Your Wi-Fi Router Was Probably Made in China. Does That Mean It's a National Security Threat?

President Joe Biden signed the Protecting Americans from Foreign Adversary Controlled Applications Act into law in 2024. Citing potential national security concerns, the law required the social media app TikTok to either separate from its Chinese parent company or cease operations in the United States. President Donald Trump signed an executive order on the first day of his second term delaying implementation of the law. But his administration is still wielding government power to shield Americans from China—whether we like it or not.

The Washington Post reports that several federal agencies, led by the Department of Commerce, intend to ban the sale of TP-Link wireless routers. Users routinely praise these popular routers, but since the company was founded in China, regulators have raised concerns that the Chinese government could access Americans' sensitive data or build weaknesses into the devices that make them easier for hackers to access.

Rob Joyce, a cybersecurity adviser to the first Trump administration, testified in March 2025 before the House Select Committee on the Chinese Communist Party, warning that China is "undercutting our market to deliver Chinese-controlled technologies into our homes." He claimed that this raised "significant national security concerns." Joyce added, "We cannot have the software for these prolific devices be written, updated, and controlled by a Chinese company."

TP-Link insists such fears are unwarranted. The company was founded in Shenzhen but has since split into two entities—one in China and one headquartered in California. "TP-Link products are not 'Chinese-controlled technology,'" the company wrote in a blog post. The U.S. branch oversees all global research and development, and the company claims that no government, including China's, has any access to its designs or production. Its routers, TP-Link adds, are built in a company-owned facility in Vietnam.

Hackers linked to the Chinese government have, at times, used hijacked TP-Link routers in cyberattacks—most notably
against Microsoft users. But TP-Link argues this doesn't prove its products are uniquely vulnerable. Hackers exploit whatever devices they can access, regardless of brand, and public data show no special pattern of attacks targeting TP-Link over other router makers.

In fact, TP-Link's routers don't seem any riskier than those of its competitors. Cybersecurity journalist Brian Krebs notes that "much of the rest of the industry serving this market also sources hardware from China and ships products that are insecure fresh out of the box." As Krebs puts it, nearly every consumer-grade router "includes a number of default settings that need to be changed before the devices can be safely connected to the Internet."

CNET interviewed four cybersecurity experts, all of whom indicated TP-Link's routers were no less secure than those from other companies.

This may all be beside the point. The Washington Post, citing an unnamed official, said the proposed ban could just be a "bargaining chip" in U.S.-China negotiations. A spokesperson for TP-Link called the suggestion "nonsensical," but the government does seem to have it in for the company.

"Prosecutors in the Justice Department's antitrust division are investigating whether TP-Link engaged in predatory pricing," Bloomberg reported in April 2025—specifically, "selling goods below cost in order to gain market share before raising prices once competitors have either been hobbled or eliminated." (TP-Link claims it "sells products at multiple price points to be competitive in the marketplace.")

Both the national security and antitrust investigations began under the Biden administration but continued under Trump. In a May 2025 letter, Sen. Tom Cotton (R–Ark.) and other lawmakers urged Commerce Secretary Howard Lutnick to ban the sale of TP-Link products, not only over ties to China but because its "predatory pricing…imminently threatens U.S. competition in a market critical to our national security."

TP-Link even downplays its own market saturation. The Wall Street Journal reported the company captured 65 percent of the "U.S. market for home and small-business routers" by 2024. But "industry data shows we are not the majority provider of routers in the United States," TP-Link replied, putting its own unit share of the market around 35 percent.

Yes, hackers have used TP-Link's products for nefarious purposes, but the same is true of nearly any internet-connected gadget, including cars, printers, and medical devices.

Nearly two years after passing a law banning TikTok because of the danger it posed, lawmakers have yet to provide any evidence of that danger. Likewise, if the government has proof of malfeasance by TP-Link, it should share that information.