《TAIPEI TIMES》Ban China security products: legislator

ALERT:Taiwan should beware of companies such as Fortinet and Zoom, which are founded by Chinese Americans, but maintain close ties to Beijing, Lin Chun-hsien said

By Shelley Shan / Staff reporter

請繼續往下閱讀...

Democratic Progressive Party （DPP） Legislator Lin Chun-hsien （林俊憲） yesterday urged the government to ban the purchase of and remove information security and communications products manufactured in China by companies that have close relations with Beijing.

Taiwan has barred Chinese companies from bidding for government projects or participating in auctions for government projects through subsidiaries in a third country or Taiwanese firms in which they own stakes, Lin told a news conference in Taipei.

The problem are companies such as Fortinet and Zoom, US-based firms owned by Chinese immigrants, Lin said.

Fortinet, a cybersecurity firm that specializes in products such as firewalls, has close ties with Beijing, he said.

In 2014, when Beijing celebrated the 65th anniversary of the founding of the People’s Republic of China, it published a set of stamps featuring the image of Fortinet CEO Ken Xie （謝青） in recognition of his achievements, Lin said.

However, the California-based firm was fined US$545,000 last year for mislabeling products made in China as manufactured in the US and selling them to the US military, he said, adding that the incident prompted the US government to conduct a comprehensive inspection of products made by Fortinet.

Government agencies in Taiwan have also spent about NT$500 million （US$16.84 million） on products from Fortinet in the past six years, with the Ministry of National Defense, the National Security Bureau and the Ministry of Transportation and Communications accounting for about NT$50 million of the total.

If the company dared falsify labels on products sold to the US, there is no guarantee that it would not do the same with Taiwan, Lin said.

Videoconferencing software provider Zoom, which has become popular amid the COVID-19 pandemic, has come under public scrutiny after admitting that it complied with the Chinese government’s policy to shut down the accounts of users holding online meetings to commemorate the 1989 Tiananmen Square Massacre, he said.

Aside from the US, several other countries have banned the use of Chinese information and communications products amid fears of security breaches, Lin said.

“Taiwan should beware of these companies, which on the surface are US firms, but in reality follow orders from Beijing,” he said. “We have no way of finding out their Chinese connection unless someone reports them.”

The Executive Yuan recently published a report on the information and communications equipment used by government agencies, which found that 38 central government agencies and 108 local government agencies are using China-made devices, the lawmaker said.

However, the report fell short of specifying whether or when these agencies should replace the products, he said.

“We should not procrastinate on dealing with this issue, as Taiwan, of all countries, faces the severest national security threat from China,” he said.

Given security issues associated with such firms, the government should exercise more caution when procuring information and communications equipment, Lin said.

The government is compiling a list of all permissible information security products on the inter-entity supply contract, said Jyan Hong-wei （簡宏偉）, director of the Executive Yuan’s Department of Cyber Security.

The contract would exclude the procurement of Chinese software, Chien added.

Open-source software, on the other hand, must undergo a test first, he said, adding that government agencies would be urged to procure products on the inter-entity supply contract list.

“We would list the Chinese information security and communications equipment that government agencies are currently using and keep them informed about security breach incidents,” Chien said.

“Government agencies would also be asked to remove these devices as soon as they reach their replacement date. For those that have yet to reach their replacement date, we would ask the agencies not to connect them to the main frame,” Chien said.

“We would also work to gradually raise the procurement of domestically manufactured information security products to 52 percent,” Chien said.

新聞來源：TAIPEI TIMES