} ?>
(Yicai Global) Aug. 20 -- China’s cyberspace regulator and four government ministries have issued new regulations to reduce the disorderly collection and illegal abuse of vehicle data and prevent auto data security risks.
Companies that process auto data must fulfill their responsibilities and protect the safety and legal rights of personal information, according to the regulations the Cyberspace Administration of China posted on its website today. They must obtain an individual’s consent before collecting data, and collect biometric information only for the purpose of enhancing driving safety or if otherwise necessary, according to the new rules.
Auto data processors must also abide by the regulations on storage within the country, strengthen the security protection of important data, and actively prevent data security risks. If it is strictly necessary, they can send data overseas, but without including information beyond the outbound security assessment.
Firms that handle auto data must cooperate with the CAC and relevant departments of the State Council when they carry out the outbound security assessment, per the regulations.
The CAC had earlier said firms can use the data only to serve passengers, and they are generally not allowed to provide data to third parties. No data shall be collected when driving unless strictly necessary, and the coverage of the radar and resolution of the camera shall be in line with the related requirements. Finally, they should protect sensitive and private information by carrying out data desensitization in case they release them.
The Ministry of Industry and Information Technology recently issued an opinion on strengthening the access management of smart connected vehicle makers and products, which strives to strengthen data security management capabilities and the protection of personal information and important data.
Editor: Futura Costaglione