On May 6, Sina Weibo auto blogger @Li Mouse said that the car released a video saying that the Gaohe Auto driving recorder can receive the vehicle signals of other car owners and read the contents of their driving recorders through the "car-car interconnection" function. Subsequently, the incident triggered a heated discussion, and some netizens questioned, "Is this not illegal?" ”
On May 7, in response to the above-mentioned revelations, Gaohe Automobile issued a statement saying that the function is part of the vehicle-road collaboration system, which is turned off by default at the factory, and the user needs to confirm the privacy clause twice before the pop-up window can be opened. This function has a variety of protection and confirmation measures, no storage, no leakage of user privacy.
According to public information, Gaohe Automobile is a luxury intelligent pure electric brand under Huaren Express. According to the official website of Gaohe Automobile, its products include HiPhi X and HiPhi Z series, with a six-seat model priced at 570,000-680,000 yuan and a flagship version of 4-seater 800,000 yuan.
"A walking monitoring device"
@Li Mouse said that the video released by the car yesterday shows that clicking on the "Driving Recorder" service page in the car display screen, and then clicking on a button shaped like a signal in the lower right corner of the screen, will enter the list of owners of the same model that also opened the "car-car interconnection" function. The list shows other owners' avatars, nicknames, distance information. Click on any owner's avatar to watch the real-time picture of their dashcam directly. When the blogger demonstrated the above features, he also asked, "Why does this car have this function?" What does it do, do it socialize? In addition, it also wrote in the comments section, "It is not clear whether this function is open by default." ”
On the 7th, Gaohe Automobile issued a statement saying that the functions mentioned in Weibo belong to the components of the fleet travel and vehicle-road coordination system, which are turned off by default at the factory, and the user needs to open the function options in the settings after the vehicle is powered on, and the pop-up window can be opened by confirming the privacy clauses for the second time. After the vehicle is powered off (unplug the key, turn off the vehicle), the function cannot be activated and cannot be turned on remotely. At the beginning of its development, this function fully considered the protection of user privacy, and set up a variety of protection and confirmation measures, without any storage. There is no leakage of user privacy, please rest assured that the majority of users.
After Gaohe Auto responded that "car-car interconnection" is an actively opened function, and after the vehicle is powered down, the function cannot be enabled, nor can it be opened remotely, the blogger posted a video saying that he is the owner of Gaohe Auto, and the car has been open for more than a year to find this function, and feels that this function is terrible.
On the one hand, he believes that the owner does not know that the picture taken by his dashcam may be being shared by live broadcast, and at the same time, the individual photographed by the dashcam does not know that he is being recorded and watched by others. On the other hand, in addition to the driving recorder, the front and rear of the car are equipped with cameras, the blogger said that he does not know whether these cameras will record, but he believes that "should not be live broadcast, once the camera is broadcast live to other owners, the car is a walking monitoring device." ”
In addition, for the length of time the dashcam screen is shared, he said that the new energy vehicle can not be powered down in the remote (control) situation, which is equivalent to a surveillance camera with a 96-degree battery that has been working.
It is worth noting that car blogger @Li Mouse said that when the car re-experienced the "car-car interconnection" function in today's latest video, it found that the function is currently inaccessible and used.
Is the "Car-To-Vehicle Interconnection" function suspected of infringing on user privacy?
The two sides have their own opinions, so from a legal point of view, is the "car-car interconnection" function itself suspected of infringing on user privacy?
Wang Zhenkun, a lawyer at Beijing Fei Lanqing Law Firm, said to Caijing Technology that this involves two levels of problems, one is whether Gaohe Automobile's setting of the "car-car interconnection" function and whether the notification before opening is compliant, and the other is the privacy and personal information protection problems caused by the user's use of this function.
"Gaohe Automobile must ensure that the user is fully informed and consented to open the function, and protect privacy and personal information (including the privacy and personal information of their own and others) during use, which is mainly the obligation of the user, and if the improper use leads to infringement of the privacy or personal information of others, the user should be responsible." Lawyer Wang Zhenkun explained.
Zhang Xiang, dean of the New Energy Vehicle Technology Research Institute of Jiangxi New Energy Science and Technology Vocational College, believes that the act of sharing the driving recorder picture with a third party may be suspected of infringing on the privacy of the owner and violating relevant safety regulations. It is reported that the "Several Provisions on the Safety Management of Automobile Data (Trial)", which came into effect on October 1 last year, advocates that automotive data processors should adhere to the principle of in-vehicle processing in carrying out automotive data processing activities; the principle of non-collection by default; the principle of application of accuracy range and the principle of desensitization processing. The principle of desensitization refers to the processing of anonymization and de-identification as much as possible.
In addition, according to Tencent News, Lin Lihong, a lawyer at Beijing Quanyou Law Firm, said when talking about the above incident, "Automobile suppliers and software providers that transmit and disclose the collected car data to other individuals or organizations outside the car should be carried out in accordance with the premise of statutory subjects, performing legal procedures and complying with statutory purposes. and other provisions of laws and administrative regulations to be punished; where a crime is constituted, criminal responsibility shall be pursued in accordance with law. ”
More than 40% of consumers do not have enough confidence in the protection of personal information by automakers
In recent years, not only Gaohe Automobile, but also other smart car products have been suspected of leaking and infringing on the privacy of users.
In March last year, Musk posted on social platforms that he would withdraw the trial access of the FSD Beta version of some car owners, because it was found that many car owners did not pay attention to road conditions when using the feature. Subsequently, some netizens asked whether the camera in the car could monitor the owner, and Musk replied yes. After that, the issue of Tesla monitoring car owners and invading privacy caused heated discussion among netizens.
In June of the same year, a data breach occurred at a Mercedes-Benz supplier. Between 2014 and 2017, information about customers and potential car buyers who entered sensitive information on Mercedes-Benz and dealer websites was leaked, including individual declared credit scores, driver's license numbers, social security numbers, credit card information and dates of birth.
While car brands have been pointed out to be infringing on and leaking user privacy, consumers have insufficient confidence in the safety of smart car manufacturers to protect personal sensitive information. The "2022 Survey on Data Security and Personal Privacy Awareness and Concerns of Chinese Consumers" jointly launched by J.D. Power and the Global Times shows that more than 40% of Chinese consumers have insufficient confidence in whether smart car manufacturers can properly protect personal sensitive information at this stage. And users are highly concerned about personal sensitive information being used, used and shared by vehicles, and the proportion of respondents who are very or relatively mindful is as high as 77%.
Zhang Xiang told the financial network technology analysis that the premise of the realization of many intelligent functions on the car is that the personal privacy data is open. If it is completely unopened, the intelligent function will be gone. Just like why mobile phones are smart now, it is that the background is collecting our data. It's a mutually restrictive relationship.
In order to standardize the collection and use of intelligent vehicle data, since last year, many departments have successively issued the "Opinions on Strengthening the Management of Access to Intelligent and Connected Vehicle Manufacturers and Products" and "Several Provisions on Automotive Data Security Management (Trial)", requiring the strengthening of automotive data security, network security, functional safety and expected functional security management.
Luo Lei, director of the Embedded Software Engineering Center of the University of Electronic Science and Technology of China and secretary general of the TIAA Cyber Security Committee, said in an interview with the media that the main challenge at present is the landing of the industry standard system, including the classification and grading of data. "In the life cycle of smart cars, how to deal with data involving personal sensitive information, how to prevent vulnerabilities in software upgrades, how to form a safe sharing of data information, so that automotive data compliance appreciation, these practices call for the introduction of relevant industry standards." It also said.
![Quick "tide" Here to see, the explosive smart car detonated the Beijing tide fan[fig]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)