USCBC Comments on Securing the ICTS Supply Chain: Connected Vehicles

US-China Business Council Comments on Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles (Docket No. 240919-0245) (RIN 0694-AJ56)

October 28, 2024

The US-China Business Council (USCBC) appreciates the opportunity to submit feedback to the Department of Commerce regarding the notice of proposed rulemaking (NPRM) on “Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles.” USCBC represents more than 270 American companies engaged in business with China. Our membership covers a wide range of industries and sectors and includes many automotive and technology companies. Our members include some of the most recognizable American brands and small-and medium-sized enterprises.

USCBC supports the administration’s whole of government approach to protect Americans from foreign adversaries that may exploit vulnerabilities in information and communications technology and services (ICTS). Our businesses are stronger and more resilient, whether it be in the United States or abroad, when connected systems are secure. We acknowledge the legitimacy of the national security risks associated with connected vehicles (CVs) identified and described in the NRPM and acknowledge BIS’s responsibility to address those risks to protect US national security. We understand that China and other countries have similar concerns.

USCBC strives to act as a constructive partner to the administration in ensuring US national security and the competitiveness of US companies. USCBC member companies have at significant expense, taken measures to assess the security of Chinese suppliers’ products and evaluate connections to known malicious actors maintained on lists such as the Entity List and SDN list. In some cases, they have abrogated commercial relationships beyond what is required under US law, often at the detriment of their global competitiveness and to their reputations as reliable business partners. As BIS moves to finalize the rule, USCBC requests additional clarity around certain definitions and aspects of implementation.

USCBC is concerned that implementation of these rules could create friction with allied countries that do not yet have similar controls and could disadvantage US firms that compete with international suppliers in China. Additionally, there is a chance that such measures could invite retaliation. The United States should use the final rule as a template to pursue a multilateral and harmonized regulatory framework through plurilateral forums, such as the US-EU Trade and Technology Council (TTC) and US-Canada-Mexico Agreement (USMCA).

Executive Summary

To facilitate smooth implementation and compliance with the final rule, and to inform potential future invocations of ICTS authorities, USCBC makes the following recommendations. Our recommendations are centered around improving clarity, creating consistency, and easing implementation for regulators and industry alike.

Definitional concerns

  • BIS should define and provide illustrative examples of the terms assemble; design; develop; manufacture; material change; supply; and U.S. person.
  • BIS should clarify the definitions of the terms automated driving system; covered software; person owned by, controlled by, or subject to the jurisdiction of a foreign adversary; vehicle connectivity system (VCS); and VCS hardware.

Recommendations

  • BIS should clarify that the rule does not apply to VCS hardware importers and CV manufacturers that import covered hardware intended for assembly into vehicles that are not covered by the definition of connected vehicle.
  • BIS should clarify that the rule does not apply to VCS hardware importers and CV manufacturers that import covered hardware intended for assembly into vehicles for reexport to China or elsewhere.
  • BIS should develop a preclearance procedure to ensure automakers and suppliers have advance approval for continued use of certain covered software, with appropriate risk mitigation.
  • BIS should publicize approvals, denials, and appeals decisions issued under specific authorizations, consistent with the government’s obligations to protect companies’ sensitive proprietary information and intellectual property.
  • BIS should issue guidance for completing declarations of conformity, which would provide clear and standard directions to VCS hardware importers and CV manufacturers undergoing the declaration of conformity process.

Additional suggestions

  • BIS should align its rules on ICTS supply chains and infrastructure to the extent feasible with other allied and partner countries that have developed similar measures. The administration should work with other countries to harmonize regulations and best practices to secure ICTS supply chains and infrastructure better while minimizing adverse impacts on US company competitiveness.
  • BIS should communicate its objectives with China’s commercial regulators and Chinese companies to prevent misunderstandings and provide a more permissive environment for US companies to conduct due diligence into their supply chains.
  • BIS should clarify whether there are specific requirements for conducting proof of concept testing in the United States with Chinese network access device technologies only available from China.
YOU'RE INVITED
Gala 2024

Gala 2024