The Cyberspace Administration of China (CAC) released draft rules on automotive data security and management on May 12, imposing new restrictions on user data collection and processing of automakers, as reported by Caixin on the same day. According to the proposed regulations, automobile data operators should adhere to five principles when handling personal information and important data, namely: in-vehicle processing, anonymization, minimum retention period, accuracy range application, and non-collection default. Automobile data operators include car makers, dealers, software providers, ride-hailing firms, and others. In addition, automotive data operators should store information collected within China’s border and obtain CAC’s approval before offering them overseas.

Although existing domestic regulations attribute the control of driving data to consumers, the fact is that automakers still master the vehicles’ data. At present, whether automobile data operators can collect personal information, and the range of information application and storage are not clearly defined by relevant departments. Last month, US electric vehicle (EV) maker Tesla was censored in China over driving data and security issues. Involved in the leakage of user privacy and infringement of consumer rights, Tesla’s Model Y sales decline by nearly 10,000 units from the previous month, according to data from the China Passenger Car Association. Regarding the newly proposed rules, Tesla made a quick response via social media to voice its support of standardizing data collection on May 12, and stated it was building a data center in the country.

In order to achieve intelligent transformation, automakers have been equipping more cars with cameras and sensors to collect important data, such as geographical locations, biometric features, driving habits, as well as audio and video records. Based on this situation, regulating the use, sending, and storage of those data is an emerging challenge for the auto industry and Chinese regulators. Chinese authorities have released intensive regulatory measures, intending to put forward requirements from different perspectives. On April 7, the Ministry of Industry and Information Technology (MIIT) issued the Intelligent Connected Automobile Production Enterprise and Product Access Management Guide (Trial). National Information Security Standardization Technical Committee (NISSTC) also launched draft regulations for intelligent connected vehicles (ICV) on April 28.

Sources:

https://www.scmp.com/tech/policy/article/3133325/tesla-quick-show-support-chinas-new-data-collection-rules-after-sharp

http://www.autoinfo.org.cn/autoinfo_cn/content/news/20210514/3034086.html

https://www.sohu.com/a/466211494_156265

https://www.caixin.com/2021-05-08/101707966.html

https://www.caixin.com/2021-05-12/101710597.html