HB 1608 requires the Secretary of Homeland Security, in coordination with the Administrator of the Transportation Security Administration and the Director of the Cybersecurity and Infrastructure Security Agency, to submit to Congress a report on the Department’s efforts to prevent, deter, and respond to vehicular terrorism within 180 days of enactment. The report must assess current and emerging threats, analyze methods and motivations of attackers, and evaluate domestic and international trends, with particular attention to how connected and autonomous vehicles, ADAS-equipped vehicles, and ride‑sharing platforms could be misused.
It also directs a review of higher-risk locations and events, including airports, seaports, government facilities, power infrastructure, mass gatherings, and crowded soft-targets. The act calls for interagency and private‑sector engagement, outlines potential protective technologies and countermeasures, and requires the publication of an unclassified executive summary while preserving any classified material.
Finally, the Secretary must brief Congress within 30 days after the report’s submission on findings and recommendations.
At a Glance
What It Does
Not later than 180 days after enactment, the Secretary of Homeland Security, in coordination with TSA and CISA, must submit a report on DHS efforts to prevent, deter, and respond to vehicular terrorism. The report includes threat assessment, high-risk location review, private-sector engagement, potential technologies, and privacy considerations, with a classified core and an unclassified executive summary.
Who It Affects
Affects DHS components (including DHS, TSA, and CISA), federal, state, local, tribal, and territorial partners, private-sector mobility and vehicle‑tech firms (ride-sharing platforms, rental car companies, ADAS/connected-vehicle vendors), and critical infrastructure owners such as airports, seaports, and healthcare facilities.
Why It Matters
Establishes a formal, cross‑agency, cross‑sector process for understanding and countering vehicle‑based threats; informs security investments and policy choices; and creates public transparency through an unclassified executive summary while preserving sensitive material.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill centers on a concrete reporting obligation from the Department of Homeland Security. It requires DHS (with TSA and CISA) to produce a detailed, forward‑looking assessment of vehicular terrorism threats, including how new vehicle technologies could be exploited by attackers.
The document outlines a broad set of elements the report must cover—threats, locations most at risk, private‑sector cooperation, and the interagency and interjurisdictional steps needed to mitigate risk. The aim is to build a shared understanding across federal, state, local, tribal, territorial, and private-sector partners so that protective measures can be designed and deployed in a coordinated way.
The scope includes not only current threats but also anticipated developments in connected and autonomous vehicles, ADAS capabilities, and the cybersecurity risks those systems create. Higher‑risk sites are cataloged to help authorities prioritize protective barriers, geofencing, surveillance, and rapid containment protocols.
The bill also contemplates ongoing engagement with private‑sector players—rental fleets, ride‑sharing platforms, and vehicle manufacturers—to establish industry best practices and information-sharing protocols. In addition, the legislation emphasizes privacy and civil liberties protections, ensuring that countermeasures are implemented in a rights-respecting manner and with public‑facing education to build trust.A central feature is the unclassified executive summary, which will be publicly posted, while the report itself may remain classified where necessary.
The Secretary must brief Congress within 30 days of submitting the report, sharing conclusions and recommendations to enable timely oversight and decision-making by lawmakers.
The Five Things You Need to Know
The bill requires a DHS‑led report on vehicular terrorism within 180 days of enactment.
The report must assess current and emerging threats, including autonomous and ADAS-enabled vehicles and cybersecurity risks.
It identifies high‑risk locations and events to target protective measures.
It requires ongoing private‑sector collaboration and data sharing with industry partners.
An unclassified executive summary must be published and Congress briefed within 30 days of submission.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
This act may be cited as the Department of Homeland Security Vehicular Terrorism Prevention and Mitigation Act of 2025. The short title provides a readable reference for oversight and implementation.
Findings
Congress identifies the ongoing and evolving threat of vehicular terrorism, highlighted by past attacks and the increasing role of connected vehicle technologies, autonomous systems, and ride‑sharing platforms. The findings justify a comprehensive federal response and cross‑sector collaboration to strengthen prevention, preparedness, and response capabilities across all levels of government and the private sector.
Report on Emerging Threats and Countermeasures
This section requires the Secretary of Homeland Security, within 180 days of enactment, to submit a comprehensive report on DHS efforts to prevent, deter, and respond to vehicular terrorism. The report must cover threat assessments, high‑risk locations, private‑sector engagement, protective technologies, and coordination with law enforcement, with a focus on privacy protections and civil liberties. The final report may be classified, but an unclassified executive summary must be published online, and DHS must brief Congress within 30 days of submission. The section also defines key terms and clarifies which congressional committees are appropriate for oversight.
This bill is one of many.
Codify tracks hundreds of bills on Government across all five countries.
Explore Government in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- DHS components (the Secretary’s office, TSA, and CISA) gain a structured framework for threat assessment and interagency coordination.
- State, local, tribal, and territorial law enforcement agencies benefit from clarified guidance, joint exercises, and improved access to threat information.
- Private-sector mobility and vehicle‑tech firms (ride‑sharing platforms, rental fleets, ADAS vendors, and manufacturers) receive cooperation channels and industry best practices to harden systems.
- Owners and operators of critical infrastructure (airports, seaports, power facilities, healthcare facilities) obtain guidance on protective measures and rapid response protocols.
Who Bears the Cost
- Private-sector partners may incur costs to implement countermeasures, share data, and adhere to security practices.
- State and local governments may need resources for training, exercises, and interagency coordination.
- DHS and federal agencies may require funding to support analysis, research, and deployment of recommended technologies and countermeasures.
- Vehicle technology vendors and manufacturers might incur compliance costs to align with security standards and threat‑intel sharing requirements.
Key Issues
The Core Tension
The central dilemma is balancing robust vehicle‑based threat mitigation with the protection of civil liberties and the equitable distribution of costs across federal, state, and private sectors.
The bill opens a pathway for aggressive risk reduction through new technologies and cross‑sector collaboration, but it also raises tensions around privacy, civil liberties, and the cost of implementation. The reliance on surveillance capabilities, geofencing, and AI‑driven threat detection could lead to concerns about data collection, profiling, and misidentification if not paired with robust governance and oversight.
There is a risk that smaller jurisdictions or private‑sector partners with limited resources could struggle to meet standards, creating gaps in coverage or uneven protection. The legislation defers meaningful funding and procurement questions to future appropriations and policy development, which could slow adoption of protective measures.
You should expect debates over who bears the cost, how data is shared, and how performance and privacy will be measured over time.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.