Coalition frontbencher warns Chinese cars are a national security risk that must be taken seriously
Warnings are mounting that Chinese cars could be used for espionage in Australia and Labor is being accused of leaving national security in the back seat.
Coalition frontbencher Dan Tehan said that cars that are made in China are an espionage risk that needs to be taken seriously following warnings from eminent cyber experts and the Department of Home Affairs.
Mr Tehan, who holds the energy portfolio in Opposition, has spoken out after cyber experts warned vehicles made in China could be eavesdropping on private conversations and feeding that intelligence back to the Chinese Ministry of State Security.
Sign up to The Nightly's newsletters.
Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.
By continuing you agree to our Terms and Privacy Policy.“When cybersecurity people with expert knowledge raise serious concerns, we should take those concerns seriously,” he told The Nightly.
Mr Tehan, a former diplomat who drives a Japanese Toyota LandCruiser four-wheel drive, declined to say whether or not he would ride in a Chinese car, despite EVs being part of his frontbench policy duties.
“What I would like to know is what the government has to say about them and whether they are taking these concerns seriously. As a former cyber security minister, I take the advice of the professionals very seriously.”
China is now Australia’s second biggest source of new cars after Japan.
BYD, the world’s biggest producer of electric cars, is proving to be a more popular brand in Australia as the Federal Government’s New Vehicle Efficiency Standard aims to slash carbon emissions by 59 per cent over five years and encourage more motorists to buy an EV.
China has a 78 per cent share of Australia’s battery EV market, making them more likely to have software controlled by a Chinese company.
Hamish Hansford, the deputy secretary of the Department of Home Affairs, told a Senate legal affairs committee this week that it was monitoring the security risks of internet-connected cars, given they didn’t fall under cybersecurity laws in Australia.
“We are looking at the risk posed by connected vehicles generally,” he said.
“Connected technology, whatever device we’re talking about, has the potential for a number of vulnerabilities.”
His colleague Tim Neal, an assistant secretary on Commonwealth security policy, said the Federal Government’s Protective Security Policy Framework banned public servants from synching their smartphone in a “BYD or any other connected vehicle”.
“They would be unable to connect a government phone into a connected vehicle and that is standard for all connected vehicles across all fleets,” he said.
Chinese carmakers speak
Polestar, an upmarket Volvo offshoot majority owned by Chinese carmaker Geely, said that as a Swedish-headquartered company, it adhered to the European Union’s General Data Protection Regulation and not Chinese laws.
“Polestar cars do not store or transmit any internal audio or video recordings outside of the vehicle environment,” a spokesman told The Nightly.
“Polestar adheres to the laws and regulations in local markets. Polestar is headquartered in Sweden and is required to comply with the GDPR. Customer data outside of China is processed and stored in data servers outside of China.
“Personal data for customer cars in all countries outside of China is processed and stored in accordance with applicable laws, on data servers outside of China.”
Chery said it obeyed Australian laws when it came to data security.
“Chery Australia is committed to upholding the highest standards of safety and transparency, and treats these obligations with the utmost seriousness,” it said.
“Chery conducts product development in strict accordance with global standards, and all products exported to Australia comply with the relevant regulations and safety standards in Australia.
“Furthermore, Chery continues to proactively collaborate with regulators to ensure our technology meets the stringent requirements regarding data security and consumer protection.”
The Nightly contacted BYD but did not get a response.
China car warnings
Alastair MacGibbon, the chief strategy officer of CyberCX who previously advised former prime minister Malcolm Turnbull on cybersecurity, has warned Chinese cars could be controlled remotely and potentially detonated, and is urging ministers and public officials to avoid riding in them.
“Mr MacGibbon is pointing to catastrophic vulnerabilities. Whether or not they’re possible, we’d have to look at each scenario and get a judgement, particularly from our technical agencies about our plausibility of that happening,” Mr Hansford said.
“But we are aware that cyber threats in particular are impacting Australia and connected technology is one vector.”
Strategic Analysis Australia director Michael Shoebridge has told The Nightly government officials and ministers could have their conversations in a Chinese car recorded.
“When people like Alastair MacGibbon, one of the most preeminent cybersecurity experts in Australia, and Michael Shoebridge, who is highly regarded for his national security work, say that there are deep concerns about cyber aspects of Chinese-made electric vehicles, we should take those concerns seriously,” Mr Tehan said.
Joe Biden, in his final month as US President, in January introduced a ban on cars with Chinese or Russian software, that is coming into effect in 2027, with Mr Hansford revealing his department had spoken to the American Department of Commerce on its policy.
Prime Minister Anthony Albanese last month scoffed at a suggestion he was putting Australia’s security at risk when he jumped into a Chinese-made Great Wall SUV at the Pacific Islands Forum in Honiara, the capital of the Solomon Islands.
“It’s just a car. It gets you from A to B, seriously,” he told reporters.
