In an increasingly complex geopolitical landscape, the scrutiny of technology companies linked to foreign governments has intensified, particularly concerning national security. Recently, a cohort of 17 Republican lawmakers has taken a definitive stand against TP-Link, a prominent networking equipment manufacturer. This group, led by Senator Tom Cotton and Representative Riley Moore, has urged Commerce Secretary Howard Lutnick to ban the sale of TP-Link products in the United States, citing the company’s alleged deep connections to the Chinese Communist Party (CCP).
Senator Cynthia Lummis of Wyoming articulated a sentiment that resonates with many in the political arena: “China is not our friend, and we should not bring CCP-controlled equipment into American homes.” This assertion reflects a broader apprehension regarding national security, particularly as it pertains to cybersecurity vulnerabilities associated with technology manufactured in China. The lawmakers contend that TP-Link’s products, which include small office and home office (SOHO) networking devices, are susceptible to exploitation by Chinese state cyber actors.
In a letter dated May 14, the lawmakers characterized TP-Link as a “state-sponsored networking equipment company” that presents a “clear and present danger” to American cybersecurity. They referenced a February 2024 advisory from the Cybersecurity and Infrastructure Security Agency (CISA), which indicated that the Chinese regime has been using SOHO equipment to conduct espionage and target critical infrastructure. The advisory highlighted a specific group of Chinese cyber operatives known as Volt Typhoon, who have leveraged SOHO routers to execute sophisticated cyber attacks.
The dangers of these vulnerabilities were further underscored by a report from Microsoft, which revealed in October 2024 that a Chinese botnet named CovertNetwork-1658 had hijacked numerous SOHO routers—predominantly TP-Link devices—to conduct password spray attacks. This botnet, active since at least August 2023, was composed of approximately 8,000 compromised devices at any given time, raising significant alarms about the integrity of consumer technology.
Moreover, the lawmakers pointed out that TP-Link is subject to China’s National Security Law, which potentially allows the CCP unrestricted access to the data processed through its devices. This raises critical concerns about the implications for American users who may unknowingly expose their personal information to foreign adversaries. The letter further accused TP-Link of engaging in “predatory pricing” strategies, which have enabled the company to capture nearly 60% of the U.S. market share in retail routers and Wi-Fi systems. In response, both the Department of Justice and the Department of Commerce have launched investigations into TP-Link’s business practices.
The urgency of the situation was emphasized in the lawmakers’ plea to Secretary Lutnick: “Each day we fail to act, the CCP wins while American competitors suffer, and American security remains at risk.” They insisted on the immediate prohibition of TP-Link’s SOHO products to safeguard national interests and protect American consumers.
TP-Link, founded in China in 1996, has responded to these allegations by asserting its independence from the CCP. The company claims to have separated into U.S.-based TP-Link Systems and China-based TP-Link Technologies, insisting that there is no longer any affiliation between the two entities. In a statement to the media, TP-Link Systems labeled the allegations as “based on unfounded press rumors” and expressed eagerness to clarify its position.
Adding another layer to this narrative, Texas Attorney General Ken Paxton has issued warnings to several companies, including TP-Link, accusing them of violating state privacy laws. His office demanded that these companies disclose their data processing practices, emphasizing the need for consumer protection against potential misuse of personal information by foreign entities.
As these developments unfold, the implications for consumer technology and national security remain profound. The intersection of market dynamics, cybersecurity, and international relations poses challenging questions about how best to protect American consumers while fostering a competitive technological landscape. As the dialogue continues, it becomes increasingly clear that the stakes are high—not just for individuals, but for the integrity of the nation’s digital infrastructure.
