Tesla car badge showing data security compliance in China

Tesla: Company Is in Compliance With Chinese Data Security Laws, “Sentry Mode” Is No Threat

Tesla has seen prior restrictions to its business in China due to its car cameras and its anti-theft “Sentry Mode,” but a recent airport ban seems to have prompted a Weibo post by the company offering reassurances on its data security.

The post reiterated that Sentry Mode only stores video and audio that it captures locally on an offline USB drive kept within the car, and that Tesla staff cannot access it remotely. Tesla also indicated that it asks users to agree to a policy that specifies they are individually responsible for complying with local laws and regulations involving cameras.

Tesla looks to reassure China on data security

Tesla entered China in 2014, but it took several years for it to become a major presence in the electric vehicle market there. It opened one of its “Gigafactories” in Shanghai in 2019, and doubled its size in 2021 as it became the only foreign company to sell a large amount of electric vehicles in the country and the third largest overall in its domestic market.

The company continues to do well in China and is projected to continue growing there in the near future, but the relationship with the government has become more complex in recent years. While the CCP appears to welcome the company’s business, it is also viewed as a potential national security threat that is occasionally subject to “no go” zones. The first measure of this sort came in early 2021, as the government forbid members of the military and state employees from bringing their cars to work. Some complexes that house military and state personnel have also banned the cars from their lots, and last month Tesla’s vehicles were also banned from the vicinity of the World University Games in Chengdu.

The main source of data security concern is the “Sentry Mode,” standard on all new Teslas shipped since August 2017. Sentry Mode taps into the eight “Autopilot” cameras mounted around the vehicle, normally used for automatic navigation and obstacle detection, to record security footage when a threat is detected.

Sentry Mode is off by default, and must be enabled by the vehicle owner. The owner can enable and disable it remotely via an app, but cannot access recorded footage without physically going into the vehicle to retrieve it via a USB port unless they subscribe to a “premium connectivity” package that offers real-time streaming. An update in recent months also causes the car’s headlights to flash to alert people in the vicinity that Sentry Mode is recording.

Tesla says that Sentry Mode videos are not transferred to or accessible by the company, but this is a recent policy change. The cameras were only set to be off by default early this year, after it was discovered that employees were inappropriately sharing videos captured by car cameras throughout Tesla’s offices from 2019 to 2022. Cameras could activate even when the vehicle was shut off, and would often do so whenever someone approached the vehicle (regardless of presenting any potential threat).

China’s actions to restrict the company’s products are not limited solely to Tesla, but part of a broader focus on data security that has manifested in recent updates to its digital privacy and anti-espionage laws. Electric vehicles, particularly Tesla’s camera- and sensor-heavy models, are among the industries most strongly impacted by these new rules.

Tesla’s concerns have naturally developed (along with most other foreign firms) as these new requirements have gradually come into place, but the specific trigger for the Weibo post about data security seemed to be a recent ban on its cars from the parking area of the Yueyang airport.

New national security rules pressure foreign companies to silo China operations

As companies re-evaluate how to deal with new data security regulations that require essentially unlimited government access to business information stored within the country and strong restrictions on how personal data can be passed out of the country, many are deciding that their China operations simply have to be decoupled from the rest of the company.

Tesla is somewhat ahead of the curve in this area, having set up a data center in the country in 2021 exclusively for storing and processing domestic customer information. However, the company has run into trouble that has indefinitely delayed the “full self driving” betas that other parts of the world have been getting since late 2022. Tesla is hesitant to store sensitive internal information necessary to the program on Chinese servers for fear of government access, and is also inhibited in linking the AI systems that drive the program that are based outside the country’s borders for fear of violating national data security law.

China is not the only part of the world in which Tesla is facing data security regulation issues. A consumer organization in Germany has sued the company for violating EU data protection law, and an early 2023 investigation by the Netherlands data protection authority prompted the company to make a number of changes to Sentry Mode.