BYD publicly told Australian customers they don't collect driving data, but their own privacy policy says they collect your speed, braking, acceleration, where you go, and how far you drive. The company is directly contradicting its own written privacy statement.
critical
BYD promises 'privacy first,' but as a Chinese company they are legally required by China's intelligence law to hand over data if the Chinese government asks. Multiple governments including Australia, the UK, and the US treat Chinese connected vehicles as security threats. BYD cannot guarantee 'privacy first' while being legally compelled to cooperate with Chinese intelligence.
critical
BYD says your data stays in Australia, but the car's software has a Chinese server address (global-api.bydauto.com.cn) built into it. Security researchers found the car sends data to the cloud without encryption, and BYD can remotely update the software to change what it collects or where it sends data — all without telling you.
BYD says they never sell your data, but their car app asks for four different advertising tracking permissions. These permissions let advertising networks track you across apps and build a profile of your behaviour — the exact kind of data monetisation BYD claims not to do.
critical
BYD promises your data stays in your country, but the car's computer is programmed to connect to servers in China (global-api.bydauto.com.cn). They also share your data with Chinese companies like iFlytek and AMAP. Your driving data may be flowing to China despite promises it stays local.
critical
BYD promises to protect your data and follow European privacy law, but as a Chinese company they are legally required by China's intelligence law to hand over data if the Chinese government asks. Multiple governments — including Australia, Israel, the UK, and the US — have flagged BYD vehicles as security risks. The privacy promises may be legally unenforceable against Chinese government demands.
A BYD owner in Australia dialled his own car's SIM number and could listen to everything happening inside — conversations, music, arguments. Nothing appeared on screen. He couldn't hang up from the car. Turning off cellular didn't help. Anyone who knew that number could silently listen to your family driving to school. BYD said they'd fix it, which means it was broken the whole time every other owner drove around with an open microphone.
critical
Chinese law literally says every company must cooperate with intelligence agencies when asked. BYD is a Chinese company. Two US Senators wrote to BYD in September 2024 and asked point-blank: is the data you collect from vehicles subject to China's spy law? BYD never publicly answered. They can promise Australian drivers anything they like — but Chinese law overrides company policy, and there's no mechanism to refuse a secret request from Beijing.
high
BYD's Australian boss says no customer data goes to China. In the same breath, he confirms "diagnostic data" goes back to the manufacturer — which is in Shenzhen, China. What counts as "diagnostic"? Your GPS coordinates, driving patterns, battery usage, charging times. They drew an invisible line between "customer data" and "diagnostic data" that lets them say both things with a straight face. Meanwhile, their privacy policy lets them share with advertisers and AI developers.