Tag Archive for: Electric vehicles

DeepSeek is in the driver’s seat. That’s a big security problem

Democratic states have a smart-car problem. For those that don’t act quickly and decisively, it’s about to become a severe national security headache.

Over the past few weeks, about 20 of China’s largest car manufacturers have rushed to sign new strategic partnerships with DeepSeek to integrate its AI technology into their vehicles. This poses immediate security, data and privacy challenges for governments.  While international relations would be easier if it weren’t the case, China’s suite of national security and intelligence laws makes it impossible for Chinese companies to truly protect the data they collect.

China is the world’s largest producer of cars, and is now making good quality, low-cost and tech-heavy vehicles at a pace no country can match. It has also bought European industry stalwarts, including Volvo, MG and Lotus. Through joint ventures, it builds and exports a range of US and European car models back into global markets.

DeepSeek has struck partnerships with many large companies, such as BYD, Great Wall Motor, Chery, SAIC (owner of MG and LDV) and Geely (owner of Volvo and Lotus). In addition, major US, European and Japanese brands, including General Motors, Volkswagen and Nissan, have signed on to integrate DeepSeek via their joint ventures.

Australia is one of the many international markets where Chinese cars have gained enormous traction. More than 210,000 new cars were sold into Australia in 2024, and Chinese brands are set to take almost 20 percent of the market in 2025, up from 1.7 percent in 2019. Part of this new success is due to the government’s financial incentives encouraging Australians to purchase electric vehicles. China now builds about 80 percent of all electric vehicles sold in Australia.

Then, there are global markets where Chinese car brands are not gaining the market share they have in Australia (or in Russia, the Middle East and South America), but where Chinese-made cars are. This is the case in the United States and in Europe, for example. This is because many foreign companies use their joint ventures in China to sell China-made, foreign-branded cars into global markets. Such companies include Volkswagen, Volvo, BMW, Lincoln, Polestar, Hyundai and Kia.

Through its Chinese joint venture, Volkswagen will reportedly partner with DeepSeek. General Motors has also said it will integrate DeepSeek into its next-generation vehicles, including Cadillacs and Buicks. It’s unclear how many such cars may end up in overseas markets this year; that will likely depend on each country’s regulations.

It is not surprising that DeepSeek is a sought-after partner, with companies scrambling to integrate and build off its technology. It also shouldn’t have been a shock to see this AI breakthrough coming out of China—and we should expect a lot more. Chinese companies, universities and scientific institutions made impressive gains over the past two decades across most critical technology areas. Other factors, such as industrial espionage, have also helped.

But widespread integration of Chinese AI systems into products and services carries serious data, privacy, governance, censorship, interference and espionage risks. These risks are unlikely ever to go away, and few government strategies will be able to keep up.

For some nations, especially developing countries, this global integration will be a bit of a non-event. It won’t be seen as a security issue that deserves urgent policy attention above other pressing climate, human security, development and economic challenges.

But for others, it will quickly become a problem—a severe one, given the speed at which this integration could unfold.

Knowing the risks, governments (federal and state), militaries, university groups and companies (such as industrial behemoth Toyota) have moved quickly to ban or limit the use of DeepSeek during work time and via work devices. Regulators, particularly across Europe, are launching official investigations. South Korea has gone further than most and taken it off local app stores after authorities reportedly discovered that DeepSeek was sending South Korean user data to Chinese company ByteDance, whose subsidiaries include including TikTok.

But outside of banning employee use of DeepSeek, the integration of Chinese AI systems and models into data-hungry smart cars has not received due public attention. This quick development will test many governments globally.

Smart cars are packed full of the latest technology and are built to integrate into our personal lives. As users move between work, family and social commitments, they travel with a combination of microphones, cameras, voice recognition technology, radars, GPS trackers and increasingly biometric devices—such as those for fingerprint scanning and facial recognition to track driver behaviour and approve vehicle access. It’s also safe to assume that multiple mobile phones and other smart devices, such as smart watches, are present, some connecting to the car daily.

Then there is the information aspect—a potential influx of new AI assistants who will not always provide drivers with accurate and reliable information. At times, they may censor the truth or provide Chinese Communist Party talking points on major political, economic, security and human rights issues. If such AI models remain unregulated and continue to gain popularity internationally, they will expose future generations to systems that lack information integrity. As China’s internal politics and strategic outlook evolve, the amount of censored and false information provided to users of these systems will likely increase, as it does domestically for Chinese citizens.

Chinese built and maintained AI assistants may soon sit at the heart of a growing number of vehicles driven by politicians, military officers, policymakers, intelligence officials, defence scientists and others who work on sensitive issues. Democratic governments need a realistic and actionable plan to deal with this.

It may be possible to ensure that government-issued devices never connect to Chinese AI systems (although slip-ups can happen when people are busy and rushing), but it’s hard to imagine how users could keep most of their personal data from interacting with such systems. Putting all security obligations on the individual will not be enough.

Australia has been here before. Australia banned ‘high-risk vendors’ in from its 5G telecommunications network in 2018, and the debates leading up to and surrounding that decision taught us how valuable it was for the business community to be given an early and clear decision—something some other countries struggled with. Geostrategic circumstances haven’t improved since Australia banned high-risk vendors from 5G; unfortunately, they’ve worsened.

Australia’s domestic policy settings are also driving consumers towards the very brands that will soon integrate DeepSeek’s technology, which politicians and policymakers have been told not to use. Politicians from all parties test-driving BYD and LDV vehicles highlights that parliamentarians may need greater access to more regular security briefings to ensure they are fully across the risks, with updates provided to them in a timely fashion as and when those risks evolve.

Tackling this latest challenge head-on is a first-order priority that can’t wait until after the 2025 federal election.

Governments must ensure this issue is given immediate attention from their security agencies. This needs to include an in-depth assessment of the risks, as well as a consideration of future challenges. Partners and allies should share their findings with each other. An example of the type of activity that should be incorporated into such an assessment is Australia’s experience in 2017 and 2018 leading up to its 5G decision, when the Australian Signals Directorate conducted technical evaluation and scenario-planning.

There is also a question of choice, or rather lack of it, that needs deeper reflection from governments when it comes to high-risk vendors. Democratic governments should not allow the commercial sector to offer only one product if that product originates from a high-risk vendor. Yet there are major internet providers in Australia which provide only Chinese TP-Link modems for some internet services, and businesses which only sell Hikvision or Dahua surveillance systems (both Chinese companies were added to the US Entity List in 2019 because of their association with human rights abuses and violations).

Not only do the digital rights of consumers have to be better protected; consumers must also be given genuine choices, including the right to not choose high-risk vendors. This is especially important in selecting vendors that will have access to personal data of citizens or connect to national critical infrastructure. Currently, across many countries, those rights are not being adequately protected.

As smart cars integrate AI systems, consumers deserve a choice on the origin of such systems, especially as censorship and information manipulation will be a feature of some products. Governments must also provide a commitment to their citizens that they are only greenlighting AI systems that have met a high standard of data protection, information integrity and privacy safeguards.

Which brings us back to DeepSeek and other AI models that will soon come out of China. If politicians, government officials, companies and universities around the world are being told they cannot use DeepSeek because such use is too high-risk, governments need to ensure they aren’t then forcing their citizens to take on those same risks, simply because they’ve given consumers no other choice.

Chinese electric vehicles are a rolling security threat

Senate estimates earlier this month heard the remarkable revelation that Home Affairs Minister Tony Burke has had to take ‘precautions’ based on warnings from his own department to protect himself and the nation’s sensitive information from Burke’s own Chinese-made electric car.

The risks with such cars, according to Home Affairs officials, might include having data collected from the owner’s phone if it were connected to the car, voice calls eavesdropped on, image collection from the car’s external cameras and geolocation tracking—meaning that if Burke drove to a sensitive government location the car’s manufacturer would be able to see.

The United States has announced plans to ban Chinese technology in American cars over surveillance and sabotage concerns. Australia should do the same. Moreover, with Prime Minister Anthony Albanese meeting China’s President Xi Jinping in Brazil on the sidelines of the G20 meeting overnight, he had the chance to raise this issue directly, consistent with the kind of frank diplomatic engagement for which Australia should be using these face-to-face opportunities.

Indeed, Australia needs a comprehensive strategy to address the rolling security threat of high-risk foreign vendors to critical infrastructure. Our current approach—not addressing risks until Chinese firms dominate their markets, as BYD is doing now in electric cars—is woefully inadequate. We are trapped in a game of whac-a-mole.

Australia has previously addressed risks from China’s Huawei, TikTok and camera-maker Hikvision. New technologies will keep coming, bringing risks of malicious use by Beijing.

Australia must see the US ban on Chinese tech in cars not as an escalation in the US–China trade war but as a wakeup call: technological advance is core to strategic competition and presents real security threats that need to be confronted.

China’s technological dominance across hardware and software allows smart cars, for instance, to serve as tools for surveillance, propaganda and sabotage. But this isn’t just about cars. Internet-connected medical devices, for example, can be used for surveillance of patients.

Most countries could not interfere with and hack into foreign technology without covert activity. But Chinese companies control globally prevalent technology that Beijing—and its intelligence agencies—could exploit directly.

Just this year, seven Chinese departments, including the Ministry of Industry and Information Technology, called for innovation and industrial development in such areas as 6G communications, satellite internet and direct satellite-to-mobile connectivity. This is to be done by advancing current technology that is already raising foreign concerns: 5G, internet of things, satellite communications and internet-connected vehicles.

This aggressive push for leadership highlights the risk of continuing to rely on technology from a country that seeks to do us harm—a country that is using a military-civil fusion strategy to ensure all of its society works for the regime’s military ambitions.

Australia needs a strategic framework that moves beyond a whac-a-mole approach that will fail in a plague of moles. Ideally this would involve a coalition of like-minded democratic partners taking collective action. But in the meantime, Australia must develop its own framework.

We need a policy that lists critical infrastructure and sectors from which suppliers of concern—from both China and Russia—are prohibited. Excluding those suppliers would be based on the scale of the potential threat and our inability to mitigate that threat.

This would provide certainty and avoid having to manage fallout from imposing bans after the suppliers were already in the market. Government agencies could still assess specific cases for mitigation. But the presumption that high-risk vendors are banned would end the current approach of waiting for them to achieve a potentially harmful position before we act, as with TikTok.

Australia’s ban on Chinese suppliers in the 5G network in 2018 proved the value of this approach. Australia considered carefully whether the risk of Chinese suppliers in its 5G network could be mitigated. A vendor’s control of the 5G network gives it the capability to turn the network off. Even if China had no immediate plan to take such a dramatic step, its objectives could quickly change in any future conflict or crisis. Australia therefore made the assessment that a full ban was the only option.

While awaiting a national strategy, the same principle should determine the individual case of cars. Just as there was a distinction between 4G and 5G networks, there should be a distinction between traditional, unconnected cars and the new, connected ones. If Chinese technology is too dangerous for our critical infrastructure but not for cars that connect with that critical infrastructure, the government should explain why.

TikTok was deemed a national security threat, but Australia did not ban it outright, opting instead to ban it from government devices. If an outright 5G-style ban on cars is assessed as unnecessary, surely consistency means prohibiting government employees and politicians from buying or travelling in those with Chinese technology. After all, these cars would connect to the devices, such as phones, that the government has said must not be linked to untrusted technology. It was a surprise, therefore, when Climate Change and Energy Minister Chris Bowen in September ruled out a ban because he wanted ‘Australians to have more choice’. Choice cannot be the principle upon which security decisions are made. Nor can price.

Australia needs a comprehensive strategy. And Australians should be told why Chinese tech can’t be in the 5G network, nor in government devices, but can be in the cars that connect to both.