The Preventing Remote Operations by Threatening Entities on Critical Technology for the Grid Act, or the PROTECT the Grid Act, aims to address national security risks to the United States electric grid. Congress finds that the rapid increase in high-wattage Internet of Things (IoT) devices, such as smart appliances and electric vehicle chargers, combined with applications controlled by foreign adversaries, creates a pathway for large-scale, coordinated manipulation of power demand. These foreign entities, particularly those under the jurisdiction of the People's Republic of China, are seen as blurring the lines between commercial activity and state-directed strategic interests, posing a significant threat to grid stability. The bill highlights that foreign adversary-controlled companies are actively deploying these high-wattage IoT devices and collecting detailed consumer data, giving them the ability to directly manipulate demand on the electric grid. Academic studies support the concern that such "MaDIoT" (Manipulation of Demand via IoT) attacks could lead to widespread blackouts and damage to critical infrastructure. Therefore, the Act seeks to ensure that smart applications embedded in home appliances are secure and cannot be exploited by foreign adversaries to compromise energy infrastructure. To address these concerns, the Act directs the Secretary of Commerce , in coordination with other relevant federal officials, to submit a report to Congress within 270 days of enactment. This report will assess the national security risks associated with foreign adversary-controlled applications that have the capability to attack or undermine critical infrastructure in the United States. It must consider the extent of high-wattage IoT device deployment, specific risks from foreign adversary-controlled applications, potential impacts on national security, and input from various stakeholders. The report is also required to include recommendations for mitigation measures to address any identified national security risks. These recommendations may involve applying Executive Order 13873 to IoT devices, restricting federal government procurement of consumer products with foreign adversary-controlled applications, and implementing certification or labeling requirements for high-wattage IoT devices. Finally, the bill codifies Executive Order 13873 into law, reinforcing existing national security initiatives to secure the information and communications technology and services supply chain against manipulation by foreign adversaries.