Huawei Technologies is willing to accept new Indian rules that will require telecommunication equipment suppliers to, among other conditions, give the government access to source code and engineering designs for its equipment, the company said on Thursday. The Chinese company welcomes the new security rules, and will cooperate closely with the government on the new guidelines, a company spokesman said.
Under new rules for service providers that were proposed by the Department of Telecommunications (DOT), equipment vendors are required to allow service providers and the DOT or designated agencies to inspect their hardware, software, design, development, manufacturing facility and supply chain, and subject all software to a security threat check at the time of procurement and at specified instances thereafter.
The DOT said it was introducing these rules by amending the licenses of telecom service providers, to ensure security of networks. Vendors will also face stiff fines and get blacklisted as equipment suppliers, if a security breach is detected after the deployment of the equipment, according to the new DOT rules.
About $300 million in Huawei's business from Indian service providers was held up after the DOT said in December that service providers had to get security clearance from the government.
India's security agencies are worried that buying from Chinese equipment providers could put networks at risk, as the two countries have a border dispute and also went to war in 1962. The DOT however insisted that it had not singled out vendors from any single country for a ban.
Huawei has conveyed to the government that it was accepting the new rules, and expects the pending orders to be cleared in about a week, the spokesman said.
Other vendors are however not as willing to bend to Indian rules. Ericsson has objected to the new DOT rules, and also sent a strongly-worded letter to the DOT, according to reports. An Ericsson spokesman said in an email that some of the clauses in the rules are unprecedented.
Another Chinese company, ZTE is said to be still finalising its stand, according to a person close to the situation.
ZTE always cherishes and respects intellectual property rights (IPR), and believes that the Indian government will also respect international conventions to protect the vendor's IPR, including source codes and design details, ZTE said in a statement. ZTE has always ensured that its equipment complied with the highest international safety and security standards, without any malware, spyware or backdoors that might threaten the security of the country, it added.
The new rules may not however achieve the security objectives of the Indian government, Kunal Bajaj, director for India at telecom consultancy Analysys Mason, said earlier this month. As the source code for equipment usually runs into hundreds of thousands of lines of code, investigating the code for spyware, malware and security holes will not be easy, he added.The Indian government would have been better off with an earlier plan to ask equipment suppliers to get their equipment certified by an independent agency, Bajaj said.