February 13, 2023
By Ausma Bernot
Australian government offices have begun removing more than 900 Chinese-made surveillance cameras, intercoms, electronic entry systems and video recorders. Last week, a government audit found the technology had been installed in more than 250 departments and agencies.
Concerns over the cameras prompted dire warnings from the shadow cyber-security minister, James Paterson, who has previously called Chinese espionage and foreign interference the greatest threat to Australia’s way of life.
According to Paterson, ASIO Director-General Mike Burgess has expressed similar concerns about the cameras, saying “where data would end up and what else it could be used for would be of great concern to me and my agency”.
China, meanwhile, has reacted to the order to remove the cameras as an “erroneous” action that abuses state power and discriminates against Chinese companies.
So, why are Australian officials so worried about these cameras, and is the level of concern justified?
The world’s largest video surveillance companies
The two China-based companies that supplied these cameras are Hikvision and Dahua. The MIT Technology Review called Hikvision, which is headquartered in China’s eastern city of Hangzhou, “the world’s biggest surveillance company you’ve never heard of”.
Hikvision is indeed the largest manufacturer of video surveillance equipment in the world, selling to around 200 countries. Dahua is Hikvision’s largest global competitor and the second-largest company in this space.
Both companies have authorised dealers to sell their products in Australia and respond to public tenders. In 2021, independent researchers found there were over 60,000 surveillance camera networks from the two companies in Australia – over 41,000 from Hikvision and 18,000 from Dahua.
That’s a small number compared to the companies’ over 700,000 camera networks in the United States and over 800,000 in Vietnam. Removing just 900 is also just a drop in the ocean when you look at the overall number in Australia.
Links to human rights violations
The Australian government’s audit cited the direct links of Dahua and Hikvision to the mass surveillance system that has been set up in the Xinjiang region of China to monitor and control the Uyghur minority.
In 2019, the United States added both companies to its Entity List, which requires foreign companies to file for additional government approvals to continue buying parts or technologies from US companies. (The Biden administration added six more Chinese entities to the blacklist last week, saying they were linked to China’s surveillance balloon program.)
All the Chinese companies on the list have been deemed to be “acting contrary to the national security or foreign policy interests of the United States”. The reasoning was not sugarcoated:
Specifically, these entities have been implicated in human rights violations and abuses in the implementation of China’s campaign of repression, mass arbitrary detention, and high-technology surveillance against Uyghurs, Kazakhs, and other members of Muslim minority groups in the Xinjiang Uyghur Autonomous Region.
Last year, the UK also banned Hikvision surveillance systems from being installed in “sensitive” sites.
Links to the Chinese Communist Party
Both Hikvision and Dahua sell to and work with the Chinese Communist Party and government.
Investigations by the Australian Strategic Policy Institute (ASPI) found that in 2019, Dahua received around US$19.9 million (A$28.8 million) in Chinese government subsidies. Dahua also has its own Communist Party committee and supplies technology for numerous projects linked to the Chinese government.
Similarly, Hikvision has a party branch, which was led by its deputy general manager in 2015, and is an important supplier for the People’s Liberation Army. The company has also been visited by the Chinese leader Xi Jinping.
On its Chinese language website, Hikvision often showcases collaborations with the government’s public security apparatus.
My research shows that through close cooperation with the Chinese Party and government, surveillance companies can access large subsidies to support their domestic and international businesses. Caught between domestic business growth opportunities and international regulations, companies often choose to work in line with party-state policies. The market opportunities are simply larger this way.
Greater scrutiny by countries like the US, UK and Australia may further push Chinese surveillance companies to seek relationships in countries that are perceived as more stable commercial partners. The Chinese government has been calling for a further de-coupling of the economy from its rivals and strengthening collaborations with China-friendly nations.
So, would Australian data be safe?
Links to the Communist Party are just part of the concern. So is the potential for data collected by these companies to be transferred to the Chinese government.
Whether these companies do actually transfer data to Chinese intelligence agencies would be hard to either prove or disprove. Paterson acknowledges “we may never know if data is being exfiltrated from these cameras”. In a statement to Time, Hikvision and Dahua representatives rejected claims they store or share user data.
However, Chinese security laws passed in 2017 can compel Chinese organisations to transfer the data they collect to the government. As a senior analyst from ASPI explains, the companies may say the data wouldn’t be accessed, but “if there is a national security or national defence demand for that data, then it would be.”
The recent TikTok example showed that even if a company claims not to send data to the Chinese government, there may be other ways it can be accessed (such as through a company’s cloud storage).
The Australian focus has so far been on identifying “risk” to national security, but only that coming from China. This is despite other countries, such as the United States, previously being connected to espionage via tech providers.
Instead, Australia should take a more systematic approach that guides the use of all critical data-collecting communications technologies and creates rules that all suppliers must adhere to.