As China prepares to implement new regulations on data security and the cross-border flow of information, Tesla and Porsche are some of the first foreign companies being sought out to share input on the proposals.
Officials in Shanghai are looking to enact strict regulations on cross-border data flow by March, and they’re asking for help from overseas companies like Tesla, Porsche, and others for a proposed three-tiered system, according to a report from South China Morning Post. The automakers are among 14 different auto firms crafting proposals for the new regulations, as reported by the Jiefang Daily and by one official from the Lingang Administration Commission who requested to remain anonymous.
The proposals are expected to make major strides toward relieving a “sore point” for foreign companies, soon defining what kind of data can legally flow outside of China. While analysts have welcomed the move, they also say that the central government needs to go further to address some common complaints from overseas businesses, including data management and compliance with national security laws, among others.
If enacted, the plans would create a three-tiered system of regulation for where certain data can flow, as detailed below:
- “General data” would be permitted to be transferred overseas freely.
- “Important data” would be permitted to be transferred overseas after passing a security review.
- “Core data” would have to be hosted within China and would be subject to the strictest oversight rules.
Earlier this month, Lu Sen, Data Management Chief of the Lingang Free-Trade Zone Administration Commission, said at a forum that state ministries had previously been creating specific lists of general data for automakers, and for those building autonomous vehicles, along with financial institutions, shipping businesses, traders, and drug manufacturers.
“Task forces have been formed to pool officials, experts and representatives from leading companies in these sectors together to hammer out lists and menus for differentiated supervision,” Lu said.
Further details on the categorization of data have not been released, though Lu also said that the list of general data would be gradually expanded over time.
According to a survey conducted last year surrounding business sentiment for the American Chamber of Commerce in Shanghai, roughly 70 percent of respondents pointed to digital policies such as data localization and other cybersecurity requirements as being a hindrance.
“There has been significant confusion, including cross-border data filing and declaration requirements, and companies are burdened by inefficiencies and compliance costs,” wrote the authors of the report.
In addition, 60 percent of survey respondents said they were uncertain about the interpretation and enforcement of the policies, with around 48 percent saying that the data and security laws caused increased operating costs.
Amidst several security concerns about Tesla a few years ago, the automaker made it a point to alleviate government uncertainty by announcing it would store all vehicle data locally in China, after the company’s vehicles were temporarily banned for use by military and government employees in certain locations.
Tesla treated as security threat in China as University Games loom
What are your thoughts? Let me know at zach@teslarati.com, find me on X at @zacharyvisconti, or send your tips to us at tips@teslarati.com.
