PRIA Logo
S4429119th CongressWALLET

Connected Vehicle Security Act of 2026

Sponsored By: Senator Moreno, Bernie [R-OH]

Introduced

Summary

Restricts connected vehicles and related software and hardware that originate from or are controlled by China, Russia, Iran, or North Korea. It would create a Commerce Department led, risk‑based system to authorize, regulate, and enforce those limits.

Show full summary
  • Would bar importing, selling, or introducing into U.S. commerce connected vehicles tied to covered countries starting January 1, 2027. Repairs of model‑year vehicles sold before 2030 are allowed.
  • Would treat a connected‑vehicle manufacturer as controlled if a covered‑country entity holds more than 15% ownership and would treat software or hardware developers as controlled at more than 25% ownership.
  • Would let the Commerce Secretary issue exceptions after a written risk assessment and would require a 60‑day Congressional notification and review for authorizations. It would also require importers to submit conformity declarations and would set civil penalties starting at $1.5 million per prohibited transaction, with daily penalties possible.

Your PRIA Score

Score Hidden

Personalized for You

How does this bill affect your finances?

Sign up for a PRIA Policy Scan to see your personalized alignment score for this bill and every other piece of legislation we track. We analyze your financial profile against policy provisions to show you exactly what matters to your wallet.

Free to start

Bill Overview

Analyzed Economic Effects

6 provisions identified: 2 benefits, 2 costs, 2 mixed.

Stronger enforcement with large fines

If enacted, the Secretary could fine each prohibited transaction the greater of $1,500,000 or five times the value of the transaction. Each day a violation continues would count as a separate violation, so penalties can grow quickly. The Secretary would also be required to send certified‑mail notice to transaction parties naming the specific item found to pose a threat. The Secretary could rely on classified evidence and give it privately to a court, and filing for judicial review would not by itself pause enforcement unless a court orders a stay.

Bans on foreign-origin vehicle software and parts

If enacted, the bill would ban many connected vehicles, software, and hardware tied to four covered countries. Beginning January 1, 2027, vehicles and integration of covered software would be barred when the item’s origin or developer is tied to a covered country or when the vehicle maker is more than 15% controlled or the software developer is more than 25% controlled by covered-country entities. Beginning January 1, 2030, the same 25% test would bar covered vehicle hardware, with an exception for parts used to repair or warranty vehicles with model year before 2030. The bill would treat renamed, rebranded, or altered items as still covered if they are meant to evade the ban.

New authorization process and public lists

If enacted, the Secretary of Commerce would be able to authorize items that would otherwise be banned if a written risk assessment and clear and convincing evidence show no undue national‑security risks. The Secretary would have to notify Congress at least 60 days before an authorization takes effect and Congress could block it during that period. The Secretary would set procedures by January 1, 2027, issue rulings within 45 days of a complete application, and publish an initial authorized-items list by January 1, 2027. Authorizations issued before January 1, 2030 would remain until January 1, 2032 unless changed, and the Secretary must do rulemaking between 20230 and 2032 to reassess exclusions.

Pre-import declarations and testing exception

If enacted, anyone who imports, makes, sells, resells, or brings a connected vehicle or covered vehicle hardware into interstate commerce would have to file a declaration of conformity with the Secretary before doing so. The declaration would certify that the item is not barred under the Act, creating a new pre-sale or pre-import paperwork step. At the same time, the bill would allow U.S.-organized entities to import or use otherwise‑banned items solely for testing and evaluation if they are organized in a U.S. State, do not have their main office in a covered country, and are less than 25% owned or controlled by covered‑country entities.

Interagency coordination on vehicle security

If enacted, the Secretary would be allowed to consult with the Department of Transportation, the Federal Communications Commission, and other agencies and advisory committees on connected vehicle security. These consultations would cover data security, supply chain risks, and emerging technologies. The goal would be to align scope and timing and to avoid conflicting regulatory requirements.

Severability and regulatory fallback authority

If enacted, the bill would say that if a court strikes down any part, the rest of the law stays in effect. If a court invalidates regulations, the Secretary would be able to reissue or reinstate similar rules that were in effect the day before enactment. This is meant to preserve regulatory continuity.

Sponsors & CoSponsors

Sponsor

Moreno, Bernie [R-OH]

OH • R

Cosponsors

  • Elissa Slotkin

    MI • D

    Sponsored 4/29/2026

  • Sen. Cotton, Tom [R-AR]

    AR • R

    Sponsored 5/14/2026

  • Sen. Schmitt, Eric [R-MO]

    MO • R

    Sponsored 5/14/2026

  • Sen. Tuberville, Tommy [R-AL]

    AL • R

    Sponsored 5/14/2026

Roll Call Votes

No roll call votes available for this bill.

View on Congress.gov
Back to Legislation