The next target for China’s cybersecurity crackdown will be the pools of data collected by the latest generation of cars. This approach risks Beijing shooting itself in the foot, and jeopardizing its ambitious plans to lead the global race for electric and autonomous vehicles.
China wants to have control over the information cars have about their drivers, the roads they traverse and the faces and voices they pass, according to a draft law on data-security management for the automotive industry first issued in May. It seeks to ensure manufacturers across the auto supply chain keep data in the country and pass a government security evaluation if it’s sent overseas.
Operators that process personal information of more than 100,000 individuals, or what preliminary rules have broadly defined as "important data,” are required to report it to regulators, provincial governments and a host of other official bodies. The rules apply to almost every situation in which people find themselves in or near a car, creating a host of ambiguities.