New Delhi: India has tightened rules for the sale and deployment of internet-connected CCTV cameras, mandating government certification under security and quality norms, in a move aimed at addressing cybersecurity concerns and reducing risks from unverified surveillance equipment.
The requirements, notified by the Ministry of Electronics and Information Technology (MeitY), make it mandatory for internet-enabled CCTV cameras to undergo testing and certification under the Standardisation Testing and Quality Certification (STQC) framework before they can be sold in the country.
Following the notification, a key question has emerged: What will happen to home CCTV cameras? This explainer breaks down the new rules and their implications for households, shops and offices.
Also Read: ECI to keep electoral officers under surveillance in Bengal polls
What are the new STQC rules?
Under fresh Essential Requirements notified by MeitY and implemented via STQC, all internet‑enabled CCTV cameras sold in India must now receive government certification before being marketed or sold.
Key conditions include:
- Disclosure of the country of origin of key components, including the system‑on‑chip (SoC) and firmware.
- Submission of hardware, software, and, in some cases, source code for cybersecurity testing in government laboratories.
- Evaluation of potential vulnerabilities, including remote‑access backdoors and data‑transfer risks.
The government has reportedly refused to certify CCTV products that use Chinese‑origin chipsets or firmware, effectively blocking major Chinese brands such as Hikvision, Dahua Technology, and TP‑Link from offering new internet‑connected camera models in the Indian market.
Meanwhile, more than 500 CCTV models from compliant Indian and foreign manufacturers have already received STQC clearance and can continue to be sold, sources said.
What will happen to existing civilian CCTV cameras?
The new rules primarily apply to the future sale and certification of internet-connected CCTV cameras. As of now, there is no nationwide directive requiring the removal of existing cameras installed in homes, shops or private offices.
Industry experts say privately installed systems, including those using foreign-origin equipment, are unlikely to face immediate disruption unless they are linked to sensitive networks or come under specific regulatory requirements in the future. Non-internet-connected cameras, or systems not integrated with broader networks, are generally outside the scope of these certification requirements.
That said, over time, it is expected that uncertified Chinese‑origin internet‑CCTVs may be edged out through voluntary upgrades, lender requirements, and integration into secure city‑level surveillance networks.
Why is India doing this?
The policy stems from long‑standing concerns in New Delhi that Chinese‑linked surveillance equipment could be exploited for espionage, unauthorised remote access, or covert data transfer.
In 2021, the government informed Parliament that around one million CCTV cameras installed in government institutions and public‑sector sites were sourced from Chinese companies, highlighting the scale of dependence. More recently, central agencies have ordered pan‑India audits of CCTV networks in major cities, driven by security probes into potential foreign‑linked spy rings and concerns about hostile entities remotely accessing camera feeds.
From a domestic‑industry perspective, the shift is expected to boost Indian surveillance brands, which already use non‑Chinese chipsets and have secured STQC certification. However, analysts note that certified systems tend to be costlier, which could challenge affordability for small businesses, housing societies, and individual users.