The Federal Communications Commission has moved to block new consumer Wi-Fi routers made outside the United States from getting the authorizations they need to be imported and sold. The headline goal is national security.
The hidden consequence is that millions of perfectly good devices could be pushed toward an earlier retirement.
There is also a ticking clock buried inside the policy. A waiver from the FCC’s Office of Engineering and Technology lets already authorized routers keep receiving software and firmware updates only “at least until March 1, 2027.”
After that, the rules could turn routine security patching into a much harder problem for families, businesses, and the environment.
A security ban with a built-in patch cliff
On March 23, 2026, the FCC updated its Covered List to include “all consumer-grade routers produced in foreign countries,” which blocks new models from receiving FCC equipment authorization.
The agency also stressed that this does not force people to stop using what they already own, and it does not cancel existing authorizations for models already approved.
The fact sheet ties the decision to an Executive Branch national security determination that said foreign-produced routers can create supply chain vulnerabilities affecting the economy, critical infrastructure, and national defense.
It also points to past router exploitation connected to campaigns like Volt Typhoon, Flax Typhoon, and Salt Typhoon.
Here is the twist that matters for everyday users: The FCC’s Office of Engineering and Technology issued a limited waiver so “all routers authorized for use in the United States” may keep getting security and compatibility updates “at least until March 1, 2027,” and it says it will reevaluate before that date.
The environmental price tag of swapping routers early
When a router stops getting patches, it does not just become a cybersecurity issue. It becomes a replacement decision, and replacement decisions create waste. Who hasn’t tossed a still-working gadget because it simply stopped being supported?
This is happening in a world already drowning in discarded electronics. The Global E-waste Monitor reports that in 2022 the world generated 137 billion lbs. of e-waste, and only 22.3% was documented as formally collected and recycled.
Routers are small, but the volumes are not. An ENERGY STAR sell sheet noted that U.S. consumers were expected to purchase more than 19 million routers in 2014, and that those routers would use about 1.2 billion kilowatt-hours of electricity each year, tied to more than 900,000 tons of carbon dioxide emissions annually.
Onshoring, supply chains, and the carbon math
The policy clearly nudges the market toward domestic production, and it frames that as part of resilience. But “made here” does not automatically mean “made clean.” In electronics, a big share of climate impact comes from manufacturing itself, not just shipping boxes across oceans.
Router supply chains also run through semiconductors, and chipmaking is famously energy and resource intensive. Imec, a major semiconductor research group, notes that semiconductor manufacturing contributes a significant carbon footprint and is a major emissions source within the broader electronics ecosystem.
As of now, the United States is not starting from a place where most consumer routers are already built domestically. The Technology Policy Institute review argues that “virtually no consumer-grade routers are manufactured” in the U.S. today, with limited exceptions cited in public discussions.
Business and consumer fallout
For companies that sell routers and for households trying to buy one, uncertainty is the real near-term product. The FCC’s waiver is time limited, and it exists because applying the new rules immediately would have blocked even routine Class I software and firmware changes, including security updates, for devices already in use.
The other pressure point is market access. The FCC fact sheet describes a “Conditional Approval” pathway, with decisions involving the Department of War (DoW) or the Department of Homeland Security, which could allow some foreign-produced devices to keep receiving authorizations.
That kind of gatekeeping tends to reshape competition, sometimes quickly, and it can show up on price tags.
Analysts are already warning that the process matters as much as the goal. The Technology Policy Institute critique says the ban arrived with no notice-and-comment proceeding and no published cost-benefit analysis, and it argues the policy creates the very vulnerability it is meant to prevent if patch support drops off.
A smarter path to secure and greener home networks
If the real threat is that attackers ride unpatched routers into bigger targets, then patching has to be treated like basic infrastructure, not a temporary perk.
A hard cutoff date might look clean on paper, but it can turn into a messy reality when millions of routers are still doing their job in living rooms, small offices, and school buildings.
There is a practical middle ground that protects both security and the environment. Policymakers can pair security restrictions with minimum software support expectations, clearer consumer labeling about update lifetimes, and strong recycling and take-back channels so old hardware does not end up in a landfill.
Consumers are not powerless here, either. Keeping automatic updates on, checking how long a manufacturer promises security support, and recycling retired routers through certified e-waste programs are small moves that add up, especially when budgets are tight and nobody wants another avoidable line item on the electric bill.
The official waiver notice was published on the Federal Communications Commission website.
