Lawmakers are growing concerned about a flood of data-hungry cars from China taking over American streets.
Amid rising concerns about China’s growing international data collection apparatus, a newly divided US Congress is applying fresh scrutiny to the possibility that imported Chinese technology could be a Trojan horse.
In a letter to the US National Highway Traffic Safety Administration, shared exclusively with WIRED, Representative August Pfluger asks some tough questions as to whether Washington is really prepared for the security threat posed by the coming influx of Chinese-made smart and autonomous vehicles (AVs) to the United States.
“I remain concerned that a lack of US oversight in AV technology has opened the door for a foreign nation to spy on American soil, as Chinese companies potentially transfer critical data to the People’s Republic of China,” Pfluger writes.
While AV technology may be some years away from widespread commercial use, pilot projects are already on the roads around the world. As of earlier this year, AutoX autonomous taxis were on the roads in California. A Chinese startup backed by one of the largest state-owned car companies in the communist country, AutoX was granted approval by California in 2020.
As American regulators have green-lit those test projects, Pfluger writes, “there remains a serious lack of oversight regarding their data governance.”
Earlier this year, WIRED reported on the mounting national security issues posed by Chinese-made vehicles. The massive trove of data being collected by these cars could give adversarial states an unprecedented vantage point into the United States and other Western nations. Beijing has already pioneered the use of big-data analytics to identify dissidents at home, and concerns have mounted that those tactics could be deployed abroad.
Pfluger submitted a detailed list of questions to the National Highway Traffic Safety Administration (NHTSA), which regulates the use of AVs, and asked the regulator to explain how it has vetted the national security risk posed by these Chinese companies.
“Has NHTSA worked independently, or in collaboration with cities or other local governments to limit or prevent Chinese-owned companies from collecting sensitive information from American infrastructure, including information about sensitive government or military facilities, and subsequently sharing such information abroad?” Pfluger writes.
China has certainly had that anxiety about American-made smart and electric vehicles. Earlier this year, for example, Beijing placed firm restrictions on where Teslas could drive, particularly around military installations, amid high-level Communist Party meetings.
Pfluger highlights in his letter that China could use “autonomous and connected vehicles as a pathway to incorporate their systems and technology into our country’s infrastructure.” The United States, like most of its allies, has already banned Chinese corporate giant Huawei from building 5G infrastructure, but these next-generation vehicles would have access to an unprecedented number of emails, messages, and phone calls, and would effectively be moving cameras, capable of photographing an array of critical infrastructure.
As Homeland Security secretary Alejandro Mayorkas told a House committee last week, there are “perils of having communications infrastructure in the hands of nation-states that don’t protect freedoms and rights as we do.” FBI director Christopher Wray warned that China has stolen more data from the United States than all other nations combined, through “increasingly sophisticated, large-scale cyber espionage operations against a range of industries, organizations, and dissidents in the United States.”
It’s no secret that the automotive industry is of particular interest to Beijing. This summer, a former Apple engineer pleaded guilty to stealing trade secrets on the company’s AV program, and sending them back to China.
Pfluger, a Republican from Texas, served in the last congressional term on both the House Foreign Affairs and Homeland Security committees. Republicans, in particular, have called for legislation to govern AV cybersecurity, with an eye to combating China’s bullish entry into the American market. While legislative drafts and proposals have floated around, none have become law. (US president Joe Biden’s infrastructure bill included some language on AV safety, but it does not address issues of security and espionage.)