The first two parts of this series established two things. The BMS is the intelligence layer of the battery, a continuously operating electrochemical inference system that generates a stream of operational data as a byproduct of doing its job. And the barrier to building a domestic alternative, the ASIL-D certification process, is not primarily a technology problem. It is a capital and time problem that private markets have not solved and will not solve on their own against incumbents who cleared it years ago with structural advantages a domestic entrant does not have.
This piece is about what the data flowing through that system actually is, and what it represents to a foreign actor who controls the software that decides what to collect, what to store, and what to transmit.
The framing that matters here is not hypothetical. The question is not whether a foreign-controlled BMS could become a national security concern. The U.S. government has already answered that question. The question now is whether the policy response is sufficient, and whether the domestic industrial base exists to make it stick.
What the Telemetry Actually Is
A modern automotive BMS does not generate a simple log. It generates a continuous, high-resolution record of a battery system's electrochemical life. Every cell in the pack is being monitored for voltage, current, and temperature at intervals measured in milliseconds. The system is running recursive state estimation algorithms that infer properties you cannot measure directly, internal resistance, lithium plating onset, capacity fade rate, from the signals you can. The output of that process is not just numbers. It is a model of the battery, continuously updated, that encodes everything the pack has experienced and how it has responded.
What does that data reveal? More than most people outside of battery engineering appreciate.
Charging behavior tells you where vehicles are stopped long enough to charge, how often, and at what times. Aggregated across a fleet, that is a detailed map of American driving and energy habits, including patterns around military installations, government facilities, and critical infrastructure sites, not because the system is designed to capture that, but because geography is implicit in charging behavior. A vehicle that charges at the same location at 0630 every weekday is telling the system something specific about its operator's schedule and workplace.
Degradation signatures reveal operating environment in forensic detail. High temperature cycles indicate use in hot climates or high-stress duty cycles. Unusually deep discharge patterns indicate specific use cases. The spread of cell degradation across a pack tells a trained analyst something about how the vehicle is loaded and driven. A fleet of vehicles in federal government service, including law enforcement, military logistics, and emergency response, produces a degradation dataset that is, in aggregate, a remarkably detailed portrait of how those fleets operate.
Thermal event precursors are among the most sensitive data the BMS produces, precisely because thermal management is the domain where the system has deepest insight. A BMS that has observed thousands of packs approaching the edge of their safe operating range, and recorded exactly what the telemetry looked like before each event, possesses knowledge about battery failure modes that has significant value beyond vehicle engineering. It is knowledge about how to stress a battery system, and how to do so in ways that are difficult to attribute.
The data is not at risk of becoming a national security problem. It already is one. It is being generated right now, on American roads, by every vehicle running a pack whose intelligence layer was designed somewhere else.
The Sovereignty Question
The standard rejoinder to the above is that data flows in connected vehicles from every manufacturer, not just foreign ones, and that the concern about foreign BMS specifically is overstated relative to the broader connected vehicle data landscape. This rejoinder deserves a careful answer because it is half right.
It is true that American-made connected vehicles generate extensive telemetry. It is also true that the data sovereignty question attaches to who controls the software that decides what is collected, how it is processed, and where it goes. Those are not equivalent concerns when one manufacturer is domiciled in a country whose national security law compels domestic companies to cooperate with state intelligence services, and another is not.
The People's Republic of China's National Intelligence Law, enacted in 2017, requires Chinese organizations and citizens to support, assist, and cooperate with national intelligence work. The law's reach extends to Chinese companies operating internationally, and to the software and systems those companies control. A BMS whose algorithms were developed by a Chinese company, operating on a Chinese-designed hardware platform, with telemetry flowing through servers that are subject to that legal framework, is not in the same category as a BMS from a domestic or allied-country supplier, regardless of where the physical vehicle was assembled.
The question is not whether the data is being actively exploited today. The question is who holds the legal ability to compel access to it, and whether that ability constitutes an unacceptable structural vulnerability regardless of whether it is currently exercised. The U.S. government has concluded that it does.
In its March 2024 Advance Notice of Proposed Rulemaking, the U.S. Department of Commerce Bureau of Industry and Security identified six automotive software systems as potential focuses for national security regulation. Battery Management Systems were on that list, alongside vehicle operating systems, telematics systems, advanced driver assistance systems, automated driving systems, and satellite or cellular telecommunications systems.
The January 2025 final rule, which took effect March 17, 2025, established prohibitions on connected vehicle hardware and software with nexus to China or Russia. The rule was grounded in a finding that such technologies present an undue and unacceptable risk to U.S. national security. The rule's own preamble noted that China's military-civil fusion strategy, combined with the PLA's 2027 modernization objectives, makes the dual-use dimension of connected vehicle technology an active, not theoretical, concern.
The Government Saw It in the Hardware
The data sovereignty argument might remain abstract if it were purely inferential. It did not remain abstract.
In September 2025, Reuters reported on a Federal Highway Administration security advisory, disseminated in late August of that year, which stated that undocumented cellular radios had been discovered in certain foreign-manufactured power inverters and battery management systems deployed in U.S. highway infrastructure. The four-page advisory, which had not previously been reported, said the devices were found in equipment powering signs, traffic cameras, roadside weather stations, solar-powered visitor areas, and electric vehicle chargers across the U.S. highway system.
The advisory did not name a country of origin for the equipment with the undocumented radios. It did not need to. The context was unambiguous: the advisory came amid escalating government concern about Chinese technology in American transportation infrastructure, at a moment when multiple federal agencies had been conducting active inventory and assessment of foreign-manufactured energy equipment in critical systems. U.S. officials told Reuters the devices could allow foreign actors to trigger surges, send rogue commands, or conduct surveillance of roadside systems, potentially including the autonomous vehicle networks being developed along those same corridors.
This is not a theoretical extrapolation from data sovereignty principles. This is hardware, already in the ground, that U.S. officials did not know was there and could not account for. The BMS in that infrastructure was not incidentally collecting data. It was equipped with radio hardware that served no disclosed purpose. Whatever that purpose was, it was not disclosed to the buyers, the installers, or the operators of the systems containing it.
The Federal Highway Administration's four-page security note stated that undocumented cellular radios had been discovered in certain foreign-manufactured power inverters and BMS deployed across U.S. highway infrastructure. The advisory recommended that relevant authorities inventory inverters across the highway system, scan devices with spectrum analysis technology to detect unexpected communications, disable or remove any undocumented radios, and ensure proper network segmentation.
Reuters first reported the advisory in September 2025. The Chinese Embassy in Washington responded that it opposed what it called the distortion and smear of China's achievements in the field of energy infrastructure. No equipment was identified by name. No removals were publicly confirmed. The advisory remains unclassified.
The BMS Is the Soft Underbelly of the Hard Problem
The policy debate around Chinese technology in American vehicles has focused heavily on the visible layers: cameras, microphones, GPS, telematics control units, the components that an average person can understand as obvious surveillance vectors. The BMS has received less attention in the public debate because its data outputs are technical in character and require domain expertise to interpret.
That asymmetry is precisely why it matters more, not less.
A foreign actor with access to BMS telemetry from a fleet of government vehicles does not need a camera feed. They need an analyst who understands battery electrochemistry. The degradation signature of a battery pack that has been operating under heavy load in cold weather, charging and discharging in a pattern consistent with extended idle followed by rapid full-power demand, is legible to a trained engineer as a specific category of operational use. The kind of operational use that does not appear in public vehicle registries.
RAND's January 2026 analysis of China's connected energy systems put the concern precisely: the same connectivity that delivers efficiency and consumer benefits also creates exposure for governments. Operational dependence on foreign firmware means that access to updates and diagnostic tools remains under vendor control. If geopolitical tensions rise, that access could be restricted or weaponized. Data sovereignty means that granular operational data, including charging patterns, temperature profiles, and location data, processed or stored overseas raises both privacy and security concerns. And cybersecurity exposure means that proprietary code, without full visibility or certification, could harbor vulnerabilities that persist undetected.
All three of those concerns apply to the BMS specifically. The BMS is the system that controls charging. It is the system that monitors temperature. Its algorithms run on firmware that must be updated. And its code is proprietary, opaque to the OEM that integrates it, and certified under a process that validates safety but does not mandate transparency about what is being collected or where it goes.
The Enforcement Gap the Rule Cannot Close
The January 2025 BIS final rule is a meaningful step. It prohibits connected vehicle hardware and software with China or Russia nexus, effective March 2025 for new transactions, with phase-in periods extending to model year 2027 for VCS hardware. It reflects a serious regulatory effort to address a real vulnerability.
It cannot, by itself, solve the problem this series has been building toward. Here is why.
The rule prohibits future transactions. It does not address the installed base of foreign-managed BMS already operating in American vehicles. It does not reach the BMS in fleet vehicles acquired before the rule's effective date. It does not reach stationary energy storage systems, which are increasingly critical infrastructure and fall outside the passenger vehicle scope of the current rulemaking. And it does not create a domestic alternative. Prohibition without substitution means that compliance requires either a different foreign supplier, which trades one dependency for another, or a domestic option that does not yet exist at the scale and certification level the market requires.
The rule correctly identifies that the BMS is a national security concern. It does not fund the domestic industrial base that would allow the rule to be enforced without creating a supply crisis. Those are two different problems, and solving the first without addressing the second is incomplete.
Prohibition without substitution means that compliance requires either a different foreign supplier, which trades one dependency for another, or a domestic option that does not yet exist at the scale the market requires.
The Wall Is Made of People
Every structural argument in this series, the data flywheel, the certification moat, the sovereignty gap, has a corporate or regulatory character. It describes systems, institutions, legal frameworks, market dynamics. That framing is accurate but incomplete, because it obscures the most immediate and historically reliable threat vector: a single engineer.
The BMS intelligence layer is not stored in a vault. It lives in the heads and laptops and access credentials of the people who built it. An engineer with five years on the BMS team at LG Energy Solution carries, in working memory and in files they have legitimate access to, the data schema, the telemetry architecture, the firmware signing keys, the diagnostic access protocols, the API endpoints that govern what the system logs and where it sends it. They know which design decisions were made for engineering reasons and which were made for other reasons. They know what is visible to the OEM and what is not. They know the shortcuts and the legacy access points that exist in every real system and never make it into the spec.
That knowledge does not require a hostile act by LG to become a national security liability. It requires one person, for reasons that may have nothing to do with batteries or espionage, to make a different choice about their future.
This is not a theoretical scenario. It is a documented operational pattern targeting Korean battery companies specifically, with prosecuted cases and convicted individuals.
In January 2024, South Korean prosecutors referred five former and current employees of Samsung SDI and SK On to the Seoul Central District Prosecutors' Office for allegedly providing battery cell designs to Svolt Energy Technology, a Chinese company backed by Great Wall Motor. According to the Korea Times, the engineers were recruited at battery industry association events, enticed with high salaries and substantial bonuses. Svolt had entered the Korean market and unveiled a cobalt-free battery shortly after, prompting industry officials to raise suspicions about the speed of the development. In the same report, prosecutors confirmed that a former executive at LG Energy Solution had been indicted for taking money in exchange for leaking the company's trade secrets to an advisory broker.
A former LG Energy Solution employee was subsequently sentenced to three years in prison for leaking trade secrets. A former principal researcher at LG Energy Solution was referred to prosecutors in 2025 for leaking pouch-type battery technology after moving through the company's Nanjing plant in China. Former Samsung Electronics engineers were arrested, convicted, and in one case sentenced to six years in prison for leaking process technology to Chinese competitors. A former SK hynix engineer was arrested at a Korean airport before boarding a flight to China, carrying printed process documents.
In each of these cases, the target was cell chemistry, manufacturing process, or materials technology. The BMS software architecture, the intelligence layer, has not yet been the centerpiece of a public prosecution in the battery sector. That absence does not indicate the layer has not been targeted. It indicates that software exfiltration is harder to detect, leaves fewer physical traces, and is more difficult to prosecute than the removal of printed process documents or the departure of a senior executive to a competitor.
South Korean prosecutors have described a consistent methodology: Chinese companies recruit Korean engineers at industry conferences and association events, offering salaries that are described in court filings as "several million dollars" in some cases. The recruits do not always transfer to China immediately. Some are cultivated over time. Some transfer technology before departure. Some establish shell companies. The vector is patient, systematic, and specifically designed to exploit the gap between what an individual knows and what their employment agreement can prevent them from remembering.
The Thousand Talents Program and its successor structures operate on the same logic at a broader scale: identify individuals with access to specific, high-value technical knowledge, and create conditions under which that person chooses cooperation. The BMS engineer who understands the telemetry architecture of every car in GM's EV lineup is exactly the profile these programs are designed to reach.
The argument that LG is a South Korean company and therefore not subject to China's National Intelligence Law is correct as a matter of corporate law. It does not survive contact with the human variable. China does not need to compel LG. It needs to find one person inside LG for whom the right offer arrives at the right moment. A financial pressure. A family member in China being leveraged. A personal legal matter unrelated to their work. A gambling debt. The engineering knowledge does not stay inside the legal perimeter of the company that generated it. It moves with the person who holds it.
The wall protecting the intelligence layer of every Equinox, every Lyriq, every Bolt on American roads is partly a corporate structure and partly a regulatory framework and partly an international relationship. But it is also, in the places that matter most, made of human reliability. And human reliability is the specific, studied weakness that adversary intelligence services exist to exploit.
China does not need to compel LG. It needs to find one person inside LG for whom the right offer arrives at the right moment. The engineering knowledge does not stay inside the legal perimeter of the company that generated it. It moves with the person who holds it.
What the Data Sovereign Argument Demands
The argument that flows from Parts 1 through 3 of this series is now complete. Restating it plainly:
The BMS is the intelligence layer of the battery. It generates a continuous stream of operational data whose value extends well beyond vehicle engineering. That data is already flowing through systems designed by companies domiciled in countries whose domestic law can compel cooperation with state intelligence services. The U.S. government has identified this as a national security vulnerability and moved to address the supply side of the problem through the BIS connected vehicle rule. The supply-side prohibition is necessary but insufficient, because there is no domestic alternative ready to fill the gap.
The certification barrier that prevents domestic entrants from competing is not a technology problem. It is a capital and time problem. The capital required to clear ASIL-D from a standing start, combined with the time required to build a fleet-data advantage against incumbents who have been accumulating that data for a decade, is beyond what any rational private actor will fund against this competitive landscape.
That combination, a genuine national security vulnerability, a market failure private capital cannot correct, a specific legible barrier with a known cost structure, and a proven model from recent American history for addressing exactly this type of problem, is the argument for what comes next.
Part 4 builds the program. It names the funding level, the institutional home, the program structure, the exit condition, and the political argument for why this is not a subsidy but a mission. It proposes what it looks like when the government decides to build the domestic version of the wall instead of waiting for the market to do it on its own.
The data is already flowing. The question is how long we wait before we have something to replace it with.