Section 889 is a provision of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. 115-232) that prohibits federal agencies from procuring covered telecommunications equipment or services produced by Huawei, ZTE, Hytera, Hikvision, or Dahua, and from contracting with any entity that uses such equipment. The implementing FAR clauses are FAR 52.204-24, 52.204-25, and 52.204-26.

Which manufacturers are prohibited under Section 889?

The five named manufacturers are Huawei Technologies Company, ZTE Corporation, Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, and Dahua Technology Company. The prohibition extends to any subsidiary or affiliate of these entities. Equipment from other Chinese manufacturers is not automatically covered unless it falls under one of the five named entities.

What is the difference between Section 889 Part A and Part B?

Part A (effective August 13, 2019) prohibits agencies from buying covered equipment directly. Part B (effective August 13, 2020) is broader: it prohibits agencies from contracting with any entity that uses covered equipment in any of its operations, even if that equipment is unrelated to the federal contract. Part B is the harder compliance lift because it reaches all of a vendor company, not just the products being sold to the government.

Are there exemptions from Section 889?

Yes, but they are narrow. The Director of National Intelligence may grant a national-security waiver. The agency head may grant a one-time waiver up to two years if the agency makes specific findings (FAR 4.2104). Backhaul, roaming, and interconnection services that merely route covered traffic without using covered equipment as part of the federal work are not within the prohibition. There is no general "small purchase" or "commercial item" carve-out.

Does Section 889 apply to commercial-item subcontracts?

Yes. The prohibition flows down to subcontractors at all tiers, including those providing commercial items and commercial-off-the-shelf items, under FAR 52.244-6 and the FAR 4.21 implementing rules. Primes are responsible for ensuring their subcontractors do not provide or use covered equipment in support of the federal contract.

Section 889 Hardware Check: NDAA Prohibited Manufacturers

/ 01 · FOUNDATION

What Section 889 actually prohibits.

Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019 (Pub. L. 115-232) bars federal agencies and federal contractors from procuring or using covered telecommunications equipment and services from a specific list of named manufacturers. The implementing regulation is FAR 52.204-25.

The point of the rule is supply-chain risk reduction in U.S. federal systems. The named manufacturers are alleged by Congress to present national-security concerns related to potential foreign-government control. The clause does not require any new finding of wrongdoing on each procurement. The prohibition is categorical for covered equipment.

Two clauses do the work. Part A (effective August 13, 2019) prohibits federal agencies from procuring covered equipment as a substantial or essential component of any system. Part B (effective August 13, 2020) prohibits federal agencies from contracting with entities that use such equipment, regardless of whether that use is in performance of work under a federal contract.

/ 02 · SCOPE

The five named manufacturers.

FAR 52.204-25 names five companies plus their subsidiaries and affiliates. The rule applies to telecommunications equipment from the first two and to video-surveillance and telecommunications equipment from the latter three:

Huawei: Huawei Technologies Company: telecommunications equipment.
ZTE: ZTE Corporation: telecommunications equipment.
Hytera: Hytera Communications Corporation: video-surveillance and telecommunications equipment.
Hikvision: Hangzhou Hikvision Digital Technology Company: video-surveillance and telecommunications equipment.
Dahua: Dahua Technology Company: video-surveillance and telecommunications equipment.

Affiliates

The prohibition extends to subsidiaries and affiliates of the named manufacturers, not only equipment branded with the parent name. White-label hardware sold under a different brand can still trigger the rule if the underlying device is manufactured by a covered company. This is where most pre-award hardware screens fail.

/ 03 · MECHANICS

Part A versus Part B.

The two parts of Section 889 do similar things at different scopes. Knowing which part applies to a given fact pattern is what separates a real compliance answer from a guess.

Part A: Effective Aug 13, 2019. Prohibits federal agencies from procuring or obtaining covered equipment as a substantial or essential component, or as critical technology, of any system.
Part B: Effective Aug 13, 2020. Prohibits federal agencies from contracting with entities that use covered equipment, even if that use is unrelated to the federal contract. This is the wider obligation and the one that catches contractors off guard most often.

A vendor that has never sold a federal agency a Hikvision camera can still be disqualified under Part B if a Hikvision camera is mounted on the lobby wall of their corporate office. The use does not need to be on the federal contract for Part B to bite.

/ 04 · REPRESENTATION

The FAR clauses you sign.

Three clauses implement Section 889 at the procurement level. Each carries a contractual representation a vendor signs at the offer stage:

52.204-24: Representation regarding covered telecommunications. Offerors represent whether they will or will not provide covered equipment, and separately whether they use such equipment (www.acquisition.gov/far/52.204-24).
52.204-25: Prohibition on contracting for covered telecommunications. The actual prohibition itself, applied to contracts and orders. Required in all federal solicitations and contracts (www.acquisition.gov/far/52.204-25).
52.204-26: Covered telecommunications: representations. Requires the offeror to certify they have searched SAM.gov for entities barred from receiving Section 889-related awards, and to represent whether they use covered equipment after a reasonable inquiry (www.acquisition.gov/far/52.204-26).

Both 52.204-24 and 52.204-26 require the offeror to perform a reasonable inquiry into their own use of covered equipment before certifying. False or careless certification is a contract-termination event and can expose the offeror to False Claims Act liability.

/ 05 · EXCEPTIONS

What the rule does not cover.

Two narrow exemptions appear in the FAR clause itself:

Backhaul, roaming, and interconnection servicesconnecting to facilities of a third party are exempt. A federal agency can use a commercial telecom carrier even if that carrier's upstream network includes covered equipment outside the agency's control.
Telecommunications equipment that cannot route or redirect user data traffic, and equipment that cannot permit visibility into any user data or packets, is exempt. The classic example is a pure passive component that has no networking intelligence.

Beyond the in-clause exemptions, the head of an agency may grant a one-time waiver under specific procedures documented in FAR 4.2104. Waivers are time-limited (typically up to two years), require a phase-out plan, and carry a notification obligation to the Director of National Intelligence.

/ 06 · PITFALLS

Common Section 889 mistakes.

Checking the FAR 52.204-26 box without doing a real inquiry. Most vendors check "does not use" out of habit. If a Hikvision camera is on the wall in their lobby, that representation is false.
Stopping the screen at the named manufacturer name. Subsidiaries and white-label resellers are common. The hardware screen has to look at OUI / MAC ranges and corporate ownership chains, not just brand stickers.
Treating Part B as "only matters during contract performance". Part B prohibits federal agencies from contracting with entities that use covered equipment at all, not just on the federal contract. Internal corporate use counts.
Assuming a waiver is renewable. Section 889 waivers are explicitly time-limited and carry a phase-out obligation. Renewals are not guaranteed and are scrutinized.
Conflating Section 889 with the Entity List. The Bureau of Industry and Security (BIS) Entity List is a separate export-control mechanism. Hikvision, Dahua, and others are also on the Entity List, but Section 889 is its own categorical procurement bar.

/ 07 · IN DILIGENCEDESK

How the hardware screen works.

DiligenceDesk includes a Section 889 hardware screen that takes a MAC address (any common format) and checks the OUI prefix against a registry of prohibited manufacturers and their known subsidiaries. The screen returns one of three states: prohibited manufacturer match, compliant or unknown, or invalid input.

A prohibited match in the screen is sufficient evidence to require manual review before procurement proceeds. A clean screen is necessary but not sufficient: device-level OUI checks miss white-label hardware that uses a vendor's own OUI block, and they do not address Part B's broader prohibition on the contractor's general use of covered equipment.

The hardware screen is meant to live inside a broader procurement diligence workflow. The due diligence checklist documents how it fits with SAM.gov verification, labor enforcement review, and federal-performance context.

Add a Section 889 hardware screen to your vendor due diligence workflow.

Free, runs in your browser, fits inside the broader DiligenceDesk audit. Open the Hardware tab and paste a MAC.

Run a hardware audit Read methodology