Last week, the FCC under the Trump Administration made a surprise pronouncement: New foreign-made routers will be banned in the US. The good news is that your current home internet setup is still legal, since the agency’s rules cover future devices. And vendors can request an exemption.
But as PCMag reports, the FCC order will still be far-reaching. One of the largest vendors, TP-Link, says that “virtually all routers are made outside the United States.” In theory, the ban is aimed at trying to force companies to produce the products in America, but the reality might not follow so neatly.
Below, PCMag answers the questions that many are asking themselves about the ban.
Which Routers Are Banned?
The FCC order targets all foreign-made consumer-grade routers, but existing models are not banned from use or sale. “Today’s action does not impact a consumer’s continued use of routers they previously acquired,” the FCC stated. “Nor does it prevent retailers from continuing to sell, import, or market router models approved previously through the FCC’s equipment authorization process.”
The FCC also issued a waiver permitting existing foreign-made routers to continue receiving software updates. The ban will focus on “new” or future Wi-Fi router models made outside the US, in an effort to stamp out cybersecurity threats posed by vulnerable networking gear.
Why Is the US Concerned About Foreign-Made Routers?
The US has long been worried about China hacking US targets through Chinese-made products and services. US officials fear Beijing could compel a Chinese vendor to secretly assist in the spying. It’s why we’ve seen bans on Huawei, ZTE, and the drone maker DJI, along with the forced sale of TikTok, even though the Chinese companies have denied any wrongdoing.
Both the Biden and Trump administrations considered a ban on routers made by TP-Link, a Chinese-affiliated vendor. But on Friday, the FCC went even further, citing a White House national security determination that found “allowing routers produced abroad to dominate the US market creates unacceptable economic, national security, and cybersecurity risks.”
The White House didn’t get specific. Instead, the declaration points to how cybercriminals and state-sponsored groups, including those from China, have routinely abused unpatched vulnerabilities in foreign-made routers to help launch their hacking activities. It also doesn’t address possible vulnerabilities in US-made routers, but the declaration says the US “must have trusted supply chains so we are not providing foreign actors with potential built-in backdoors.”
Are Any Routers Made in the US?
The ban aligns with President Trump’s ongoing push for companies to manufacture their products in the US. But if you wanted to buy an American-made router today, you’d probably struggle to find one. Many routers currently sold in the US are manufactured in China, Taiwan, India, and Vietnam, according to Jaimie Lenderman, a manager at research firm Omdia.
Lenderman also questions “how far down into the equipment this ban goes,” considering many electronic components and chips are made outside the US. The FCC order also extends beyond final assembly to target routers that are designed or developed in a major way in a foreign country.
Still, Lenderman points out that 2021’s Build America Buy America Act has been pushing companies to manufacture at least some networking gear, particularly optical fiber, in the US. One US vendor, Adtran, has been offering such products, although the company seems to specialize in enterprise networking gear.
A ‘Conditional Approval’ Process for Exemptions?
The ban raises questions about how router makers will build their products going forward. To help them transition, the FCC is offering a “Conditional Approval” process for exemptions.
Vendors will have to submit an application, which will be reviewed by the Department of Defense or Homeland Security. The guidelines call for the company to indicate how much of the router product is made outside the US, where manufacturing occurs, and to provide a “detailed, time-bound plan to establish or expand manufacturing in the United States for the router.”
Another guideline says a vendor needs to disclose any “foreign government ownership, control, influence, financing, or material support,” as well as the “nationality” of company leadership. The process might favor US-based Netgear, but could be bad news for TP-Link. Although the vendor spun off from its Chinese counterpart and is now headquartered in Irvine, California, the TP-Link brand continues to face accusations that it’s a spying threat.
—
Photo Credit: Mehaniq / Shutterstock.com