Connected Vehicle National Security Review Act
Sponsored By: Senator Elissa Slotkin
Introduced
Summary
Creates a national security review regime for information and communications technology and services (ICTS) in connected vehicles. It would set up an Office inside the Bureau of Industry and Security to screen covered transactions, require mitigation or prohibition, and give broad rulemaking, investigative, and enforcement powers.
Show full summary
- Manufacturers and suppliers: Would face mandatory reviews of transactions involving connected-vehicle ICTS and could be required to adopt cybersecurity standards, remove specified components, accept binding mitigation agreements, or be blocked from a deal.
- Foreign entities and jurisdictions of concern: The bill explicitly flags China, Russia, Iran, and North Korea and targets entities on the Entity List. The Director of National Intelligence must submit risk assessments within 180 days and annually to guide reviews.
- Enforcement and penalties: Investigators could subpoena documents, issue temporary denial orders, and seek court enforcement. Willful violations could bring criminal penalties up to $1,000,000 per violation and up to 20 years in prison.
Your PRIA Score
Personalized for You
How does this bill affect your finances?
Sign up for a PRIA Policy Scan to see your personalized alignment score for this bill and every other piece of legislation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.
Bill Overview
Analyzed Economic Effects
3 provisions identified: 1 benefits, 2 costs, 0 mixed.
New Commerce office for vehicle security
This bill would create a new Office of Information and Communications Technology and Services inside the Commerce Department. The office would be run by an Executive Director appointed by the Secretary and would report to an Assistant Secretary. The Director could directly hire competitive-service staff and the Secretary must set up an industry technical advisory committee within 180 days. Companies could submit nonpublic information that generally would not be released publicly except as required by law.
Which connected-vehicle deals are covered
This bill would define what counts as a "connected vehicle" and which transactions are reviewable. It would name China, Russia, Iran, and North Korea as jurisdictions of concern and define "entity of concern." It would also extend the Act's definition of "United States person" to cover these new review authorities. These definitions decide which companies and deals face review, limits, or prohibitions.
New Commerce powers to review deals
If enacted, the Commerce Secretary's new office could review covered vehicle-tech transactions and compel sworn reports, documents, testimony, and depositions. The Secretary could make rules treating whole classes of transactions the same, require cybersecurity or other mitigation steps, or ban transactions that pose an "undue risk." Commerce could inspect, seize, issue temporary denials, and seek court relief through the Justice Department. The Director of National Intelligence would give a risk report within 180 days and every year, and Commerce would be exempt from the Paperwork Reduction Act for actions implementing this part. Legal challenges would go only to the D.C. Circuit and must be filed within 180 days.
Sponsors & CoSponsors
Sponsor
Elissa Slotkin
MI • D
Cosponsors
Sen. Moreno, Bernie [R-OH]
OH • R
Sponsored 4/29/2026
Roll Call Votes
No roll call votes available for this bill.
View on Congress.gov