The Indian government has enacted a comprehensive set of regulations governing the manufacture and sale of closed-circuit television (CCTV) systems within the country. Security analysts project these rules will significantly hinder the ability of Chinese manufacturers to saturate the Indian market, addressing national security concerns stemming from ties between Chinese tech companies and the Chinese Communist Party (CCP).
The new measures could prove beneficial for Chinese companies willing to comply with the stricter standards. Previously, Chinese CCTV makers faced significant barriers to entry within India's growing security camera market.
Introduced on March 9th, the regulations mandate that manufacturers obtain "Standard Mark" licensing. This requires products to undergo rigorous testing for "essential security parameters" at Bureau of Indian Standard (BIS) approved laboratories. Manufacturers and sellers have a six-month grace period to comply, with the order taking full effect on October 9th.
The amendments to the "Electronics and Information Technology Goods (Requirements for Compulsory Registration) Order, 2021" are designed to mitigate national security risks associated with CCTV deployment. The rules allow both domestic companies and foreign manufacturers, including those from China, to participate in the Indian market, fulfilling both governmental and private sector needs.
India represents a vast and profitable market for CCTV products. Chinese companies have long dominated the sector due to competitive pricing and advanced technology. Market analysts estimate the Indian CCTV camera market at USD 4.38 billion in 2022, with a projected growth rate of 17% reaching USD 13.08 billion by 2029.
Fears over privacy, Sino-Pakistani strategic ties, and recent China-India border tensions have led to restrictions on Chinese manufacturers bidding for Indian government contracts. These restrictions have also discouraged the Indian private sector from partnering with Chinese firms.
To operate in India, vendors seeking the "Standard Mark" must disclose details such as chipset specifications and manufacturing processes. They must also guarantee unique cryptographic keys and certificates for each device, addressing concerns that the CCP could coerce Chinese manufacturers into compromising data security.
Additional safeguards include mandatory disabling of debugging interfaces or their protection via complex passwords to prevent remote exploitation. Vendors will provide lists of all sensitive data stored on devices, detailing usage and secure storage methods. Moreover, measures to protect against hardware and software tampering must be outlined.
Significantly, vendors are required to document instances where their devices establish external server connections, including security protocols for validating server digital signatures. This aims to prevent unauthorized third-party access to CCTV feeds. The underlying assumption is that Chinese companies will adhere to Indian government standards in lieu of CCP directives.
The regulations also demand that companies implement supply chain risk management and business continuity plans.
