White House closer to ban sale of any ‘connected car’ using software made in China


The Biden administration has proposed a new rule restricting the import or sale of connected cars in the US that use Chinese or Russian technology. The rule is based on fears that the data collected by the software poses a threat to national security.

The US Department of Commerce says the rule would specifically cover any systems or components used in vehicle connectivity systems (VCS) and automated driving systems (ADS) made by "countries of concern," singling out the People’s Republic of China (PRC) and Russia.

The US government aims to “address the threats caused by foreign automobiles and supply chains,” according to a fact sheet released Monday by the White House.

ADVERTISEMENT

Commerce officials say that although connected vehicles provide many benefits, such as promoting vehicle safety and assisting drivers with navigation, they also pose a growing threat.

“These countries of concern could use critical technologies within our supply chains for surveillance and sabotage to undermine national security. Now more than ever, vehicles are directly connected into our country’s digital networks,” it said.

VCSs can be used by nefarious governments to collect sensitive information on both drivers and their passengers – and even remotely control a vehicle’s movements, the fact sheet explains.

Furthermore, the cameras and sensors used in ADSs have the ability to record detailed information about American infrastructure, it said.

Infrastructure data can include specifics about America’s “geographic areas or critical infrastructure” and could be used by threat actors to hack or disrupt operations at such facilities.

The rule would cover certain connected vehicle systems “designed, developed, manufactured, or supplied by entities with a sufficient nexus to the PRC or Russia,” covering both software and hardware equipment.

ADVERTISEMENT

Typical connected components that fall under this classification would include Bluetooth, cellular, satellite, and Wi-Fi modules.

Sweeping restrictions to start in 2027

The ban proposal is part of a Biden-backed comprehensive security investigation announced in February. The investigation also included a 60-day opinion-seeking process during which the public could submit feedback on the potential rule.

At the time, Roger Grimes, a data-driven defense evangelist at KnowBe4 said the probe is really just a “small part of a larger, valid concern of who collects information on who.”

Grimes pointed out that this is a particular concern between nation-states. “It's not just cars and 5G networks in the news and of concern to the US government – it's also TikTok… really, it's everything,” he said.

“Everyone's information...where they go, what they do, who they interact with is likely for ready sell on hundreds of sites and services and also under the ownership of multiple nation-states,” said Grimes.

If finalized, the rule would be applied to software used in all Model Year 2027 vehicles and beyond. Hardware restrictions would begin for Model Year 2030 or January 1st, 2029, for units without a model year, the administration said.

The White House said it is still seeking feedback from industry stakeholders, including US allies and partners, as well as regulatory bodies to “ensure maximum protections.”

In May. the Biden administration increased the tariff rate on Chinese-made electric vehicles from 25% to 100% and restricted eligibility for a $7,500 EV consumer tax credit to only cover vehicles whose assembly is completed in North America.

The administration is also proposing that smaller auto manufacturers could be exempt from the rule on a case-by-case basis to minimize potential supply chain disruptions.

ADVERTISEMENT

China’s Secretary General of the Passenger Car Association, Cui Dongshu, has said, “It is unfair to target cars from a specific country and impose restrictions on them exclusively.”