Table of Contents
June 20 EST: The FCC has opened a national security review into the U.S. Cyber Trust Mark program, a high-profile federal effort aimed at certifying the cybersecurity of smart home devices. The concern: most of the testing is happening in China.
FCC Commissioner Brendan Carr ordered the review on June 20, citing what he called “potentially concerning ties to the government of China.” The specifics are still under wraps, but the direction is clear—federal regulators are worried the label could be vulnerable to foreign interference, and they’re not willing to take that risk.
75% of Devices Tested in China
Here’s the problem: while the USCTM is a domestic initiative, roughly 75% of the certified devices have been tested in labs based in China, according to FCC records from April 2025. That includes everything from smart doorbells and thermostats to connected fitness bands—devices embedded in U.S. homes, often collecting sensitive data or interfacing with other networks.
For a label meant to signal “trustworthy” cybersecurity, that’s a hard sell. Especially given the long list of China-related security incidents that have already rattled both the private sector and federal agencies.
The label itself is voluntary, launched under the Biden administration in 2023 and formalized last year. It follows NIST cybersecurity standards and was positioned as a market-friendly way to nudge the IoT industry toward safer design. For the most part, it’s been working—until now.
Spotlight on UL Solutions
At the center of the scrutiny is UL Solutions, the company administering much of the program’s rollout. Internal FCC documents, cited by Fox News, describe “deep ties to China,” including joint ventures and facilities on the mainland. No wrongdoing has been proven, but Carr’s move suggests the perception of risk is enough to act.
Industry insiders have privately raised flags as well. According to FCC staff, the Biden-era launch was “rushed,” with the infrastructure for global testing—including in China—essentially grandfathered in without rigorous security vetting.
If that sounds familiar, it’s because it’s not the first time federal regulators have had to unwind tech infrastructure decisions that turned out to have deeper geopolitical entanglements than anyone wanted to admit.
Policy Risk Is Rising
Carr’s order doesn’t suspend the USCTM program, but it puts it under a microscope. Depending on the review’s findings, the FCC could move to restrict which labs are eligible to certify devices or even pull back UL’s role.
That would be a blow not just to the program, but to any manufacturer relying on it for credibility in a fragmented and reputation-sensitive market. It could also force companies to retest products or shift supply chains in a scramble to stay compliant.
The review also adds to a growing pattern: U.S. regulators are leaning harder into tech infrastructure tied to China. Last week, the FCC signaled possible fines against China Mobile for failing to cooperate with a separate national security probe.
None of this is happening in a vacuum. The broader policy context is one where Washington increasingly views cybersecurity and tech trust as core elements of economic security. That sentiment is reshaping how the government interacts with everything from chipmakers to cloud providers—and now, smart lightbulbs and baby monitors.
Business as Security Infrastructure
The IoT label was never just about consumer protection. It was about setting a baseline for how products connected to the internet should behave—and who’s accountable if they don’t. In that light, Carr’s intervention isn’t just a partisan volley. It’s a reflection of how the government sees trust itself as a strategic asset.
For device makers, the risk now isn’t just technical—it’s reputational and regulatory. A label meant to build trust could quickly backfire if end users start associating it with compromised oversight or lax standards.
In short, the FCC is signaling that cybersecurity policy is now foreign policy. And in that calculus, even a QR code on the back of a smart fridge can become a national security issue.
New Jersey Times Is Your Source: The Latest In Politics, Entertainment, Business, Breaking News, And Other News. Please Follow Us On Facebook, Instagram, And Twitter To Receive Instantaneous Updates. Also Do Checkout Our Telegram Channel @Njtdotcom For Latest Updates.
