National Security Threat From Chinese, Russian Connected Car Technologies Addressed by Federal Government

Federal regulators have announced a ban on importing certain connected car technologies from China and Russia, due to national security risks.

The U.S. Commerce Department’s Bureau of Industry and Security (BIS) announced the final rule in a press release last month, prohibiting imports of connected vehicles and related technologies from the two countries.

The ban covers vehicle connectivity systems (VCS), which is technology that enables cars to communicate externally via telematics, Bluetooth, cellular, satellite and Wi-Fi, as well as automated driving systems (ADS), which is software that allows self-driving vehicles to operate without a driver.

Officials fear these technologies could be used to steal personal data or remotely control vehicles, posing a security threat to the U.S. and its citizens.

The BIS regulation is specifically targeted at hardware and software produced by or associated with Chinese and Russian manufacturers. It applies exclusively to passenger vehicles, exempting trucks and buses, due to the intricate nature of the commercial vehicle supply chain.

However, the agency acknowledges that foreign adversaries could also present a security risk to the commercial vehicle sector and plans to introduce a separate rule for those technologies in the future.

The ban includes connected vehicles from China and Russia, even if manufactured in the U.S., and will take effect as follows:

• Model year 2027 for vehicles and software included within vehicles
• Model year 2030 for hardware in vehicles
• January 1, 2029 for standalone hardware or software sales

To comply with the new regulations, importers and manufacturers must submit annual Declarations of Conformity confirming they are following the rule. The Commerce Department may approve General Authorizations for low-risk transactions and Specific Authorizations for exceptions to the ban. Companies can also request advisory opinions to clarify whether a transaction is affected by the rule.

The final rule is based on BIS authority under Executive Order 13873, “Securing the Information and Communications Technology and Services (ICTS) Supply Chain,” which was signed by President Donald Trump during his first term in office.

“Through this rule, the Commerce Department is taking a necessary step to safeguard U.S. national security and protect Americans’ privacy by keeping foreign adversaries from manipulating these technologies to access sensitive or personal information,” former U.S. Secretary of Commerce Gina Raimondo said in the press release. “This is a targeted approach to ensure we keep (Chinese) and Russian-manufactured technologies off American roads and protect our nation’s connected vehicle supply chains.”