The National Information Security Standardization Technical Committee (NISSTC) issued a draft rule that networked vehicles cannot transfer personal data outside the car without the driver's consent.

Besides, the draft rules highlighted that driving history cannot be saved for more than seven days. What's more, transmitting sensitive data related to roads, buildings, terrain, traffic participants collected by car cameras and lidars outside China is prohibited.

The draft rules apply to all network-vehicle carmakers. In response, Chinese electric companies, including Xpeng and Nio, said they are not affected by the new rules because all the data their cars generate already store in China.

According to Grace Tao, Tesla China's head of communications and government affairs, Tesla cars sold in the Chinese market also keep the data in the country. However, as Tesla facing heat in the country after several vehicles' alleged brake failure in China recently, people's concern about the American carmaker's privacy violation also rises.

In May, a Tesla car rear-ended a truck at a high speed of 158 km/h in Shaoguan, Guangdong Province, leading to the immediate death of the driver.

The cause of the accident still remains unknown. Still, it has triggered new waves of concern over whether the Tesla vehicle involves technical issues, including brake failure risks.

More than ten accidents involving Tesla electric cars were accused of having brake malfunction issues since 2020.

To mitigate the concern, Tesla China promptly went on public relations campaigns, issued statements, set up a special investigation team, and agreed to share driving data of accidents related to issues of alleged brake malfunction.

Despite these efforts, many Chinese Tesla owners remain skeptical about how Tesla properly managed their driving data in China. Some of them said Tesla is violating the privacy of car owners by disclosing the data publicly without their consent.

Last week, Tesla announced a platform for car owners in China that will allow them to freely access data generated by their vehicles.

Apart from the carmakers' self discipline on customers' privacy data, the smart cars have also become a new target for the world of hackers. 

Recently, German security researchers Ralf-Philipp Weinmann and Benedikt Schmotzle from Comsecuris published their findings of security flaws in ConnMan, an open-source software launched by Intel that functions as an internet connection manager for embedded Linux systems run on smart vehicles.

The security researchers remotely hack into a Tesla Model X's infotainment system using a DJI Mavic 2 drone equipped with a Wi-Fi dongle to exploit the vulnerability.

Tesla was programmed to automatically scan and connect to a wireless network called Tesla Service. A Wi-Fi module of a drone could connect the vehicles' infotainment system and launch the remote attack aimed at ConnMan.

"We can unlock the doors and trunk, change seat position, playing music, and control the infotainment systems over Wi-Fi. The technique worked on Tesla 3, X, Y, S models from up to 300 feet away. German security researchers explained how the flaw works at the CamSecWest conference held in April.

It is not the first time Tesla has been discovered security flaws by cybersecurity researchers. In 2020, cybersecurity researchers at KU Leuven University hacked and stole a Tesla in just a few minutes after finding issues in the car's private key.

ConnMan is not only used by Tesla. The researchers warned that other smart vehicle makers have the same vulnerability in their operating systems.

Although the security flaw of ConnMan has been fixed, researchers' findings suggested the vulnerability of technology-driven smart vehicles because vehicles must connect to network in order to run smart driving system, and more complicate attacks and hack surrounding smart cars' operating system will likely happen soon.