China's first regulation on automobile data security began to solicit opinions from the society yesterday. The new regulations clearly stipulate that personal information will not be collected by default, and outbound data should be strictly evaluated.
The new regulations cover the whole process of automobile data collection, storage, transmission and deletion, and the scope of supervision also covers the entire industrial chain. Wang Haijun, an engineer of vehicle networking information security standards and specifications in China Automotive Technology and Research Center, said that the personal information of car owners, drivers, passengers and pedestrians are all within the scope of protection.
Personal information is clearly stipulated in the network security law, such as ID number, telephone number, iris, fingerprint, and the key to login on the big screen of the car, which are all counted as our personal information.
The first principle of personal information protection is not to collect by default. Xiao Ying, founder and editor-in-chief of Cybercar, said: Now many of our cars are closed by default, and the owners still don't know how to turn them off. This regulation requires that personal information is not collected by default before driving every time. Only when the driver agrees to authorize can the data in this driving trip be collected.
Xiao Ying said that the owners' right to know was fully guaranteed. Relevant enterprises should inform consumers through the user manual and vehicle display panel, the type of data collection, how long your data will be kept, and what actions consumers should take if they want to delete these data.
In addition to personal information, the new regulations are clear, and data related to national security, car charging network, road traffic flow, audio and video outside the car are important data. Chang Yan, a well-known car blogger, said: All important data or personal information should be stored in China according to law. If it needs to be provided overseas, it can only be provided after a special safety assessment by the national network information department. At the same time, even if the data is placed overseas, if it involves user complaints and infringes on the rights and interests of users, car companies need to bear the responsibility according to law.
According to the National Network Information Office, the new regulations are open to the public for comments. Tesla took the lead in expressing support and responding to the first regulation of domestic automobile data security. At present, the market penetration rate of L2 intelligent networked vehicles has reached 15%, and vehicle data supervision has laws to follow, which will also promote industry norms and technological progress.