Sections
The photo taken on March 17, 2026 shows a worker working on an industrial robot assembly line at a KUKA factory in Foshan, in southern Guangdong province.

Research

A new risk framework for Chinese technology products and investments

July 9, 2026

The United States needs a clearer framework for evaluating and addressing the risks associated with Chinese technology products, services, and investments. The risks from Chinese technology have grown more complex with the proliferation of internet-connected devices and China’s growing centrality in technology supply chains. At the same time, the United States needs a calibrated approach that targets specific risks while preserving benefits to the United States where possible. Those benefits include lower costs for consumers and businesses, greater product choice, and continued access to technologies that strengthen American innovation and competitiveness.

Our current approach to addressing risks from Chinese technology is ad hoc and fragmented. New concerns seem to suddenly enter the spotlight: drones, Wi-Fi routers, port cranes, subway cars, power inverters, and connected vehicles, to name a few recent examples (see Table 1 for a more comprehensive list). The tools and procedures for dealing with these risks are scattered across the federal government: the Federal Communications Commission (FCC) “Covered List,” the Department of Defense’s (DOD) 1260H list, the Department of Commerce’s Information and Communications Technology and Services (ICTS) rule, the U.S. Trade Representative (USTR) investigation process, the Committee on Foreign Investment in the United States (CFIUS), and so on (see the appendix for a more comprehensive list). Bans are often too sudden or crude, causing unnecessary disruption to U.S. industry or consumers. Investigations often lack transparency. Multiple federal agencies and congressional bodies are duplicating efforts on issues that require a coordinated, government-wide response.

The need for a clearer framework is particularly urgent now, as the United States prepares to establish a “board of trade” and “board of investment” with China. In the words of U.S. Trade Representative Jameson Greer, these new bilateral institutions would be designed to “ensure that trade with China is more balanced and beneficial for Americans,” and would be oriented around a distinction between “sensitive” and “non-sensitive” sectors. Before entering into negotiations over trade and investment with China, the United States needs a robust internal process for assessing and addressing these issues first.

Toward a smart risk framework

The National Security Council should oversee an institutionalized government-wide process for evaluating risks from Chinese technology products, services, and investments. Because these questions span a wide range of domains, including national security, trade, and telecommunications, no single department has the institutional authority or expertise to manage them alone. Similar to CFIUS, this process should draw on the expertise of multiple agencies while providing a clear mechanism for coordinating policy and resolving disagreements.

The Bureau of Industry and Security (BIS) should serve as the executive secretariat for this interagency process. BIS already sits at the intersection of national security, supply chains, export controls, market-access restrictions, and industry engagement, making it the closest institutional fit for coordinating technical assessments of Chinese technology products. Working with the Departments of Defense, the Treasury, Homeland Security, and Justice, as well as the USTR, the FCC, the intelligence community, and sector-specific regulators, BIS would prepare risk assessments and policy recommendations. The National Security Council would provide strategic guidance, adjudicate interagency disagreements, and ensure that individual decisions are consistent with broader U.S. economic security and national security objectives.

A smart risk assessment framework for Chinese technology should consider the following steps.

Step 1: Assess the specific risks

What are the particular risks of allowing this product to be sold or used in the United States? Are there immediate national security risks? Are there longer-term data security risks? Are there supply chain risks that stem from dependency on Chinese suppliers? Does reliance on Chinese suppliers make it more difficult for domestic or allied industry players to develop capacity and offer viable alternatives?

Delineating the particular risks is important because it will shape which policy response is most appropriate. For example, a device that creates immediate national security risks because it could allow a foreign entity to disrupt critical infrastructure would likely require a strict use ban. However, an imported device such as drones that make it difficult for the U.S. domestic drone manufacturing industry to scale up and become competitive might require a different remedy, such as a graduated tariff schedule over time.

In addition to current risks, we should also ask: how might these risks grow or change over time? Some risks may grow in the future, such as risks from artificial intelligence (AI) models as they become more advanced and difficult to evaluate. Other risks may decrease over time, such as the risk of dependence on Chinese batteries as U.S.-based battery production capacity grows. Some risks may move to different parts of the supply chain. For example, as battery packs are increasingly manufactured in the United States, the nature of the supply chain dependency may shift to lithium iron phosphate (LFP) cathodes or synthetic graphite from Chinese suppliers.

Types of risks for Chinese technology products:

  • Data collection risk: collection and transmission of sensitive data to foreign actors.
  • Cybersecurity risk: vulnerabilities or malicious code that enables network compromise.
  • Remote control risk: remote operation of devices or equipment without user authorization.
  • Commercial supply chain risk: dependence on certain suppliers creates disruption or coercion vulnerabilities.
  • Military supply chain risk: dependence on certain suppliers could weaken or disrupt military capabilities.
  • Industrial capacity risk: reliance on foreign suppliers crowds out development of domestic industry.
  • Job risk: imported goods substitute for domestic products made by American workers.
  • Foreign influence risk: platforms could shape information flows and content promotion.

Step 2: Assess the potential benefits of Chinese technology and investment

This is an important but often overlooked step in the process. We tend to focus on the risks while neglecting to consider the potential benefits of permitting certain Chinese products or investments. Specifically, we should be asking: What are the alternatives to obtaining these particular products, services, or investments from China? What do we gain by allowing Chinese products, services, or investments into the United States? What do we lose by being forced to switch to alternatives?

Cost is often one of the clearest benefits of allowing Chinese products to enter the U.S. market. Lower-cost products benefit American consumers by helping them to save money on everyday items. Lower-cost Chinese components and intermediary inputs can help make American companies more profitable at home and more competitive in global markets. If U.S. companies are not able to leverage Chinese intermediary goods, their foreign competitors almost certainly will, placing U.S. companies at a competitive disadvantage in global markets.

These cost advantages are not limited to imported goods from China but also come from products manufactured in the United States by Chinese-owned companies or supported by Chinese-linked investments. Fuyao Glass’s Ohio plant, for example, produces cost-competitive automotive glass components that help to lower production costs for U.S. automakers. Chinese-linked solar manufacturing investments in the United States have similarly benefited American solar developers and installers by lowering costs, expanding domestic supply, and supporting faster deployment.

Beyond cost, Chinese products often offer a combination of quality, scale, speed, flexibility, and range that is difficult to match through alternative suppliers. Limiting the sale of these products within the U.S. market could limit consumer choice or force American firms to switch to less suitable alternatives. Where substitutes do not exist, bans or sweeping restrictions may cause significant disruptions for American consumers and businesses and constrain their ability to adopt useful technologies. In consumer drones, for example, there are few affordable, high-quality alternatives to Chinese-made drones from DJI, which holds 70% to 90% of the U.S. market. The recent FCC ban on imported drones and drone components has disrupted a range of U.S. businesses and organizations that rely on DJI drones, including construction firms, utilities, and first responders.

In other cases, overly blunt restrictions on Chinese products could end up impeding U.S. progress in emerging industries. In AI, many American data centers rely on Chinese components such as transformers, batteries, cooling equipment, and power supply systems. Restricting access to these components could slow down the broader American AI infrastructure buildout. In robotics, many American researchers rely on humanoid robots from Unitree, a Chinese robot maker, which provides capable, low-cost off-the-shelf hardware platforms. Limiting access to these robots, as some members of Congress are considering, could make it more difficult for American startups and researchers to develop new software and end up slowing innovation across the U.S. robotics ecosystem.

Potential benefits from Chinese technology products and investment:

  • Create jobs, particularly in high-tech manufacturing.
  • Offer affordability and product range for consumers.
  • Lower input costs for producers, increasing their global competitiveness.
  • Provide positive competitive pressure on domestic firms to innovate.
  • Enable research and development.
  • Advance U.S. technological leadership.

Step 3: Consider the full range of mitigation strategies

The United States should develop tailored mitigation strategies that draw on the full policy toolkit and address specific risks rather than defaulting to blunt measures such as blanket bans. Depending on the product and risk profile, these tools could include procurement restrictions for government agencies, data localization requirements, source-code or supply-chain audits, licensing regimes, tariffs, import quotas, disclosure requirements, or restrictions limited to sensitive sectors such as defense, critical infrastructure, or law enforcement. In many cases, a more targeted response may significantly reduce security or economic vulnerabilities while avoiding unnecessary disruption to American firms, consumers, and broader U.S. innovation.

One example is technology licensing agreements, such as Ford’s partnership with Chinese battery-maker CATL. Rather than simply banning Chinese electric vehicle and battery companies from the U.S. market, a technology licensing agreement could mitigate risks associated with the direct sale of Chinese EVs in the United States—such as data security and remote operation risks—while harnessing the benefits of China’s global leadership in LFP batteries. Another example is data localization requirements. For both Chinese hardware devices and software services, data security concerns may be partly addressed through requirements to limit data within the United States, restrict cross-border data transfers, mandate independent audits of data flows, and require sensitive data to be stored and processed by trusted U.S.-based entities.

Multiple mitigation strategies can also be combined to achieve longer-term security objectives. For example, import quotas or tariffs can be imposed on certain Chinese products that gradually tighten over time. Simultaneously, joint venture or licensing partnerships can be encouraged with Chinese firms to shift production to the United States. For Chinese EVs, markets such as Canada and the European Union have raised similar concerns about data security, economic security, and unfair competition. Instead of outright bans, they have sought to manage these risks through a combination of other tools, including tariffs, minimum price floors, import quotas, and investment conditions.

Types of mitigation strategies:

  • Full market sale ban.
  • Federal government-wide procurement ban.
  • DOD procurement ban.
  • Exclusion from critical systems.
  • Tariffs (static or scheduled over time).
  • Supplier concentration ceiling.
  • Import quotas.
  • Joint venture requirements.
  • Data localization rules.
  • Non-connected components provision.

Step 4: Transparency and public feedback

While there are obvious limits to how much information can be publicly shared, the U.S. government should provide as much public explanation as possible when proposing restrictions on Chinese technology products, services, or investments. What are the major risks? What is their significance and likelihood? Is there publicly shareable evidence? What mitigation strategies are currently being proposed, and how are they expected to impact consumers and industry?

To date, many restrictions on Chinese technology products have been accompanied by limited public explanation. For example, when foreign-made drones and critical drone components were added to the FCC Covered List, the public justification consisted of a brief National Security Determination that referenced risks around mass-gathering events, such as the World Cup and the use of drones by drug cartels. It did not provide a fuller public account of the evidence, the likelihood of specific threats, the range of mitigation options considered, or the expected effects on U.S. drone users and industries. A more transparent process would strengthen public trust, improve the quality of risk assessment, and help ensure that restrictions are calibrated to the actual risks they are meant to address.

We should also establish clearer channels for public feedback. Companies, researchers, state and local governments, consumer groups, and civil society organizations should be encouraged to share feedback with federal regulators and agencies to help inform policymaking and mitigation strategies. Public feedback should include how widely a product is used, whether viable alternatives exist, what compliance costs would look like, and what unintended consequences a restriction might create. Public input would not eliminate the need for classified assessments, but it would help ensure that policy responses are better targeted, more credible, and less disruptive.

The United States government should also improve information-sharing with allies and partners. Many markets are grappling with similar questions around assessing and managing risks from Chinese technology products and services, including Europe, Canada, the United Kingdom, Australia, Israel, Japan, South Korea, and Taiwan. In many cases, allied governments are conducting parallel investigations and evaluating similar risks related to cybersecurity, data security, infrastructure vulnerabilities, supply chain dependencies, and economic security. While each market will ultimately determine its own policies, we should establish a broader system of sharing findings from investigations where possible to mutually enhance our risk assessment efforts.

Step 5: Monitor and update

Technology doesn’t stand still. The technologies themselves and the contexts for their use are constantly evolving. The economic environment might also change. For example, if there are new techniques for enforcing data localization requirements, then this might open new mitigation strategies that were previously not possible. Alternatively, real-world events may reveal hidden risks that were not previously accounted for and thus require an updated, stricter approach to addressing national security risks from Chinese technology products.

Monitoring should include both technical and market-based indicators of changing risk. On the technical side, relevant agencies should track and share reported vulnerabilities or incidents. For certain moderate-risk Chinese-linked investments in the United States, regular reporting and disclosure requirements could be supplemented with unannounced audits and inspections. On the market side, relevant agencies should monitor the degree of U.S. dependence on particular Chinese suppliers, the availability of domestic or allied alternatives, changes in Chinese ownership or state ties, and the spread of Chinese products into sensitive sectors such as defense, critical infrastructure, law enforcement, health care, and transportation. This monitoring process should be continuous rather than episodic, so that restrictions can be tightened, relaxed, or redesigned as the technology, threat environment, and market conditions change.

Conclusion

The United States needs a more systematic, transparent, and calibrated process for assessing risks from Chinese technology products, services, and investments. Our current tools and processes are too crude and fragmented for handling an increasingly complex set of issues. As outlined, a smart framework would aim to evaluate specific risks, weigh the benefits and costs, and select mitigation measures that match the actual threat. Designating BIS as the coordinating node would help turn today’s fragmented approach into a durable framework for protecting U.S. national security while preserving space for innovation, competition, and consumer choice.

Appendix

The Brookings Institution is committed to quality, independence, and impact.
We are supported by a diverse array of funders. In line with our values and policies, each Brookings publication represents the sole views of its author(s).