Securities Times reporter Guo Bohao

  A message that a pop-up advertisement appeared on the central control screen of the car rushed to the "hot search".

As an important human-computer interaction interface, the central control screen not only displays a lot of vehicle information, but is also an operating platform for some important functions.

Advertising pop-ups appear during driving, which may distract drivers and increase driving safety risks.

  Advertising pop-ups cause controversy

  Recently, the news of pop-up advertisements appearing on the central control screen of the car when using the navigation function has sparked heated discussions. According to the exposed photos, the content of the pop-up window is the official promotion information of the car brand and is not pushed by third-party software.

The reporter repeatedly confirmed to the car brand, "The previous advertisement push was indeed the behavior of the manufacturer, and now the push has been stopped, and there will be no similar push behavior in the later stage." The customer service staff said.

  Several car owners pointed out to the Securities Times reporter that a pop-up window covering a large area of ​​the central control screen appears during driving, which greatly affects the reading of the information on the central control screen. Closing the pop-up window will cause driving distraction and affect driving safety.

In fact, it is not the first time that pop-up advertisements have appeared on the central control screen of a car. A new car manufacturer has been questioned a lot for pushing pop-up advertisements.

In the end, the car company withdrew the relevant push and promised not to push advertisements on the car system again.

  Pan Helin, co-director and researcher of the Digital Economy and Financial Innovation Research Center of Zhejiang University International Business School, pointed out in an interview with a Securities Times reporter that traffic accidents caused by pop-up windows on the central control screen of cars should be held accountable for the pop-up information and advertising publishers. .

But it's not easy.

Guo Zhilong, a researcher at the Cyber ​​Law Research Center of China University of Political Science and Law, suggested in an interview with a Securities Times reporter that it is necessary to clarify the review obligations of car companies, operating systems and software developers for the way advertisements are placed, as well as the responsibility for violations of obligations, including unqualified Administrative supervision liability caused by advertisements, civil compensation liability for traffic accidents caused by unqualified advertisements.

If the pop-up information publisher fails to notify the existence of pop-up advertisements in advance, or uses unfair format terms to place advertisements that are sufficient to prevent the vehicle system and the software in it from running normally, it is at fault or bears certain responsibilities.

  It is worth mentioning that on September 30, the "Regulations on the Administration of Internet Pop-up Information Push Services" (hereinafter referred to as the "Regulations") jointly issued by the Cyberspace Administration of China, the Ministry of Industry and Information Technology, and the State Administration for Market Regulation came into effect.

The "Regulations" propose that users should be clearly informed of the specific form, content frequency, cancellation channels, etc. of the pop-up information push service through service agreements, etc., and fully consider the user experience; it should also clearly mark the closing sign and ensure that pop-up window advertisements are closed with one click.

Guo Zhilong pointed out that the above clauses will help enhance the driver's understanding and expectation of the pop-up window, help them to quickly and conveniently close the pop-up window advertisement to continue to use the car function, and reduce the occupation of the driver's attention by the pop-up window advertisement.

"However, the Regulations have no further requirements on how to measure the 'scientificity' of pop-up advertisements in different scenarios." Guo Zhilong pointed out.

  Wu Shenkuo, assistant to the dean of the Internet Research Institute of Beijing Normal University, doctoral supervisor, and deputy director of the Internet Society of China Research Center, told reporters that under the existing policy and regulatory system, it is necessary to further promote enterprises to improve the safety design in the process of implementing relevant regulations. the level of attention required.

Especially when there is a conflict between business and security, the principle of security first should be strictly followed.

Pan Helin believes that users should have the right to know and consent to pop-up advertisements, and pop-up advertisements cannot hinder the safety of vehicle driving.

In-vehicle systems have high requirements for safety. In-vehicle applications, web links, and pop-up advertisements need to be regulated by relevant departments to issue special rules and regulations.

With the development of intelligent networked vehicles, there will be more and more similar problems in the future. At this time, the red line of regulations is the core key to reducing safety risks.

  Nowhere to hide personal privacy?

  Regarding the pop-up advertisements on the car screen, some car owners expressed deeper concerns to the reporter, "With the continuous enhancement of automobile intelligence, in order to improve the accuracy of advertising, whether the company will collect the images and voice information of the people in the car through the in-vehicle sensors. , record the vehicle positioning, driving trajectory and other content, causing many infringement problems such as personal privacy leakage?" said the interviewed car owner.

  There are not a few car owners who have this concern. The "2022 Survey of Chinese Consumers' Smart Connected Vehicle Data Security and Personal Privacy Awareness and Concerns" jointly released by JD Power (Jundi) and the Global Times shows that Chinese consumers The overall confidence in the ability of ICV manufacturers to properly protect personal sensitive information is insufficient.

Among them, 77.4% of the respondents are highly concerned about personal sensitive information being collected, used and shared by ICVs.

  Wang Yan, director of the Defective Product Management Center of the State Administration for Market Regulation, said that in 2020, the penetration rate of intelligent networked vehicles in my country will remain at around 15%, and it is predicted that the market penetration rate will exceed 75% in 2025.

This means that in the next few years, my country's intelligent networked vehicles will enter a period of rapid popularization, posing greater challenges to related data security.

Xin Keduo, deputy director of the National Intelligent and Connected Vehicle Innovation Center, also pointed out that sensors and cameras in intelligent and connected vehicles will collect a large amount of information, and network and data security has become a key basic issue for the development of intelligent and connected vehicles.

  Bai Yusi, an international registration information system security certification expert and lawyer, told reporters that the implementation of my country's first regulations for automobile data security, "Several Regulations on Automotive Data Security Management (Trial)" (hereinafter referred to as "Several Regulations"), can effectively reduce the risk of automobile Data processors obtain user information privately in a "collected by default" manner.

At the same time, the user's consent is obtained when processing data, which also enhances the protection of users' personal information.

However, there is still room for improvement in the construction of the current policy and regulation system related to automobile data security, and there are also certain challenges in judicial practice in this field.

"Relevant departments should continue to build a data security policy system for intelligent networked vehicles, issue special laws and regulations, and strengthen overall management and standardization in this field. In addition, industry associations, standards committees and other institutions also need to establish relevant standard systems to help intelligent network Connected car data security governance." Bai Yusi believes.

  Wu Shenkuo also pointed out that in the process of implementing policies and regulations, it is necessary to obtain industry feedback in a timely manner, effectively capture and discover potential risks, and make corresponding adjustments to policies and regulations.

  The use of data compliance is still to be refined

  It is undeniable that data has great value, but reconciling the public interest and the interests of automotive data processors is a major challenge.

  Ning Xuanfeng, managing partner of the compliance business department of Beijing King & Wood Mallesons, told reporters that data elements are divided into three categories: personal information, corporate data and public data according to the different holders. The division of general, important, and core data levels.

Specifically, within the scope of personal information rights and interests, fully protect the rights of individuals, within the scope of commercial data rights and interests, protect the rights and interests of data derivatives; within the scope of public data rights and interests, create a data public data resource pool, optimize the public data open catalog, and continuously Explore open economic models for public data sharing.

  Jie Fei, deputy director of the Science and Technology Innovation Bureau of Beijing Economic and Technological Development Zone, pointed out that data classification and classification are the basis of data security governance work, clarifying data application subjects, determining the ownership and use rights of different types of data property rights, formulating relevant classification indicators, and clarifying data at different levels. The scope of circulation, usage rules and governance intensity of data security, balance the application of data to security requirements, explore the responsibility boundaries of data security governance subjects within the scope of controllable costs, ensure security red lines, and reasonably formulate security management and control scopes and methods.

  Guo Zhilong suggested that in terms of data compliance use, in addition to establishing an independent organization mainly composed of external members, to supervise personal information processing activities; regularly publish personal information protection social responsibility reports to accept social supervision.

At the same time, it should also stipulate that the burden of proof for personal information infringement is reversed, that is, if personal information rights and interests are infringed due to personal information processing activities, and the personal information processor cannot prove that he is not at fault, he should bear the tort liability such as damages.