HP says its products sold unknowingly to Syria by partner
The partner was not informed that the ultimate destination of the products was Syria, HP said in newly revealed correspondence with the SEC
IDG News Service - Hewlett-Packard said in a letter to the U.S. Securities and Exchange Commission that it had determined that its products were procured from a partner that was not informed that their ultimate destination was Syria.
HP was responding to a Sept. 6 letter from the SEC asking the company to comment on news reports in November 2011 that its equipment was allegedly installed in Syria by Italian company Area as part of a nationwide surveillance and tracking system designed to monitor people there, according to documents made public late last week.
The U.S. government has imposed a number of economic sanctions on Syria, including controls on the export of most U.S. products to the country.
In a letter dated Oct. 9 to Cecilia Blye at the SEC's Office of Global Security Risk, HP said it had determined that Area did not procure the HP products believed to have been sold into Syria directly from HP, but instead procured them from an HP partner that was not informed of the ultimate destination for those products.
Area was required under the terms of its contract with HP to comply with all applicable export laws and was specifically prohibited from selling HP's products into embargoed or sanctioned countries, HP vice president and associate general counsel David K. Ritenour wrote in the letter. HP terminated its contract with Area in April this year, he added.
Ritenour said that in June 2009 HP obtained an export license from the U.S. Department of Commerce's Bureau of Industry and Security (BIS) for the sale of HP products worth US$1 million to MTN Syria, a private telecommunications company.
Apart from that sale, he wrote, HP has not directly or indirectly knowingly provided its products and services in Iran or Syria since April 21, 2009, and did not authorize the sale of its products for use in surveillance or tracking activities in Iran or Syria, or to the governments of the two countries.
The SEC's Office of Global Security Risk was also reacting to news reports in April 2012 that products of several U.S. companies, including HP, were sold by Chinese telecommunications equipment vendor ZTE to Iran to be allegedly included in systems used for surveillance and tracking activities. The SEC also referred to June 2012 news reports that HP equipment was acquired by MTN Irancell, possibly through Huawei Technologies, another Chinese telecommunications equipment vendor.
Iran, which is suspected by the U.S. of trying to build a nuclear bomb, also faces a variety of sanctions and exports controls from the U.S. government. ZTE was required under the terms of its contract with HP to comply with all applicable export laws and was specifically prohibited from selling HP's products into embargoed or sanctioned countries, Ritenour said.
The dealings of HP and some other U.S. tech companies with ZTE and Beijing 8-Star International, which was also a party to the Iranian contracts, have come under scrutiny by the U.S. Department of Commerce, according to reports. HP confirmed in the letter that it had been contacted by the BIS, and had provided it with information and documents.
Regarding the alleged sale of HP products to MTN Irancell, HP did not find, however, that it or its subsidiaries, distributors, resellers, retailers or other vendors were involved. If the alleged sale did occur, it was not authorized by the company, Ritenour wrote.
The company's dealings in Sudan, another country that faces U.S. sanctions and export controls, have also come under scrutiny. HP provides IT services for some non-U.S. companies that may have their own business activities within Sudan, but is "mindful of U.S. legal requirements and regulatory restrictions" when providing the services, Ritenour said. HP holds the same position with regard to providing IT services to companies with operations in Iran and Syria.
As HP's products are often distributed through indirect channels, it is always possible that products may be diverted to Iran, Syria, or Sudan after being sold to channel partners, such as distributors and resellers, without HP's knowledge or consent, Ritenour added.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts