Canada’s decision to open its markets to Chinese electric vehicles means more connected cars could soon be running on its roads — bringing with them a further potential cause for disconnect with its neighbor, the United States.

Since the Biden administration, the U.S. government has imposed a ban on Chinese-made connected vehicles, which can collect vast amounts of data through a variety of embedded sensors. Canada will likely soon be importing more such cars, however, thanks to its recent deal to allow in a limited number of Chinese EVs annually, starting with 49,000 this year. 

As Chinese auto giants gear up to sell more to Canada and set up factories in the country, the rift between Ottawa and Washington over how to address the potential risks associated with connected Chinese EVs could widen — bringing practical problems for consumers. Last week, the U.S. ambassador in Ottawa suggested that American border officers could even block Chinese vehicles from crossing the U.S.-Canada land border. 

“That car driving around from China — it’s a great gobbler of data and information,” Pete Hoekstra said in an interview with Canada’s Rebel News. “Those cars can come… into Canada, but they’re not going to cross the border into the U.S.”

The role of one Chinese company, Leapmotor, could come under particular scrutiny. The Zhejiang-based firm, now 21-percent owned by European auto giant Stellantis, is in talks with the federal government to make EVs in a mothballed Stellantis factory in Ontario, according to reporting by Bloomberg, citing unnamed sources, and Unifor, Canada’s largest auto union. 

Yet Leapmotor has long had ties to a controversial Chinese video surveillance company called Dahua Technology. Several countries have blacklisted Dahua, and the U.S. and European Union have accused it of aiding the repression and surveillance of Uyghurs and Muslim minorities in Xinjiang.

When Leapmotor, whose full name is Zhejiang Leapmotor Technology, was founded in 2015, its largest shareholders were Dahua, with a 33 percent stake, and Dahua’s co-founders, Fu Liquan and Zhu Jiangming, with 32 and 20 percent stakes respectively, according to WireScreen data. 

Even after Dahua sold its direct stake in Leapmotor in 2023, as part of the deal which saw Stellantis buy its shares in the company, there remained commercial and personal ties between the two firms. By then, the U.S., UK, Australia, India, the EU, New Zealand and Taiwan had all hit Dahua with procurement bans over cybersecurity and human rights concerns. The Canadian federal government mulled imposing sanctions on Dahua in 2024, and the government of Quebec has also imposed a procurement ban. 

Zhu, who led Dahua’s product R&D, production and supply chain management, is now Leapmotor’s chairman. Several Leapmotor vice presidents also previously worked at Dahua. In 2018, the two companies jointly developed China’s first indigenously made AI chip for autonomous driving called “Lingxin 01” that is embedded in many of Leapmotor’s cars. 

Last week, the U.S. Federal Communications Commission announced it is even looking to expand its ban on Dahua equipment. An earlier ban in 2022 barred new equipment from the U.S.; the proposed expansion would prohibit the import of older models as well. 

Stellantis did not respond to a request for comment. 

Through Leapmotor’s tie-up with Stellantis, the company has already aggressively expanded in Europe. Sales of its T03 model, which bears close resemblance to Fiat’s classic 500 compact car, leapt almost 700 percent year-on-year to become the fourth most registered EV model in Europe in February, according to data from Jato Dynamics.

For now, the U.S. remains far more wary of Chinese EVs than its developed market peers.

“For a long time the focus [of auto policy] was about delivering the best possible product at lowest price to the consumer,” says Michael Dunne, a consultant and former General Motors executive. And while countries like Canada still seem concerned about affordability “the U.S. is at a point where it’s asking: why are we buying certain cars, and what are the costs associated with doing so?”

The concerns in U.S. government circles go beyond a fear that competitively-priced Chinese cars could quickly gain a significant share of the local auto market, into questions around personal and national security. 

“Think about how much information a car collects on you, from facial data to voice recognition to information about patterns of life and where you’re going every day,” says Elizabeth Cannon, a former Commerce Department official who ran the Office of Information and Communications Technology and Services (ICTS) and introduced a ban on Chinese connected vehicle components in early 2025. 

“We were also concerned about autonomous driving systems and risks from adversaries getting remote access to the vehicle [to disable it],” she adds.

Cannon was pushed out of the ICTS office in January, around the same time that President Donald Trump said at a dinner in Detroit that the U.S. should “let China come in” and build auto plants. The two events spurred speculation that Washington could reverse its restrictions on Chinese EVs. 

But on Thursday, U.S. Trade Representative Jameson Greer poured cold water on the idea, telling reporters “we don’t see any change” in the Commerce Department’s rule prohibiting Chinese connected vehicle technology. 

That rule set a deadline of March 17 this year for U.S. automakers to replace any software that is written in China or by a Chinese company. It has sparked a scramble from U.S. automakers and their suppliers to comply in time — albeit not necessarily by ripping out the software itself. 

“Commerce’s rule feels like a ban, but in reality it’s just asking companies to do their proper due diligence,” says Brandon Barry, chief executive of Block Harbor Cybersecurity, a Detroit-based company that helps automakers test their cars for vulnerabilities. “There are a lot of paths available. One is to pull the software, another is to do hotfixes [targeted software updates aimed at fixing critical vulnerabilities], another is to just do the analysis to make the argument that [the software is] safe.” 

Rather than see its software replaced, some Chinese companies have found workarounds via corporate restructuring maneuvers. 

“There was a big push to make sure that if there was any [Chinese] code in any of the covered systems…there were restructuring or licensing efforts to make the code compliant,” says Matt Wyckhouse, chief executive at Finite State, another cybersecurity firm.

One example is Quectel’s partnership with Eagle Wireless. Quectel is China’s largest producer of wireless chips, known as cellular internet-of-things (IoT) modules, and its chips are embedded in cars worldwide. Quectel licensed its source code to Eagle, an Ohio-based chip startup which serves as a qualified software provider to U.S. automakers. In order to assure the Commerce Department of the code’s safety, Eagle hired Finite State to audit its code to ensure that data are not transmitted back to China, whether by design or through backdoors. 

Canada’s government has meanwhile claimed it’s looking into regulating connected vehicles, but has not yet proposed any new policy, even as Chinese EV firms are moving to set up shop in the country. 

A spokesperson for Canada’s transport department said the government is working with “a range of stakeholders” to develop “guidance and tools on vehicle cyber security.” 

That car driving around from China — it’s a great gobbler of data and information… Those cars can come… into Canada, but they’re not going to cross the border into the U.S.

Pete Hoekstra, U.S. ambassador to Canada, in an interview with Rebel News

In the absence of matching regulations, the U.S. and its immediate neighbor could end up with  different cybersecurity standards for cars and other vehicles. For now, policymakers say that presents a minor risk — the nearly 50,000 Chinese EVs Canada could import this year remains a tiny fraction of the 18 million personal vehicles that crossed the U.S.-Canada border in 2025. But as Hoekstra’s comments suggest, the differences could become a diplomatic flashpoint. 

For Canada, delaying new rules around cybersecurity could come with drawbacks. Unlike with Huawei’s 5G equipment, for example, “you couldn’t rip and replace. These units are built into the car and systems and subsystems,” says Charles Parton, a former UK diplomat who has testified about the risks from Chinese connected vehicle modules. “So what are the Chinese doing? Steaming ahead because they know it could be bloody difficult to do anything in the future.”

---