U.S. regulators are reviewing the use of Chinese developed software in connected vehicles amid growing concerns over data security, national security, and supply chain dependence. The review reflects heightened scrutiny of how modern vehicles collect, process, and transmit data, and who ultimately has access to it.
Connected vehicles rely on complex software stacks to manage infotainment systems, navigation, driver assistance features, and vehicle diagnostics. Much of this software is developed through global supply chains that include vendors based in China. U.S. officials are now examining whether that reliance creates unacceptable risks as vehicles become more data intensive and increasingly connected to cloud services.
The review is being led by multiple federal agencies, including the U.S. Department of Commerce and the National Highway Traffic Safety Administration. Officials are assessing how software is sourced, what data it can access, and whether safeguards are sufficient to prevent unauthorized data transfer or remote manipulation.
At the center of the concern is data. Modern vehicles generate detailed information about location, driving behavior, vehicle performance, and in some cases biometric identifiers. Regulators worry that software tied to foreign entities could create pathways for sensitive data to be accessed outside the United States, either intentionally or through vulnerabilities.
Automakers say they already implement strict controls and segmentation to protect vehicle systems. Many emphasize that safety critical functions are isolated from infotainment and external communications. However, regulators argue that increasing software integration and over the air update capabilities blur those boundaries, making oversight more complex.
The review does not target a single company or vehicle model. Instead, it reflects a broader reassessment of how geopolitical risk intersects with automotive technology. Similar concerns have already shaped policy in areas such as telecommunications and semiconductor manufacturing, and vehicles are now being viewed through a similar lens.
Automakers operating in the U.S. market are closely monitoring the situation. Any new restrictions could require changes to supplier relationships, software architecture, and compliance processes. For manufacturers, the challenge lies in balancing global efficiency with rising expectations around transparency and security.
Chinese software suppliers and partners have pushed back against broad restrictions, arguing that software components are often customized, audited, and integrated under strict contractual controls. They warn that overly restrictive policies could increase costs and slow innovation across the industry.
Industry analysts say the review underscores how vehicles are no longer just mechanical products. They are mobile data platforms that sit at the intersection of transportation, technology, and national security. As that reality becomes clearer, regulatory oversight is likely to intensify.
For now, the review remains in an evaluative phase. However, its outcome could influence future rules on software sourcing, data governance, and connected vehicle design. As the auto industry becomes more software driven, questions about who writes the code and where it comes from are moving to the forefront of policy discussions.
