Tesla achieves compliance with national automotive data security standards, restrictions eased nationwide


28th April 2024 – (Beijing) Tesla’s Shanghai Gigafactory models have been announced as fully compliant with China’s stringent automotive data security regulations. This compliance has led to the sequential lifting of bans on the operation and parking of intelligent vehicles, including those by Tesla, at key locations such as governmental bodies, airports, and highways.

The announcement was made following the release of a report by the China Automotive Technology and Research Center (CATARC) and the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC). This report, titled “Notification on the Inspection of Four Automotive Data Processing Security Requirements (First Batch)”, marks a milestone in the country’s push towards enhanced data security in the automotive sector.

Tesla’s vehicles produced at the state-of-the-art facility in Shanghai adhered to four crucial compliance requirements outlined by national standards: anonymization of external facial recognition data, default non-collection of cabin data, in-vehicle processing of cabin data, and clear notification before personal data processing. These measures align with the national “Several Provisions on Automotive Data Security Management” and the GB/T 41871-2022 “Information Security Technology Automotive Data Processing Security Requirements”.

Experts in the field have lauded this achievement, emphasizing that “compliance in intelligence is the essence of true intelligence.” This implies that Tesla’s adherence is not merely procedural but is pivotal in setting benchmarks for the future of intelligent connected vehicles (ICVs) in China.

The Shanghai Gigafactory, located in the Lin-gang Special Area of the Shanghai Free Trade Zone, has been pivotal in Tesla’s strategy. The facility not only caters to growing domestic demands but also serves as a critical export hub. Since its inception, Tesla has been proactive in localising data storage and management, which was evident with the establishment of the Tesla Shanghai Data Center in 2021.

In addition to local compliance, Tesla has engaged third-party authoritative bodies to audit its information security management systems, successfully earning an ISO27001 certification. This international standard underscores Tesla’s commitment to maintaining high security and data protection standards globally.

The lifting of restrictions across various locales in China also reflects a broader change in perception towards ICVs. Misunderstandings and widespread rumours had previously led to heightened and, at times, excessive local restrictions on the use of ICVs. With the compliance and subsequent lifting of bans, Tesla and other ICV manufacturers can expect a more conducive environment for the operation of their vehicles.

This announcement coincides with Tesla’s reaffirmation of its commitment to the Chinese market. Via an official Weibo post, Tesla stated its intentions to continue its deep engagement in China, focusing on collaboration in sectors like artificial intelligence, electric vehicles, and energy storage. The company aims to accelerate the implementation of clean energy solutions and autonomous driving technologies, thus transforming visionary ideas into reality.