Official Volvo production image showing a Volvo electric SUV inside a manufacturing plant

news May 28, 2026

Volvo Gets a U.S. Pass on Connected-Car Rules, and the Precedent Matters

Volvo has secured U.S. authorization to keep importing and selling connected vehicles under the Commerce Department's China- and Russia-focused vehicle software rule.

By Marcus Holloway

Volvo has cleared one of the stranger regulatory hurdles facing a global automaker in 2026: it can keep importing and selling connected vehicles in the United States even though its ownership structure puts it directly in the path of Washington’s China-focused vehicle-tech rules.

The company said May 26 that Volvo Car USA received a specific authorization from the Office of Information and Communications Technology and Services under the U.S. Commerce Department’s “Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles” rule.

That is a dry title for a big issue. Modern cars are not just mechanical products anymore. They are software-defined, cellular-connected, sensor-heavy devices that can collect location data, receive over-the-air updates, run driver-assistance systems, sync phones, and communicate with cloud services. Washington is increasingly treating that as a national-security problem when the hardware, software, or corporate control trail runs through China or Russia.

For Volvo, the approval matters because the Swedish automaker is majority owned by China’s Geely Holding. Without the authorization, U.S. rules could have created a serious problem for Volvo’s ability to keep selling much of its connected lineup in America.

What Volvo Actually Received

Volvo did not announce a repeal, blanket exemption, or policy rollback. It received a case-by-case specific authorization.

According to Volvo, the process followed discussions with the Commerce Department and other U.S. officials about the company’s governance, technology, and data security. The company says the authorization allows it to continue its U.S. growth plans.

That wording is important. This is not the U.S. government saying connected-vehicle security concerns have gone away. It is the government saying Volvo met enough conditions, or provided enough assurance, to keep operating under the rule.

The Bureau of Industry and Security says the connected-vehicles rule restricts certain vehicles and related hardware or software linked to China or Russia because companies in those countries may be compelled to share data or enable remote access. For model year 2027, the rule targets sales of connected vehicles from manufacturers owned by, controlled by, or subject to the jurisdiction or direction of China or Russia, as well as vehicles using covered software. For model year 2030, it adds restrictions on vehicle connectivity system hardware from covered companies.

That gives Volvo’s authorization real weight. It is one of the clearest public examples of how a non-Chinese brand with Chinese ownership can try to thread the needle.

Why This Is Bigger Than Volvo

Volvo is the cleanest test case because it is both familiar to American buyers and complicated on paper.

It is not a new Chinese EV brand trying to enter the U.S. with a low-cost crossover. Volvo has been selling vehicles in America for 70 years, has a U.S. headquarters in New Jersey, a dealer network across 48 states, and a manufacturing plant in Charleston, South Carolina. Volvo says it has invested more than $1.3 billion in that South Carolina facility and created more than 2,000 jobs there.

At the same time, its parent-company connection to Geely means it cannot simply stand outside the China-tech debate. That is the tension this authorization exposes.

For shoppers, the immediate result is simple: Volvo can keep selling connected cars in the U.S. For the industry, the signal is more interesting. The Commerce Department appears willing to evaluate governance, software control, data security, and corporate structure rather than treating every ownership link as an automatic stop sign.

That will matter to other automakers and suppliers. The global auto industry is full of mixed ownership, joint ventures, shared platforms, cross-border software development, overseas electronics suppliers, and cloud-service dependencies. If connected-vehicle rules are enforced with no practical path to authorization, they become a blunt wall. If the authorization path is real, they become a compliance test that serious automakers will try to pass.

The EV Angle Is Hard to Miss

This is not only about infotainment menus and Bluetooth pairing.

The connected-car fight lands right on top of the EV transition because many of the most competitive electric vehicles are deeply software-defined. Battery management, charging routing, driver assistance, app controls, thermal preconditioning, plug-and-charge authentication, and over-the-air updates all depend on connected software stacks.

Chinese automakers have become particularly strong at the EV software-and-hardware bundle. Brands tied to BYD, Geely, SAIC, XPeng, NIO, Xiaomi, and others have reset expectations in China and are pushing hard in Europe, Southeast Asia, Latin America, and Australia. The U.S. has mostly kept those brands out through tariffs, policy friction, and now security-based connected-vehicle rules.

Volvo sits in a different category. It is a Western premium brand with a long U.S. history, but it is also tied to one of China’s most important auto groups. That makes it a practical test of whether Washington’s concern is mainly about where the badge comes from, who owns the company, who writes and maintains the software, where data flows, or some combination of all four.

The answer will shape more than Volvo’s showroom. It will shape how automakers design software stacks, choose suppliers, localize data systems, and document control over connected features.

Why U.S. Production Still Matters

Volvo’s release spends real time on its U.S. footprint, and that is not accidental.

The company points to its Charleston, South Carolina plant, its New Jersey headquarters, hundreds of corporate employees, 281 dealers, and roughly 11,500 dealer employees. That is the broader argument: Volvo may have Chinese ownership, but it also has a meaningful American business and manufacturing presence.

That matters politically. The U.S. does not want unrestricted connected-vehicle exposure from adversary-linked software and hardware. It also does not want to casually disrupt established employers, dealers, suppliers, and customers when a company can prove adequate governance and data protections.

Volvo has also been working to deepen its American manufacturing story. The company previously announced plans to bring additional production to South Carolina before 2030, and it has been preparing a more localized strategy for core models. That kind of footprint does not erase software-security questions, but it gives regulators a stronger reason to look closely instead of simply saying no.

The MotorLinks Take

Volvo’s authorization is a small headline with a large policy shadow.

It keeps Volvo’s U.S. business moving, which is the immediate news. More importantly, it shows that the connected-vehicle rule is not just a theoretical ban sitting in a federal register. Automakers are now having to prove who controls the software, how data is protected, and why their vehicles should be trusted on American roads.

That is the new auto industry reality. Range, charging speed, price, and battery supply still matter, but so do source code, cloud architecture, data governance, corporate ownership, and supplier maps.

For buyers, this should not turn every connected car into a panic button. It should make one point clear: the software inside the car is now part of the product’s national-security story, not just its convenience story.

Volvo got through this round. The harder question is how many other global automakers can say the same when regulators start looking deeper into the wiring behind the badge.