A newly obtained federal government document is warning that data collected by advanced connected vehicles could carry intelligence value for foreign adversaries, raising fresh concerns about privacy, cybersecurity, and national security as Canada prepares to allow more Chinese-made electric vehicles into the market.
The internal Public Safety Canada memo says connected vehicles, much like smartphones, smart cameras, drones, and other internet-connected devices, can collect large amounts of personal and location-based information about Canadians.
If that data falls into the wrong hands, officials warn it could potentially be used to track individuals, establish patterns of daily life, or conduct surveillance around sensitive locations.
The warning comes after Canada agreed earlier this year to reduce its tariff on Chinese-made electric vehicles from 100 per cent to 6.1 per cent under an annual cap of 49,000 vehicles. In exchange, China agreed to lower tariffs on some Canadian agricultural products.
The memo acknowledges that Canada must expand its economy and diversify trade relationships in a changing geopolitical environment. However, it also cautions that opening Canadian markets to new players can increase exposure to high-risk vendors.
“Connected vehicles, similar to other smart or internet-connected devices, collect significant amounts of data on Canadians, which can have intelligence value,” the memo states.
Officials specifically warn that unauthorized access to connected vehicle systems could allow hostile actors to identify movement patterns or monitor sensitive sites.
The document also raises concerns about foreign laws that can compel companies to share data with their home governments or police agencies. It notes that countries such as China have national security laws that could require manufacturers or suppliers to provide information to state authorities.
According to the memo, risks increase when Canadian data collected by vehicles is sent to, stored in, or routed through foreign jurisdictions with weaker or more permissive data-management rules.
While vehicles manufactured in China and sold in Canada must meet the same safety standards as vehicles from other countries under Canada’s Motor Vehicle Safety Act, the document says connected vehicle technology creates growing security threats that may require additional federal tools.
The memo points to risks not only in the vehicles themselves, but also across the broader supply chain, including software systems, sensors, wireless communications, and digital cloud infrastructure supporting connected cars.
Federal officials also warn that emerging technologies such as artificial intelligence are increasingly being built into vehicles and other connected devices, making possible cyber threats more powerful and far-reaching.
If such technologies are introduced without strong security protections throughout their life cycle, Canada could become more vulnerable to cyberattacks, data exploitation, and foreign surveillance.
The document says foreign ownership or control of infrastructure supporting connected devices, including cloud platforms, can create additional privacy and cybersecurity risks.
Public Safety Canada says Canadians must also think carefully about the cybersecurity, privacy implications, and trustworthiness of the devices they buy and use.
The memo does not focus only on Chinese-made vehicles. It notes that similar risks can exist with a wide range of connected technologies, including mobile phones, networking equipment, video cameras, drones, and other smart devices.
However, the timing of the document is significant because of Canada’s evolving trade relationship with China and the decision to ease restrictions on Chinese electric vehicles as part of a broader effort to rebuild economic ties.
Public Safety officials say Canada’s security and intelligence community continues to assess threats and provide advice, including warnings about certain high-risk vendors.
Transport Canada has also been working with manufacturers, other governments, and international partners to develop cybersecurity guidance and best practices for the automotive industry.
The department published vehicle cybersecurity guidance in 2020 and continues to work through international forums, including the United Nations Economic Commission for Europe, on global standards for automated driving systems and vehicle security.
The issue highlights a growing challenge for governments worldwide as cars become more like computers on wheels.
Modern electric and connected vehicles can collect information through cameras, microphones, GPS systems, driver-assistance tools, mobile apps, vehicle diagnostics, and internet-connected services.
That information can improve safety, navigation, maintenance, and convenience, but it can also raise serious concerns if poorly protected or accessed by governments, companies, hackers, or other bad actors.
As Canada seeks to balance trade expansion with national security, the federal memo makes clear that the future of transportation will involve more than roads, batteries, and charging stations.
It will also require stronger privacy protections, cybersecurity rules, supply-chain safeguards, and public awareness about how much data connected vehicles collect — and who may ultimately have access to it.