contracts. But industry groups have argued that federal contractors were given little time to comply with the ban before it took effect.

“Because of the extended time it took to roll out rules for these far-reaching requirements, contractors may not be able to consistently meet the law’s objectives,” the Information Technology Industry Council said last year.

Reached for comment, an unnamed Lorex spokesperson told TechCrunch: “Lorex products are designed for consumer and business use only and not for U.S. federal government agencies, federally-funded projects or contractors subject to NDAA. Lorex does not market directly to any person or organization subject to the NDAA and we encourage purchasers to familiarize themselves with and adhere to those regulations.”