Total Coincidence, I'm Sure

A follow-up to All This Has Happened Before
Part of the Big Tech's War on Users series

I told you to watch the thread.

Here's what the thread looks like now.

Thirty days ago I said the most likely outcome was messy — some manufacturers get approved, some don't, nothing resolves cleanly. What I didn't expect was how fast the approval queue would start answering questions nobody was willing to ask out loud.

So far, two companies have received conditional approval from the FCC to keep selling new consumer routers in the US despite the March 23rd blanket ban on foreign-made hardware: Adtran, which is an Alabama-based enterprise networking company most consumers have never heard of, and Netgear.

Both approvals came with the same explanation from the FCC: the Department of War reviewed the applications and determined the products "do not pose risks to US national security."

That's it. That's the whole explanation. No criteria. No methodology. No indication of what specifically separates an approved router from a banned one, given that Netgear manufactures in Indonesia, Vietnam, and Thailand — the same general neighborhood as every other manufacturer on the banned list.

The conditional approval process formally requires applicants to submit a detailed, time-bound plan to establish US manufacturing. Netgear has made no public commitment to US manufacturing. They filed no relevant disclosures with the SEC — which, for a publicly traded company planning a major capital investment, would be legally required. Their website still lists Indonesia, Vietnam, and Thailand as their manufacturing locations.

So either the manufacturing plan requirement is real and Netgear submitted something that doesn't exist publicly, or the requirement is more aspirational than mandatory and the actual bar is something else entirely.

Nobody is saying what the actual bar is.

Here's my working hypothesis, offered with full acknowledgment that I cannot prove it and probably never will.

Somewhere in a government facility, in the months before this ban took shape, someone opened a server cabinet and saw Netgear hardware. A lot of it. Because Netgear is US-headquartered, has been the default "safe enough" procurement choice for a decade of government-adjacent network buildout, and is the brand you buy when you need to check a box that says "American company."

Nobody looked at the back of the box. Nobody asked where they were made. The C-TPAT certification was already there. Box checked. Filed. Forgotten.

Fast forward to 2026. Someone at DoW is reviewing Netgear's conditional approval application and the institutional memory goes: oh. Oh no. We have these everywhere.

And instead of surfacing that, someone writes "does not pose risks to US national security" and signs it. Because the alternative is explaining to someone with a gavel how the Department of War has been running its internal networks on hardware from Vietnam and Indonesia for a decade while simultaneously telling everyone else it's a national security crisis.

This requires zero malice. No stock tips. No corruption. Just a procurement decision made on superficial criteria years ago, an embarrassing collision with current policy, and institutional instinct to make the problem quietly disappear.

Classic government accidentally paints itself into a corner and tiptoes out when nobody's looking.

TP-Link's situation has developed in ways that are, depending on your appetite for coincidence, either completely unremarkable or extremely funny.

First, the timeline matters here.

By January 2025 — well before the ban — TP-Link's founder and CEO Jeffrey Chao had already applied for a US green card, opened a new headquarters in Irvine, and was talking publicly about investing $700 million in US manufacturing. He saw which way the wind was blowing. He was positioning.

Then in March 2026, the positioning got more expensive. Chao applied for permanent residency under the Trump Gold Card program — which requires a $1 million "unrestricted gift" to the Commerce Department. And then TP-Link proactively told the federal agencies investigating them about it. Not as an afterthought. As a credential.

That's a very expensive credential.

The ban dropped four days later anyway. A month after that, they got a meeting — with lawyers and consultants speaking to staff for Commissioners Trusty and Gomez, making the case that TP-Link is a US company that deserves an exemption.

The same week as that meeting, the NSA and FBI issued an advisory naming TP-Link routers specifically for vulnerabilities being actively exploited by Russian GRU hackers. So TP-Link is simultaneously arguing it deserves approval and being name-checked in active federal threat advisories.

That's a rough week.

I'm not saying money buys regulatory outcomes.
Not at all.
Total coincidence, I'm sure.

Here's the part that could unravel all of it.

DJI filed a brief this week in the Ninth Circuit that reframes their drone ban fight as a constitutional separation-of-powers problem. The argument: if the FCC's Public Safety and Homeland Security Bureau staff can ban entire product categories from the US market with no Commission vote and no judicial review, those Bureau members are exercising authority the Constitution reserves to properly appointed officers under Article II.

The router ban uses the exact same mechanism. Same Bureau. Same Covered List. Same no-vote, no-review process.

DJI hired the former US Solicitor General and a former FCC enforcement chief to make this argument. That's not accidental. If the Ninth Circuit takes it seriously, the implications don't stop at drones. They ripple into every Covered List designation the FCC has ever made.

Including the router ban.

Including, potentially, whatever criteria — stated or unstated — are being used to decide who gets a conditional approval and who doesn't.

Stand back and look at the shape of this thing.

The ban was announced as a national security measure covering all foreign-made consumer routers. Three weeks later, the first approval goes to a company whose hardware is already in government facilities, with no public explanation and no manufacturing commitment. The CEO of the second major company in the queue wrote a million dollar check to the administration, told investigators about it as a credential, and got a meeting a month later. The legal mechanism the whole thing rests on is currently being challenged in federal court as constitutionally hollow.

And TP-Link — the company this was all arguably aimed at from the beginning — is being name-checked in active threat advisories while trying to prove it's American enough to sell you a router.

The ban was always the opening move. I said that last time.

What I didn't say, because I didn't have enough data points yet, is that the opening move appears to have been made with loaded dice.

Watch the approval queue. Watch the Ninth Circuit. And watch what happens to TP-Link — because however that resolves, it's going to tell you exactly what this was actually for.