China’s tech regulator orders smart vehicle makers and telecom operators to enhance data and network security

China’s main technology industry regulator has urged telecommunications companies, internet of vehicles (IoV) manufacturers, and relevant service providers to ramp up data security, in a new regulatory push that could increase compliance costs for firms such as Tesla in China.

The Ministry of Industry and Information Technology (MIIT), one of China’s top government bodies overseeing the smart car industry, asked companies to carry out “network security compliance evaluations and risk assessments” on a regular basis to eliminate hidden risks in a timely manner, according to a notice published Thursday. Businesses are required to retain collected data for at least six months.

China’s drive to strengthen the management of data generated by increasingly intelligent vehicles is part of a broader national campaign to bolster the government’s control on digital data. Smart cars, which can record data related to the vehicles’ operation as well as road conditions and location information, are seen as a key area for regulation.

07:30

Why China is tightening control over cybersecurity

Why China is tightening control over cybersecurity

While Tesla has data centres in Shanghai to store data collected in China, some Chinese government and military compounds continue to ban the brand’s vehicles from entering.

Wednesday’s notice from the MIIT requires intelligent and connected vehicle (ICV) companies and IoV platform enterprises that send “important data” collected in China overseas to conduct data security assessments in accordance with laws and regulations. They also need to report to local regulators.

These companies, including state-owned China Mobile, China Unicom and China Telecom, are encouraged to make use of a security management platform run by MIIT to promote “cross-model, cross-facility, and cross-enterprise connection”.