Key Takeaways
- The FCC has added foreign-made consumer routers to its Covered List, blocking approval for new models.
- The agency says the move is tied to national security, cybersecurity, and supply chain concerns.
- People can keep using routers they already own, and previously approved models are not affected.
- Manufacturers may still seek conditional approval through the Department of War or DHS.
- The decision could affect much of the router market, since most consumer routers are made outside the United States.
The FCC has moved to stop new foreign-made consumer routers from entering the U.S. market, saying they create unacceptable national security and cybersecurity risks. In simple terms, the government is treating home routers as a critical part of digital infrastructure, not just another box that sits near your modem.
What the FCC actually changed
On March 23, 2026, the FCC updated its Covered List to include all consumer-grade routers produced in foreign countries. That means new models in this category cannot get FCC authorization, which effectively blocks them from being imported or sold for use in the United States. Existing devices already approved by the FCC are still allowed, and people who already own these routers can keep using them.
There is also a narrow path forward for manufacturers. The FCC says producers can seek “conditional approval” through national security authorities such as the Department of War or the Department of Homeland Security. So this is not a total shutdown of every router brand overnight, but it is a major gatekeeping move that raises the bar for new products.
Here’s the thing: the FCC is not acting alone. Its own fact sheet says the Commission updated the list only after a White House-convened interagency body determined that these routers pose unacceptable risks. Reuters also reported that the action follows a broader national security review and noted that foreign-made routers make up a large share of the U.S. home router market.
Why routers became a security issue
Routers sit at the center of home and small office networks. They handle the traffic between your devices and the internet, which makes them valuable targets for attackers. NIST defines a consumer-grade router as a device intended for residential use that can be installed by the customer. In other words, this is the kind of gear most people buy, plug in, and forget about.
The FCC says foreign-made routers have been linked to attacks such as Volt, Flax, and Salt Typhoon. The agency argues that these devices can create supply chain weaknesses and give hostile actors a way to disrupt communications, energy, transportation, and water systems. That is a big claim, but it helps explain why router policy has suddenly become a national security story.
At the same time, the Verge points out an important wrinkle: simply moving production to the United States does not automatically make a router safer. Security also depends on software updates, patching, and how long a company supports a product. That matters because many router hacks happen when outdated devices stop receiving fixes.
What this means for buyers and brands
For everyday users, the short-term impact is limited. Your current router should keep working, and previously authorized models can still be sold. The bigger change is for manufacturers that want to launch new consumer router models in the U.S. market. They may need to rethink where they build products, how they apply for approval, and whether the U.S. market is worth the extra compliance effort.
TP-Link, which the Verge notes has been trying to separate itself from China, said the decision could affect the whole router industry because most routers are built outside the United States. That reaction makes sense. If a rule covers the most common manufacturing setup in the industry, companies will feel it fast.
So what does this mean in practical terms? Expect more scrutiny on router supply chains, more pressure on manufacturers to prove security, and more debate over whether domestic production alone is enough. The FCC is clearly betting that the risk is too high to leave the market unchanged. Whether the policy works as intended will depend on how manufacturers respond, how exemptions are granted, and whether security actually improves for consumers.
