Data security concerns with Chinese and other nation cars
The security of data in cars from China and other nations has become a focal point of concern, prompting action from the United States government. President Joe Biden has signed an executive order empowering federal agencies to investigate potential data risks associated with Chinese and other foreign-made vehicles, particularly those equipped with self-driving or autonomous capabilities.
Despite their allure of affordability and advanced features, vehicles from nations like China, exemplified by brands such as BYD, have garnered considerable interest among Americans, particularly in urban areas where their cost can be as low as a quarter of that of a Tesla.
Nevertheless, the proliferation of these electric cars has raised significant security apprehensions, which have either been overlooked or inadequately addressed. Consequently, the White House has mandated the Computer Emergency Readiness Team (CERT) to scrutinize the operations of these autonomous electric vehicles, which amass substantial amounts of data through drivers, cameras, and sensors, often transmitted to servers located abroad.
The Commerce Department will collaborate in this assessment, soliciting feedback over a 60-day period before formulating regulations to address national security concerns associated with these automakers, particularly those engaged in partnerships with taxi services across states like Texas, New York, Florida, Chicago, and California.
It’s imperative for readers to recognize that companies like Huawei and ZTE have faced trade bans in the United States since 2018, dating back to the administration of former President Donald Trump.
Restrictions on Mass Data Sale and Transfer to Adversarial Nations
In a bid to safeguard national security and privacy, the Biden administration has imposed restrictions on the transfer and sale of mass data to servers operating in adversarial nations. The executive order aims to prevent data brokers from acquiring sensitive information such as biometrics, personal health data, geolocation, financial records, and other personally identifiable information (PII), which could pose significant risks to the American populace.
Such data is often highly sought after on illicit online platforms, enabling malicious actors to construct profiles and track individuals. Governments of adversarial nations may exploit this information for surveillance, scams, extortion, or even targeted attacks, as evidenced by incidents like the Salisbury Poisonings.
However, enforcing such regulations effectively presents challenges, particularly in the digital age. With many companies operating within hybrid environments, managing data becomes increasingly complex, making comprehensive oversight a formidable task.
