The U.S. Commerce Department plans to unveil proposed regulations next month concerning connected vehicles, with a specific focus on critical software components manufactured in China and other nations deemed as adversaries.
Alan Estevez, the department’s export controls chief, announced last week that the rules will target components responsible for managing vehicle software and data, requiring them to originate from allied countries.
This regulatory initiative follows Commerce Secretary Gina Raimondo’s May announcement of forthcoming rules specifically addressing Chinese-linked vehicles, to be published later this year. Raimondo indicated that the Biden administration could take drastic measures, such as banning Chinese-connected vehicles or imposing restrictions, following a probe initiated in February into potential national security risks posed by Chinese vehicle imports.
Estevez’s remarks at a forum in Colorado represent the clearest indication to date of the administration’s stance on Chinese vehicles, which have raised significant concerns. He underscored the seriousness of the cybersecurity threat, noting that modern vehicles, equipped with sophisticated software and network infrastructure, gather extensive user data, posing vulnerabilities to security breaches.
Connected vehicles, equipped with integrated network hardware enabling internet connectivity, have the capability to exchange data with both internal and external devices. Estevez emphasized these risks, stating, “A car is formidable. Your vehicle gathers a wealth of information about you, from software updates to driving habits, connectivity to personal devices and location tracking.”
In response to potential U.S. actions, the Chinese foreign ministry urged adherence to market economy laws and fair competition principles, asserting the global popularity of Chinese cars driven by technological innovation and robust market competition.
In her May remarks, Raimondo warned of potential catastrophic consequences if software in millions of connected vehicles were compromised. Despite relatively low imports of Chinese-made light-duty vehicles, the Biden administration has proposed substantial tariff hikes on Chinese electric vehicles and other goods, set to be implemented by Aug. 1.
Looking forward, the Automotive Edge Computing Consortium (AECC) forecasts that by 2025, global connected vehicle numbers will reach approximately 100 million, with data transmissions between vehicles and the cloud totaling about 10 exabytes per month — equivalent to 10 billion gigabytes.
According to a 2021 white paper titled, “Distributed Computing in an AECC System,” the AECC outlined best practices for distributed computing to manage the substantial data volumes associated with connected vehicles. Notable members of the AECC board include Toyota, Intel, Ericsson, Denso, Samsung, Dell-EMC, Nippon Telegraph and Telephone (NTT) and KDDI Research.
The report emphasized the unique challenges posed by connected vehicles.
“For connected vehicles, the amount of uploaded data is massive, concentrated (in time and location) and often time sensitive,” the report said.
In contrast to conventional consumer mobility services, which predominantly involve data flowing from providers to consumers, connected vehicles primarily transmit data to service providers. This operational dynamic underscores the critical need for distributed computing capabilities within AECC systems to uphold optimal service standards, particularly those intricately tied to vehicle functionalities, per the report.
Privacy has always been a key issue as the topic of connected vehicles picks up steam.
Revelations in a New York Times report highlight a troubling reality for drivers: detailed records of every trip, including speed and abrupt braking, are meticulously logged by data brokers.
This insight into the thorough monitoring of driving behavior highlights a broader concern among consumers about the privacy of their data in the era of connected cars.
These internet-enabled vehicles, equipped with advanced features such as GPS navigation systems, cameras and sensors, heavily rely on the collection and transmission of extensive data.
While this data access has undeniably enhanced overall driving experiences — improving safety, traffic management, payment efficiency and offering personalized entertainment options — the practice of automakers sharing driving data with third parties, particularly insurance companies, has sparked heated debate.
Advocates, such as data brokers like LexisNexis, argue that personalized insurance premiums based on driving behavior could incentivize safer practices and potentially lower rates. Critics, however, have voiced concerns about potential data misuse and exploitation.