abstract:intelligent automobilegeneratedData acquisition from、From transmission to processing, the whole life cycleexistSecurity risk, especially cross-border data transmission. The data assets that car companies compete for may threaten national security.
Text | Caijing reporter Liu Yuyuan Editor | Shi Zhiliang
On April 6th, a high-definition picture taken by a Tesla in-car camera released by a foreign hacker attracted widespread attention. The clarity and color richness in the video picture were extremely high, and the faces and movements of the people in the car were clearly photographed.
Many netizens in China also commented, fearing that Tesla cameras would invade personal privacy. "Tesla should understand that the privacy involved in the car is not what you want to take, you can take it!" Weibo, official of Xinhua News Agency, commented. In response, Tesla responded that the cab camera is currently not activated in markets outside North America.
On April 7th, there was a rumor on the Internet that dmv, Pudong, Shanghai restricted Tesla owners from licensing. "My friend is not a Tesla owner, but he heard a staff member at the vehicle management office saying that Tesla can’t handle business and doesn’t have to queue up." Netizen Zhang told Caijing reporter.
On April 8, when Caijing reporter visited Pudong Vehicle Management Office, he learned that there were no relevant regulations. At present, all Tesla businesses can be handled according to the process. However, the person in charge of the pre-trial number window said that there were indeed two or three hours yesterday to suspend the licensing of Tesla’s old cars and other related businesses, but there were no restrictions on the licensing of new cars, and the specific reasons were unknown.
People in Tesla’s marketing department, who did not want to be named, told Caijing that they had not heard of the Shanghai Vehicle Management Office’s restrictions on Tesla’s licensing. Some netizens speculated that the "rumor" that Tesla was restricted by the vehicle management office originated from the recent storm that Tesla’s in-car camera violated the privacy of the owner.
Caijing reporter learned from Professor Yang Diange, the founding president of Tsinghua University Institute of Vehicles and Transportation, that data security and innovation should not be neglected, but cross-border transmission should be strictly managed under the condition of incomplete technical means and imperfect management system.
"The simplest solution is to introduce some very strict regulations to prevent it from using these data, but it blocks the road of technological innovation. In 2020, the Ministry of Industry and Information Technology organized a series of standards, which clearly defined personal information, sensitivity and graded protection, so you don’t have to worry too much. " Yang Diange said.
Subtitle 1:Deep in the privacy storm, Tesla frequently responded.
Unmanned driving requires a large number of data samples from the car and the road, which is also the root of Tesla’s autonomous driving technology. Tesla’s "shadow mode" under Autopilot can use its hundreds of thousands of customer cars equipped with a series of sensors to collect road and driving data, test and strengthen its automatic driving system.
However, Tesla’s collection of user data once triggered discussions on user privacy and data sovereignty. In the past month, Tesla has been on the hot search many times because of data and privacy issues.
On March 20th, elon musk, CEO of Tesla, talked with Xue Qikun, an academician of China Academy of Sciences and president of south university of science and technology of china, at the China Development Forum. He said that Tesla would not use the collected data for espionage, because it would seriously affect Tesla’s development.
"Tesla is willing to use the highest level of confidentiality measures and hopes to create a future of mutual trust with everyone." Musk’s remarks seem to respond to a previous rumor: a notice from a resident of a suspected military compound shows that Tesla is equipped with a series of technical devices that can expose the target position. In order to ensure military secrets, it is forbidden to enter and park the brand vehicles in the area where the family courtyard belongs.
In a report in March, The Wall Street Journal also quoted insiders as saying that the China government began to restrict the use of Tesla by military personnel and employees of key state-owned enterprises, and some institutions required employees not to drive Tesla to work, and prohibited them from driving into residential areas of sensitive enterprises. Bloomberg reported that authorities in China asked Tesla owners to park their cars outside sensitive property to prevent the on-board camera from collecting data.
The aforementioned Tesla people said that the incident of prohibiting Tesla from entering the military compound was true.
In addition to the environment and route photographed by the camera outside the car, Tesla’s in-car cab camera has also been accused of violating the privacy of the owner recently. On April 6, a high-definition picture taken by a Tesla camera released by a foreign hacker attracted widespread attention.
In response, on the morning of April 7, Tesla responded that the cab camera has not been activated in markets outside North America. Even in the United States, car owners are free to choose whether to open it or not. Tesla is equipped with a network security system with the world’s leading security level to ensure the privacy protection of users.
Previously, Tesla’s in-car camera has repeatedly raised questions from foreign netizens. Musk once said on Twitter that he would take back the trial rights of some car owners’ FSD beta (fully autonomous driving beta) because these car owners did not pay enough attention to the road conditions when using the FSD beta function. Some netizens asked, "How does Tesla know the behavior of the owner? Is the camera in the car facing the driver?" Musk clearly answered the netizen: "Yes."
The core of Tesla’s questioning is why the camera facing the owner should be placed in the car. Musk’s response suggests that Tesla’s camera is used to monitor whether the driver is driving safely. However, take the Model 3 model with a camera above the rearview mirror as an example. Although the Owner’s Manual tells the location of the camera and is in a state of "not yet activated", it does not specify the function of the camera.
In fact, it’s not just Tesla who has a camera in the car.
There are as many as 14 body cameras in Xpeng Motors P7, among which one camera is installed above the steering wheel in P7. However, at present, P7′ s official website configuration introduction and user manual do not introduce this camera and its purpose.
Weilai proposed in the Privacy Policy that the camera in the car is on standby after being powered on, and will not take photos, video or collect other personal information except for a few special circumstances. Special circumstances include: in order to detect fatigue driving, facial information such as whether the driver closes his eyes will be collected; When the courier opens the trunk or the vehicle is stolen, the camera on the roof will take photos or take pictures: the airbag will trigger related functions after it pops up, and actively collect the image data in the car when the user does not answer.
In addition, Zhiji Automobile, which is about to be released in mass production, has also installed the super car intelligent camera system Carlog in the car, but it is mainly used to help the car owner shoot the scenery of the front windshield that simulates the car owner’s perspective.
From the functional point of view, the camera in the car is helpful to improve driving safety and provide users with images in the car, but the opposite of safety is often the risk of privacy invasion.
Subtitle 2: Tesla and other foreign car companies.It is necessary to establish a data center in China.
On February 8 this year, five ministries and commissions, including the State Administration of Markets, interviewed Tesla about its OTA function. What caused widespread controversy was that the Central Network Information Office appeared in five ministries and commissions.
Data-driven and software-driven have become the symbols of many smart car companies, and the data contributed by car owners has also become one of the most valuable assets of car companies, but data security and user privacy have always been in a controversial stage.
The data generated by smart cars are mainly divided into two parts. One is vehicle data, including geographic location, system information and business-related data. The other category is mainly user data. After the car networking application quickly gets on the bus, the car is more like a mobile phone, with a large number of rich applications, and WeChat will also access the user account, including access records. On the other hand, some new application scenarios, such as in-car cameras and in-car microphones, will also involve users’ personal data privacy.
On April 7th, in the "Focus Observation" column of China electric vehicle committee of 100, Caijing reporter learned from Professor Yang Diange that the road information collected by smart cars to improve autonomous driving technology is likely to be illegally collected and endanger national security.
"In the process of vehicle driving, the lidar collects the driving data outside all the time, and the camera also collects the information of the road surface all the time. This information is likely to involve sensitive locations and the content is illegal. Not only is the content illegal, but some laser radars have high accuracy, which may cause illegal accuracy and should not achieve such high accuracy. " Yang Diange said.
The owner’s privacy is also threatened. Wang Pengpeng, a special associate researcher at the School of Law of East China University of Science and Technology, told Caijing that according to the law, the data generated in the use of automobiles must be "desensitized" before they can be transmitted, stored and applied in the intelligent research and development of automobile enterprises, and the privacy sensitive privacy data of the owners can also be screened out.
"At present, the data security and data attribution related to automobiles are still in the legal blank stage, but what is more questioned at present is that some data collected by automobiles, such as action tracks, must have human attributes, and legally it is information that needs to be desensitized, which may greatly reduce the technical contribution to deep learning of driverless automobiles." Wang Pengpeng said.
In his view, to balance data security and technological progress, a better solution is to establish a data platform processing center, but the government must be involved in supervision, especially foreign-related enterprises like Tesla.
According to the "Intelligent Networked Automobile Manufacturing Enterprises and Product Access Management Guide (Trial)" (hereinafter referred to as the "Opinion Draft") issued by the Ministry of Industry and Information Technology on April 7, intelligent networked automobile manufacturing enterprises should collect, use and protect personal information according to law, implement data classification and classification management, formulate important data directories, and must not disclose sensitive information related to national security.
It is worth noting that it is mentioned in the Opinion Draft that personal information and important data collected and generated during operations in People’s Republic of China (PRC) should be stored in China in accordance with relevant regulations. If it is really necessary to provide it overseas due to business needs, it shall be reported to the competent department of industry.
Cross-border data transmission of smart cars is a new problem, which is actually related to national security. However, there is no effective supervision mechanism for data transmission at present, and it is very difficult to rectify and repair the data as long as it is spread out, such as classified geographic information.
"In the case that our technical means are not complete and our management system is not perfect, we should adopt a strict management method for cross-border transmission. We should’ block’ the data as soon as possible and put it in China, and it is not allowed to flow out. After the study is clear, these desensitized data that really need to be transmitted and not classified can be transmitted for joint research and development in the global scope. However, before the research is clear and the control means are perfect, the data should be strictly stipulated to stay in China. " Yang Diange said.
The industry predicts that after the release of the Opinion Draft, foreign car companies such as Tesla need to set up a special data processing center in China, just like Apple’s data center in Guizhou.
In July 2020, BMW Group and Tencent jointly established a computing center to develop autonomous driving technology and products that are more in line with the China market. According to relevant sources, the platform will land in Tianjin.
In June, 2020, it was reported in shanghai securities news that the user data and authentication service of Tesla China will be moved from the United States to China, that is, the server will be moved to China, thus solving the problem of unstable connection of Tesla App and meeting the data processing and storage requirements of sensitive information.