On Tuesday, October 1, 20 US Democrat legislators urged Mexico’s newly elected president, Claudia Sheinbaum, to crack down on the influence that Chinese automakers are gaining in Mexican territory. Through a letter sent directly to Sheinbaum, lawmakers expressed their concerns regarding the national security issues derived from the internet connection of Chinese vehicles and its subsequent transmission of valuable data back to Chinese companies. The letter emphasizes the vehicle’s ability to “transmit private, personal data on individuals, gather intelligence valuable to a potential adversary like China, and even launch cyber attacks against critical infrastructure systems.”
Regardless of the additional considerations that might motivate these legislators to call for the deceleration of Chinese automakers in Mexico, such as the ongoing trade conflict between the United States and China, data compilation is being cited as a potential threat that could jeopardize national security. Given the critical role that data harnessing and processing play in the technological pipeline, it is crucial to address these concerns responsibly. However, falsely equating data transmission with security risks could lead to data protectionism, significantly hindering the development and efficiency of algorithmic tools.
The acquisition of data has become paramount in the technology sector because it dramatically benefits algorithmic efficiency, aside from providing significant insights for companies and governments alike. This maxim is immortalized in the saying, “Data is the new oil”; however, the similarities between these two do not end there. Both data and oil have positioned themselves as relevant vectors in the issue of national security. But, while the relationship between oil and geopolitical security might be crystal clear, data’s connection to national security might be a bit more misunderstood.
First, it is important to determine that, regarding security concerns, not all data is created equal. Some data points include sensitive information like geolocalization or private information on the user of a device, while others only monitor things like temperature, CPU usage, and other computational benchmarks. There is a varying degree of risk in information collection, and some imply the need for protection and regulation more than others. Failing to correctly identify the different types of data and manage them accordingly can be a very inefficient regulatory approach, especially when the concerns regarding data fall within national security.
A regulatory effort to prevent the collection and transmission of sensitive data has to be designed with utmost care and a sober attitude toward the implications of this issue for national security. Each data point should be thoroughly examined for regulatory efforts to hinder innovation as little as possible. The importance of data recollection and subsequent analysis cannot be understated, and it positions itself as one of the main propulsors for developing both technologies like AI and more traditional algorithms.
Furthermore, even in cases where the data being harnessed might raise serious concerns about national security, there are ways to manipulate said information to remove its potentially threatening nature without affecting its ability to be useful for innovative purposes. Using proxy variables to convey the same kind of intelligence without compromising personal or sensitive information is a standard in the industry. It should be taken into account when theorizing regulatory efforts.
Another way of preventing confidential, restricted, or non-public information from being transmitted overseas is to “treat” the information so that it would be unusable for unintended purposes. This might imply pooling geolocalization data together to avoid it being used to track a specific person or even taking a single data point away from the transmission, making it impossible to use it for nefarious purposes. These treatments for sensitive information should become standard practice to convey trust to the whole ecosystem.
Data and its collection are integral to most technological processes, and the correct collection and usage are necessary to foster innovation. While some data has a sensitive nature, there are many avenues that companies and governments can explore to use this information without compromising national security or privacy concerns. Weaving the issue of security as a banner to hinder the free flow of data and incur protectionist attitudes could be substantially detrimental to the development of better and more capable technologies for the future.
* Guillermo Alfaro studied International Relations and Political Science at ITAM, where he specialized in research on AI and global tech governance. He was a member of the first cohort of the Cyber Policy Dialog for the Americas, organized in conjunction with Stanford University (2024), and has fostered debate around these topics by organizing academic events in Mexico. Guillermo is deeply committed to positioning the Global South at the forefront of discussions regarding AI and technology.
Source: We Are Innovation