Caixin
Aug 13, 2021 09:39 PM
BUSINESS

New Guidelines Require Automakers to Better Manage China Data

New-energy vehicles sit on display at the 2021 Shanghai Auto Show on April 25. Photo: VCG
New-energy vehicles sit on display at the 2021 Shanghai Auto Show on April 25. Photo: VCG

New guidelines require automakers to better manage the data they collect in China and improve the safety of self-driving cars, as the sector comes in for scrutiny as part of a broader push for increased oversight of data management.

Makers of internet-connected vehicles should establish “comprehensive vehicle data and security management systems” and store personal information and key data generated in China within the country’s borders, according to rules published (link in Chinese) on Wednesday by the Ministry of Industry and Information Technology. Any data that is exported should pass a security assessment, the ministry said.

Companies should clearly spell out the functions and limitations of their assisted or autonomous driving systems, as well as the responsibilities of the driver. The ministry also recommended carmakers adopt the domestically developed BeiDou satellite navigation system in their vehicles.

Automakers will also need to inform the ministry and obtain its approval for any over-the-air software update, the notice said.

Apart from regulations on data storage, the ministry said companies should also step up cybersecurity efforts to detect threats to networks, ensuring the safe operation of their vehicles.

The rules, which follow data collection regulations for carmakers announced by the Cyberspace Administration of China in May, come as concerns have been raised over privacy, safety and national security in smart vehicles such as Tesla’s.

 Read more  
How Are Automakers Responding to China’s New Car Data Protection Rules?

Tesla became embroiled in a publicity crisis following a viral protest at the Shanghai auto show in mid-April over access to vehicle data related to a crash. That followed a spate of accidents in China that soured public opinion toward the California-based company.

As regulatory pressure ramped up, Tesla eventually shared the driving data linked to the said accident, and in May, the carmaker said it had built a new data center in Shanghai to store information gathered on local users and their vehicles.

In June, Tesla said it would recall more than 285,000 electric vehicles sold in China to address safety risks associated with its cruise-control function following an investigation conducted by the country’s market regulator (link in Chinese).

The recall led to a 69% plunge in Tesla’s domestic car sales in July from a month earlier, Bloomberg reported based on data from the China Passenger Car Association (link in Chinese). However, exports from its Shanghai factory almost quintupled to 24,347 vehicles, bringing overall Tesla China shipments to 32,968, a decline of just 0.6%.

The new guidelines are in line with the government’s broader tightening of national cybersecurity and personal data policies, such is the case of ride-hailing giant Didi Global Inc., truck-booking platform Manbang Group and the operator of recruitment platform Boss Zhipin, all of which had recently listed in the U.S. and are now facing investigations from China’s Cybersecurity Review Office.

In a follow-up move, the Cybersecurity Administration of China announced in July a draft revision to its cybersecurity review measures, saying that any Chinese company that holds the personal information of 1 million or more users would have to seek a government review before listing abroad.

Contact reporter Kelsey Cheng (kelseycheng@caixin.com) and editor Joshua Dummer (joshuadummer@caixin.com)

Download our app to receive breaking news alerts and read the news on the go.

Get our weekly free Must-Read newsletter.

You've accessed an article available only to subscribers
VIEW OPTIONS
Share this article
Open WeChat and scan the QR code