Biden Administration Proposes Ban on Chinese Vehicles and Russian Tech for Autonomous Vehicles on U.S. Roads -- Security Today

Biden Administration Proposes Ban on Chinese Vehicles and Russian Tech for Autonomous Vehicles on U.S. Roads

By Joseph M. Saunders
Oct 01, 2024

Citing increasing national security concerns, the U.S. Commerce Department has proposed a ban on new vehicle software originating within China or Russia, and includes software within the supply chain. The ban, if approved, would take effect in 2027 for new internet-connected vehicles sold for use on U.S. public roads, including cars, trucks, and buses. It would exclude vehicles not used on public roads such as those for agriculture.

A second proposed rule would ban imports and sales of vehicles with automated driving hardware created in China or Russia. This ban would go into effect for the 2030 model year or January 2029. Such a delay gives the U.S. vehicle industry time to remove any prohibited software and hardware and also to find suitable replacements.

The two proposals are now in a 30-day review period. A final draft of each will be available at the end of the year, 2024, and, if enacted, in place by January 20, 2025.

According to Reuters, the U.S. Commerce Department said the rule would amount to a ban on all vehicles manufactured in China yet it would allow Chinese automakers to seek "specific authorizations" for exemptions. Also, European manufacturers who use software from China or Russia could also apply for exemptions although the criteria for those exemptions is not currently available.

The Issue
The U.S. concern with software originating from China and Russia consists of two parts.

There is concern about personal data flowing back to either China or Russia regarding vehicle use within the United States. This includes data around geolocation, such as places of employment, childrens’ schools, or medical services, as well as any payments used within the vehicle for third-party services within the vehicle such as Spotify. In certain scenarios, cellular services could also be accessed remotely, as in vehicle-to-vehicle (V2V) or vehicle-to-infrastructure (V2I) 5G communications.

Secondly, there is concern about remote access and/or software backdoors. A scenario might be that with remote access, someone in China or Russia could cripple or otherwise completely disable a fleet of vehicles on roads within the United States. If all the vehicles from a brand suddenly stop on the road at the same time, nationwide, it would pose an immediate threat to the drivers and also to the vehicles around them. This would of course require a certain critical mass of drivers to adopt the vehicles first in order to pose a genuine national threat. Hence the ban was proposed.

In a statement, Commerce Department’s Gina Raimondo said it’s important to have the ban in place "before suppliers, automakers and car components linked to China or Russia become commonplace and widespread ... We're not going to wait until our roads are filled with cars and the risk is extremely significant."

Software Bans Already In Place
Such a national security ban on software origin has already been used by the Biden Administration. This summer, the US banned the sale of Moscow-based Kaspersky Antivirus products and any future updates to its existing customers, citing national security concerns. The US Department of Commerce said that Kaspersky's software could be used to identify sensitive data and make it available to Russian government officials. The company has denied such allegations but has agreed to leave the US market.

Both China and Russia have implemented their own bans mandating that all enterprises in their countries use only domestically produced software, including operating systems. This move effectively eliminates competition from Google, Adobe, and Microsoft in those markets.

This new vehicle software and hardware ban, if enacted, would prohibit importing or selling systems designed, developed, manufactured, or supplied by vendors with close connection to China or Russia. The vehicle software and hardware ban would also apply to imports and sales of vehicles using those countries' connectivity features such as Bluetooth, cellular, satellite, and Wi-Fi.

It’s uncertain how the proposed regulations would affect certain automakers like Volvo, which is primarily owned by the Chinese conglomerate Geely Holding. Volvo has an assembly plant for its worldwide distribution in Chengdu province, China. Also, as noted, European automakers may also be affected, and may also need to apply for exemptions.

One way for U.S. vehicle manufacturers to know the pedigree of its software supply chain is to use Software Bills of Materials (SBOMs). SBOMs are used to show individual components and version numbers within a software binary. Additionally, the software used in hardware (firmware) would also need its own SBOM. By knowing the components of a binary, an OEM can be assured that it is not incorporating prohibited software.

About the Author

Joseph M. Saunders is Founder & CEO, RunSafe Security.

ZBeta Strengthens Its Advisory Bench with New Appointment
05/05/2025
Security Trends Reshaping Enterprise Resilience Into 2027
05/05/2025
Amerant Bank Selects Omnilert AI Technology for Enhanced Video Surveillance Security
05/02/2025
Minnesota County Is Still Reaping Huge Benefits from ASAP Service
05/01/2025
Winsted Unveils Pinnacle Collection with Sliding Worksurface
04/30/2025
Everon Awarded Sourcewell Cooperative Purchasing Contract
04/30/2025
Honeywell Signs Global Distribution Agreement With Milestone Systems
04/28/2025
DSI Security Services Announces Leadership Reorganization and Strategic Growth Initiatives
04/21/2025

Featured

Body-Worn Cameras on the Rise

On the evening of Oct. 29, 2024, the owner of 300 Guard based in Houston, was shot while on duty at a convenience store. He returned fire. He was wearing a plated vest and thankfully recovered in the hospital. Read Now
- Government
Fast-Forward from 1,000 B.C.E. to Today

The lock and key have been around since time immemorial. In fact, the locksmith profession is one of the oldest in the world when you consider the earliest wooden tumbler lock debuted three-plus millennia ago. Read Now
- Access Control
Brazil Port Enhances Surveillance and Supports Wildlife Conservation with Sustainable Technology

Ferroport, which operates the iron ore terminal at the Port of Açu in São João da Barra, Rio de Janeiro, Brazil, has deployed state-of-the-art video surveillance cameras from Axis Communications to enhance nighttime security and visibility, while decreasing environmental impact and prioritizing sustainability. With cutting-edge technology, the port now has precise surveillance cameras that capture high-quality nighttime images, while reducing the amount of artificial lighting that negatively impacts the surrounding ecosystem. Read Now
- Government
Verizon’s 2025 Data Breach Investigations Report Notes Alarming Cyberattack Surge Through Third Parties

Verizon Business recently released its 2025 Data Breach Investigations Report (DBIR), which reveals a significant increase in cyberattacks. The report found that third-party involvement in breaches has doubled to 30%, and exploitation of vulnerabilities has surged by 34%, creating a concerning threat landscape for businesses globally. Read Now
- Cybersecurity
Net2 Access Control Increases Reliability at Residential Complex

Encore Atlantic Shores is a residential complex of 240 luxurious townhomes for ages 55 and over in Eastport, New York. Completed in 2011, the site boasts an 11,800 square foot clubhouse, with amenities such as a fitness center, heated indoor pool, whirlpool spa, multi-purpose ballroom, cardroom and clubroom with billiards, tennis courts and an outdoor putting green. Read Now
- Access Control

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

Luma x20

Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities
FEP GameChanger

Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction.