Chinese cameras: The “essential security parameters” of CCTV cameras supplied in India must now be tested, according to an amendment made by the government to the mandatory registration order. Following discussions about measures to prevent Beijing’s alleged eavesdropping through the network of Chinese-origin CCTV cameras in India, including in government and military facilities, the Union government has released a safety report.
Since the certification for surveillance cameras with Chinese origins primarily considered factors like fire hazard or durability, rather than security or snooping issues, the Indian government has not yet had a way to verify the installation of these cameras.
Unfortunately, the Union Ministry of Electronics and Information Technology (MeitY) modified the mandatory registration order (CRO) for CCTV cameras sold in India early last week. This amendment mandates that all CCTV cameras have their “essential security parameters” tested. According to the Indian Defense Research Wing, the new rule goes into effect on October 9 of this year, giving manufacturers enough time to adjust given the extensive network of these cameras.
It is imperative to prioritise national security in these situations, particularly considering how delicate government and military institutions are. It is wise to set up procedures for overseeing and approving these security-related surveillance cameras.
An estimated two million surveillance cameras are placed throughout India, in all possible locations. Approximately one million cameras manufactured by Chinese businesses are situated in different government organizations, creating a significant possibility of being spied on. It is believed that the majority of CCTVs used in Indian government projects are imports from China that are labeled as Made in India. There is a risk to the security of the country.
Chinese CCTVs are believed to cover over 80% of residential installations and over 98% of government installations. According to experts, sending spies across borders is no longer necessary for countries. These dubious CCTVs end up being the eyes of any nation looking to cause trouble. The ideal tool for technological intelligence are these kinds of cameras. The unrestrained spread of these gadgets throughout India poses a serious security threat.
Security experts have expressed grave concerns about the possibility of China surveilling India using hundreds of thousands of these surveillance cameras.
US Defence Secretary lauds ties with India, calls jet engine deal revolutionary
MeitY mandated that CCTV cameras’ “essential security parameters” be tested last week in a notification dated April 9. The notification also requires producers to provide test reports from labs recognized by the Bureau of Indian Standards (BIS), including the Standardization Testing and Quality Certification.
In response to the guidelines, Lieutenant General Rajesh Pant (retired), the chairman of the Cyber Security Association of India and a former national cyber security coordinator for India’s National Security Council, told INDIA TODAY that the widespread use of CCTVs in the nation without proper security checks had created a serious threat to national security because the majority of the devices were imported from the relevant nation.
Data loss and remote surveillance are the results of this. “The government’s long-overdue and welcome move to guarantee that these devices have fundamental security features is the notification by MeitY. In the future, I hope this is expanded to include all IoT (internet of things) devices, said Lieutenant General Pant.
MeitY published a notice on March 6th, inviting the public to bid on CCTVs for the vital purpose of evaluating crucial security criteria and providing information for local content calculations. When sourcing crucial hardware components linked to security functions, it is very important to confirm that the source is reputable. Proprietary network protocols are prohibited, and implementation timelines, source code, and third-party code verification are not provided.
Furthermore, the certification of trustworthy sources for essential hardware components linked to security operations (such system-on-a-chip, or SOC) is one of the main characteristics of the amendment. It also prohibits the adoption of proprietary network protocols without implementation schedules and source code disclosure.
Prof. N.K. Goyal, chairman emeritus of the Telecom Equipment Manufacturers Association of India, has long brought up the issue. “The government has stepped in to ensure that all CCTV cameras deployed in India are free of any national security concerns and that the major components of CCTV/video surveillance are built by trusted sources on a reliable basis,” he said, expressing relief at the government’s move. Goyal continued by saying that this would significantly help to guarantee that the nation’s installed CCTV and video surveillance devices do not jeopardize national security.
Regarding BIS compliance as a safeguard against snooper-proof CCTVs, industry insiders state that effective of May 23, 2018, CCTV cameras and recorders were included in CRO Phase III. That being said, the same norm holds true for devices like cell phones, set-top boxes, computers, cash registers, power banks, scanners, etc. However, these BIS standards do not address national security issues; instead, they only address human risks like fire or their durability.
But in addition to the threat to national security, there is also a huge economic cost in the form of billions of dollars lost to low-cost, underinvoiced imports and a missed chance to turn hardware production into a net exporter by moving technology from factory assemblies to actual manufacturing. Over the projected period of 2020–2030, the global CCTV market is anticipated to develop at a compound annual growth rate (CAGR) of 13.1% to reach around $46.52 billion.
When State Minister for communications, electronics, and IT Sanjay Dhotre told the Lok Sabha that almost a million CCTVs from Chinese companies were placed in government buildings, the issue made its way into Parliament. “There exist vulnerabilities linked to the transfer of video data obtained from CCTV cameras to servers situated overseas,” Dhotre stated.
India to Test Astra Mark 2 Missile with 130 km Strike Range
In essence, the minister was discussing video security surveillance (VSS), which goes beyond a CCTV system and is linked to a communications network. A video network recorder is another feature of the VSS that allows all photos to be connected to a telecom network, stored, and analyzed. Because data may be shared with anyone, that is where national security threats arise.
The largest concern for intelligence services is the ongoing use of VSS to distribute Chinese-made technologies throughout the country. Security agencies suspect that CCTVs deployed in nearly all smart cities, state police, highways, airports, metro trains, ministries, including the ministry of home affairs, and organizations are being used by Chinese corporations and their Indian partners to send regular data to China through backdoor access.
Military facilities also make considerable use of surveillance cameras. Because of the established data flow to the Chinese intelligence system, all of this poses a severe threat to national security. These businesses are required by the China Intelligence Law, 2017, to provide Chinese intelligence with access to all of their data and website login credentials. The Chinese government-owned enterprises are the direct suppliers of VSS hardware and software, or they do it through joint ventures, distributors, or subsidiaries in India.
The Ministry of Defence’s (MoD) Integrated Defence Headquarters raised grave concerns a few years ago over CCTVs with Chinese origins stationed at naval installations. According to an official note from the Integrated Defence Headquarters obtained by INDIA TODAY, one of the industry leaders in surveillance camera technology is Hikvision, which is partnered with an Indian company to operate in India and holds a 41% stake in the Chinese government.
The Chinese company provides the camera systems’ modules. But according to the MoD notice, these goods are advertised as Made in India. It further stated that the loss of data could occur via memory/cache replacement in CCTV and other surveillance systems, programming or coding in servers, embedded hardware for wi-fi or SIM-based connectivity, or during maintenance.
Following China’s border incursions in Ladakh in July 2020, the Department of Expenditure of the Union Finance Ministry issued GFR (General Financial Rule) 144 XI on July 23, 2020, to make sure Chinese companies do not participate in procurements directly or through their Indian/Chinese subsidiaries without first registering with the Department for Promotion of Industry and Internal Trade (DPIIT).
