We all know our phones and laptops are targets for hackers and cyber spies — but what about your car? Especially if it’s electric?
This week, i newspaper reported that some UK defence companies have told employees not to pair their phones with Chinese-made EVs. Why? Because there’s growing concern that the Chinese government could use these vehicles to snoop on sensitive data.
Wait, how could a car spy on me?
Electric vehicles (EVs) are packed with tech — we’re talking microphones, cameras, GPS, Wi-Fi, and loads of sensors. And while that makes them super advanced, it also means they could be hacked.
Rafe Pilling, a cybersecurity expert at Secureworks, says modern EVs can collect a lot of data — and potentially share it without you knowing. The systems that let your car update wirelessly (called “over-the-air” updates) could be used to send data back to manufacturers or even foreign states.
“A modern vehicle that has over the air update capabilities – which is crawling with computers, various radios, Lidar sensors and external cameras – could well be repurposed as a surveillance platform,” Pilling said.
Plus, if you plug your phone into the car (via Bluetooth or USB), you could be giving it access to your personal data like contacts, messages, and more.
Should regular drivers care?
If you’re working in government or a sensitive job — say, building fighter jets — you should definitely be cautious about what devices you connect to your car.
But even if you’re not, it's worth being aware. For example, if you're renting a car, cybersecurity expert Pilling says you should avoid syncing your phone — or at least remember to wipe your info from the system afterwards. Most people forget, and that data sticks around.
Nate Drier from Sophos adds that when you plug in your phone, you usually get a pop-up asking if you trust the car. If you say “no,” you won’t be able to use things like Spotify or messaging apps while driving. Most people hit “yes” without thinking — but that’s the trade-off.
So why are Chinese cars under the spotlight?
China makes a huge number of EVs through brands like BYD and XPeng. At the same time, its government has laws requiring companies to help with national intelligence work. That’s raised red flags for some security experts in the UK.
Alan Woodward, a cybersecurity professor, says there’s no public evidence that Chinese EVs have been used for spying — but the possibility is there, and that’s enough to make people cautious.
That said, mobile phones, smartwatches, and other wearables are still seen as more likely targets than cars.
What’s the UK government doing about it?
The Ministry of Defence says it’s actively looking into the risks, not just from Chinese-made vehicles, but all connected cars. So far, there’s no nationwide ban on Chinese EVs at government sites, but some organisations might set their own rules.
Meanwhile, brands like XPeng say they follow UK and EU data privacy laws. And the UK’s car industry group SMMT says all manufacturers must stick to privacy rules and give drivers the option to delete their data when they’re done with the car.
The Bottom Line: Your car probably isn’t spying on you — but it could be, especially if it’s loaded with smart features and comes from a country with different privacy laws. If you want to stay safe, be smart about what you connect to your vehicle, especially if it’s not yours.
