Modern cars are “smartphones on wheels” and perfect vehicles for spying on us, a Polish expert said at a parliamentary hearing on Thursday, warning that joint EU action was needed to counter China in particular.
Paulina Uznańska, a researcher at the Centre for Eastern Studies (OSW) in Warsaw, warned members of the European Parliament’s industry and defence committees that such connected cars could be used for cyber-attacks.
“No matter who produces them, no matter what’s the country of origin, these cars can be hacked,” she said.
Data collection
Smart cars are “packed” with all sort of sensors, cameras and radars, and are connected to the internet, Uznańska said. They collect vast amounts of data on the drivers’ biometrics and what is happening around the vehicle.
“They have enormous potential to gather data about, for example, military zones when they pass by them,” Uznańska said. The EU should start protecting military facilities and critical infrastructure, she recommended.
Some EU countries are already taking action. Poland, for example, is considering banning the movement of Chinese cars around military sites.
China is becoming a global powerhouse in intelligent vehicles and explicitly sees the technology as a strategic asset. For that reason, it is also highly sensitive to the national security risks posed by foreign vehicles – notably Tesla cars – Uznańska said.
“Tesla cars faced informal limits on driving and parking near sensitive areas in China, for example, near government buildings or during high-level events attended by Xi Jinping,” she said. “These limits were lifted only after Tesla passed China’s data security tests.”
EU reform
The broader issue of clean tech cybersecurity is already high on the European Commission’s agenda. On 20 January, it proposed a review of the Cybersecurity Act (CSA2) that would allow the bloc to designate high-risk countries and suppliers posing cybersecurity threats to specific critical sectors.
In turn, EU countries would have to adopt measures to mitigate those risks, which could go as far as excluding certain high risk entities from supply chains.
The law does not explicitly name electric cars, but EU tech chief, Henna Virkkunen, said at a press conference that the Commission was already working on risk assessments for connected vehicles.
China is not named in the proposal either, but several Chinese entities are already considered high risk in 5G telecommunication networks, putting Beijing firmly on the EU executive’s radar.
“We think that intelligent vehicles should be explicitly included in the revision of the EU Cybersecurity Act,” Uznańska told EU lawmakers.
“If we do this regulation well, it can be a very potent non-tariff barrier, and it can help us catalyse a booming, safe, EU-based industry for automotive software and for sensors,” Uznańska added.
But the EU must act now: “The risk is already on our roads,” she warned, calling for harmonised rules across the bloc.
(rh, aw)
