CCTVplanner
    NDAA §889 · FAR 52.204-25 · 2026

    NDAA §889 CCTV Compliance Checker (2026): For US Federal Projects

    Per-camera NDAA flags. Mixed-compliance project validation. Audit-ready PDF documentation. Designed for integrators bidding US federal contracts, federal-grant projects, and any award where Section 889 conformance is binding.

    What §889 actually prohibits

    Section 889 is a procurement firewall, not a quality opinion.

    Section 889 of the FY2019 National Defense Authorization Act has two operative parts. Part A — effective August 2019 — prohibits federal agencies from procuring covered telecommunications and video surveillance equipment. Part B — effective August 2020 — extends the prohibition to federal contractors: a contractor cannot use the covered equipment in any of its operations during contract performance, regardless of whether that equipment is connected to the federal network. Funding through federal grants and loans is treated as a federal contract for §889 purposes.

    The named covered vendors are listed in §889(f)(3): Hikvision, Dahua, Huawei, ZTE, Hytera, plus subsidiaries, affiliates, and any entity that the Secretary of Defense or Director of National Intelligence reasonably believes is owned or controlled by, or otherwise connected to, those entities. The covered scope includes the equipment itself, components inside other equipment, and services provided by those vendors. The FAR Council implemented this through clause 52.204-25 with a parallel certification at 52.204-24.

    What this means for the integrator: any federal-funded CCTV project must vet every IP camera, every NVR, every encoder, and every video accessory against the §889 list. "It's a US brand" is not a defense if the brand is a private label on a covered vendor's reference platform. The audit trail must be per-camera, traceable, and retained — penalties for non-compliance include contract termination, debarment, and recovery of disbursed funds.

    Covered vendors named in §889(f)(3)

    Covered · prohibited

    Hangzhou Hikvision Digital Technology Company

    Video surveillance equipment and any subsidiary or affiliate.

    Covered · prohibited

    Dahua Technology Company

    Video surveillance equipment and any subsidiary or affiliate.

    Covered · prohibited

    Huawei Technologies Company

    Telecommunications equipment, services, and any subsidiary or affiliate.

    Covered · prohibited

    ZTE Corporation

    Telecommunications equipment, services, and any subsidiary or affiliate.

    Covered · prohibited

    Hytera Communications Corporation

    Two-way radio and video surveillance components, plus subsidiaries and affiliates.

    Names from §889(f)(3) of the FY2019 NDAA. Subsidiaries, affiliates, and entities believed to be owned or controlled by these groups are also covered. The list can be updated by Congress, the FAR Council, or the Secretary of Defense — re-verify per procurement cycle.

    NDAA §889 compliance checklist

    • Confirm contract scope: any award using federal funds, including grants and loans, falls under §889(b) — not just direct federal contracts.
    • List every IP camera, NVR, encoder, decoder, and video-related accessory in the project, including hidden OEM relationships.
    • Verify each piece of equipment against the §889(f)(3) covered list — vendor brand, parent company, and known affiliates.
    • Trace OEM / rebrand relationships — many private-label NVRs and IP cameras are produced on a covered vendor's reference platform.
    • Document compliance per camera in the design submission. "All NDAA-compliant" is not enough — provide a per-line evidence trail.
    • Re-verify before each procurement cycle. The covered list and named subsidiaries are subject to update by the FAR Council and DoD.

    How CCTVplanner flags NDAA §889 status per camera

    Per-camera NDAA flag in the catalog

    Every camera in the CCTVplanner catalog carries an explicit NDAA flag — compliant, non-compliant, or unknown — derived from vendor origin, parent-company graph, and known OEM relationships. The flag is visible the moment you open the camera card.

    Mixed-compliance project validator

    If any camera in a project is flagged non-compliant, the project itself is flagged at the top — preventing an integrator from accidentally submitting a mixed-compliance design to a federal-funded contract.

    Audit-ready PDF export

    The exported PDF includes the per-camera NDAA flag and the project-level compliance summary, ready to drop into the proposal package alongside the FAR 52.204-24 representation.

    Vendor catalog filter

    Filter the catalog to NDAA-compliant cameras only. Hides covered vendors and known OEM relationships at selection time, so the design starts compliant rather than being audited compliant.

    Why this matters in 2026, not just in DoD contracts

    The federal funding fingerprint is wider than most integrators realise. School districts using federal grant money, hospitals receiving Medicare reimbursement that touches federal funds for CCTV upgrades, municipal projects backed by HUD loans, airports under FAA grants, public-safety projects under DHS grants — all flow §889 obligations downstream. "We're not a government project" is rarely the right answer when federal money has been part of the funding stack.

    Several US states have layered their own bans on top. Florida, Georgia, Vermont, Louisiana, and Texas have enacted statutes restricting Chinese-origin video surveillance equipment in public-sector projects with broader scope than §889 itself. CCTVplanner's per-camera flag is the foundation; integrators serving these states should also confirm the state-level statute applies to their specific contract.

    And — practically — the cost of an audit failure is asymmetric. A camera that costs $200 less today can cost a contractor a $5M debarment or a clawback running into hundreds of thousands. Per-camera vetting is the cheapest insurance the project will ever buy.

    Frequently asked questions

    What is NDAA §889 and who must comply with it?

    Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 prohibits federal agencies from procuring (Part A) or contracting with entities that use (Part B) certain Chinese-origin telecommunications and video surveillance equipment. The named covered vendors are Hikvision, Dahua, Huawei, ZTE, and Hytera, plus their subsidiaries and affiliates. Compliance is binding on direct federal contracts and on contracts funded by federal grants or loans. Non-compliance can mean contract termination, debarment, and recovery of funds. The rule applies regardless of whether the equipment is on a US federal network or part of a system that just happens to be paid for with federal money.

    Why does this affect CCTV projects specifically?

    The covered-vendor list is dominated by video surveillance brands. Three of the five named groups — Hikvision, Dahua, and Hytera (in part) — are major IP-camera and NVR manufacturers. Because federal procurement rules ban any equipment from these vendors, every camera, NVR, encoder, and even some PoE switches must be vetted before purchase. This is not theoretical: federal awards have been clawed back from school districts, hospitals, and municipal projects that used covered equipment.

    How does the rebrand / OEM problem work?

    Many private-label and small-brand IP cameras are not designed in-house — they are produced on reference designs from one of the covered vendors. A camera shipped under a US, EU, or Korean brand can still be a covered Chinese vendor product underneath. The §889 rule is written to capture this: the prohibition extends to subsidiaries, affiliates, and equipment containing covered components. Vetting must therefore go beyond the brand on the box and trace back to the actual manufacturer of the silicon, the firmware, and the chassis.

    How does CCTVplanner flag NDAA non-compliance per camera?

    Every camera in the catalog carries an NDAA flag — compliant, non-compliant, or unknown — based on vendor origin, parent group, and OEM relationships. When you place a camera on the canvas, the flag is visible in the camera card. A mixed-compliance project is flagged at the project level so an integrator preparing a federal-funded bid sees the issue before submission, not during the audit. The flag is also exported into the PDF so the contracting officer sees the same evidence the integrator did.

    Is NDAA compliance enough on its own?

    For US federal contracts, NDAA §889 is necessary but not always sufficient. State-level statutes (Florida SB 7050, Georgia HB 156, several others), the Federal Acquisition Regulation 52.204-25 clause, and parallel rules in the Department of Energy and Department of Defense add further scope. CCTVplanner exposes the NDAA flag explicitly because it is the single most cited rule, and tracks compliance metadata for the camera itself — but the integrator of record is still responsible for confirming that the contract's specific procurement vehicle is satisfied.

    Vet your CCTV design against NDAA §889 in your browser

    Free to start. Per-camera NDAA flag. Mixed-compliance project validator. Audit-ready PDF. Used by integrators from all over the world.

    Also explore: EN 62676-4 calculator · Johnson Criteria calculator · CCTV design tool · Camera catalog

    DEFENSAR · 100% Engineered and Hosted in the EU