POD! On YIMBY Pod this week, we dig into another example of BBC local journalism having a weird NIMBY bias, in this case against the new Universal Theme Park. Then I speak to Dan Mead from ThinkLabour, about the case against nationalising Thames Water. Listen here, or wherever you get your pods!

I’m on holiday for the next few weeks but worry not, I have recruited a few of my smartest friends to write guest posts! This week’s is from Tym Syrytczyk from a new think tank, the Institute for Driverless Transport. Tym also writes his own fantastic Substack at Self Driving Insights, so make sure to subscribe if you want to understand the brave new, autonomous world that we’re heading into.

Last month, the first of a new fleet of robotaxis arrived in London. The cars are made by Apollo Go, an autonomous vehicle company owned by Chinese tech-giant Baidu. It’s the third company with Robotaxi ambitions in Britain, following Google-owned Waymo, and British ‘unicorn’ Wayve, both of which have begun testing in the capital in recent months.

What makes Apollo Go different is that it means for the first time, Londoners could one day soon find themselves hailing a ride in a vehicle designed, built, and driven by software that’s entirely made in China.

This is, unsurprisingly, controversial, because though China is a key trade partner for Britain, it is also a strategic adversary. So it seems sensible to ask the questions: Should we worry? Are there any risks here? And if there are, how can we mitigate them?

The Chinese threat

So why does it matter that these robotaxis are Chinese? One reason for concern is that last year, the Norwegian transport agency, Ruter, found remote-access kill-switches buried inside its own Chinese-made buses.

Arguably, this is not a reason to worry. It is standard practice for manufacturers to update the software in modern vehicles remotely. ‘Over-The-Air’ updates are common for cybersecurity patches and are widespread for autonomous vehicles and robotaxis.

But in this case, a Romanian eSIM was discovered on the buses that could conceivably switch off the power supply – a capability that’s hard to justify for normal vehicle maintenance. That’s why Ruter claims that the buses could conceivably have been stopped remotely if a command were to be sent by the manufacturer.

So the worry is the same vulnerability could exist in Chinese-made autonomous vehicles here in Britain.1

And though there is no evidence of any foul play on the part of Apollo Go or other Chinese operators in the UK, there are more circumstantial reasons this should, in principle, concern us. For example, China’s 2017 national intelligence law requires Chinese organisations and citizens to support state intelligence work when required – conceivably obliging Chinese companies to follow the Chinese government’s orders.

So this essentially elevates the risk. The more deeply Chinese firms are embedded into Britain’s transport infrastructure, the greater the potential for Chinese national security operations to make use of this infrastructure against us, if tensions between China and the west were to rise.

National security

The security risks also go well beyond simply powering down buses or robotaxis. Autonomous vehicles, if misused, can create both new surveillance and physical security risks.

For example, Robotaxis are designed to track human motion. They can scan hundreds of pedestrians and vehicles around them. This makes them potentially useful as mobile surveillance or for the extended tracking of specific individuals. One does not even have to use the robotaxi service to conceivably be tracked, as autonomous vehicles scan public roads. They could even be routed to prioritise surveilling key buildings, to keep watch on who goes in and out.

Then there’s also a direct physical security risk.

Many autonomous vehicle companies, though not all, have remote control features as part of their services. In Apollo Go’s case, a single remote operator reportedly has access to multiple vehicles. In principle, the intended uses are uncontroversial, such as making way for emergency vehicles or helping Apollo’s vehicles not get stuck. But this same remote control capability could also conceivably be used with bad intentions that can be easily imagined, from terrorist attacks to simply blocking traffic.

But this is not the only risk. The bigger problem is that autonomous driving behaviour is largely determined by shared software deployed across the fleet, perhaps with local modifications for particular cities.

This means a single bug, flawed update, or a cyber attack can make many vehicles behave in the same risky way at the same time, potentially creating chaos.

In fact, we’ve seen this happen already. Earlier this year in Wuhan, hundreds of Apollo Go robotaxis stopped suddenly, including in live traffic, during what was described as a cybersecurity incident.

So even if Apollo Go stores all service data in the UK as the company has promised, that alone should not be enough to reassure regulators. Instead the more important question is whether the UK can trust the company operating the fleet, and the company controlling the autonomy software, to both defend their fleet from cyber attacks, and to never to misuse that access themselves.

The counterargument

This all sounds pretty scary, but there is a plausible counter-argument: that Britain already uses plenty of Chinese technology. Pretty much every piece of modern tech is manufactured in China – the device you’re reading this on now was probably made in China.

But once again, this comes back to ownership and perceptions of risk. We already have millions of Chinese-manufactured iPhones in the UK, all with cameras and Face ID features. However, a camera manufactured in China alone does not necessarily create large-scale surveillance risk. In this case, the product owner, Apple, and its manufacturing partner, Foxconn, are trusted actors. And though iPhones are assembled in China, the operating system, data governance and product control sit with Apple, an American company.

That’s why policymakers care more about TikTok, in which a Chinese company owns the data going through the app, rather than the phones themselves.

And this brings us to perhaps the best analogy for the Chinese autonomous car situation – the case of Huawei, the Chinese company that makes much of the phone network infrastructure that makes 5G possible.

For the initial 5G rollout, Huawei’s equipment was used in UK phone networks, potentially giving the company (and therefore the Chinese government) a direct window into the mobile traffic of millions of British people.

But in 2020, the government ordered that Huawei’s equipment be ripped out and replaced, to limit the perceived risks. Arguably there is a case for doing the same with Chinese-owned robotaxis – and some important players are indeed taking this seriously.

For example, some parts of the Ministry of Defence consider Chinese-made electric vehicles to be a surveillance risk, and although there is no central national-level policy restricting Chinese vehicles on MOD land, some military officials have banned personnel from connecting their phones to Chinese vehicles or having conversations above ‘Official’ classification in Chinese cars.

Hiding behind brands

London is not the first place to face this dilemma. Back in March, the first robotaxi service in Europe began operating in Zagreb, Croatia. Another Chinese firm, Pony.AI, is supplying both the car, and the self driving software – but in this case, the service is operated by Verne, a Croatian company within the Rimac Group, even though there is little Croatian technology involved. So effectively, what Verne has done is ‘scrub' the national identity of Zagreb’s autonomous deployment with its own branding.

And this has created some ambiguity. Publicly available information does not make clear how much control Verne actually has over its vehicles, or the extent to which Pony.ai retains access to the robotaxis. It is also unclear how much scrutiny Verne placed on Pony.ai’s vehicle supply chain as the whole service announcement and deployment was likely to have been rushed to meet a EU grant deadline.

But for the companies involved, it’s a win-win. Verne has branded the service as its own, and Pony.ai is happy to successfully partner with a European firm, as it enables future market share in Europe. But what it ultimately means is that to the public and many regulators, the service may look Croatian, even if the underlying technology is Chinese.

And why this matters to us is that a similar dynamic is emerging in London through Uber and Lyft’s role in Apollo Go’s deployment, as the ‘country of origin scrubbing’ is happening here.

This is because there won’t be ‘Apollo Go’ robotaxis on the streets of London, like there will be for Waymo. Instead, they will be made available through Uber and Lyft’s ride-hailing platforms. So even if a Chinese company controls the cars under the hood – for most of users, it will appear as though the vehicles are operated by familiar American companies.

The Swiss example

The choice for politicians then, is complicated. It’s a difficult trade-off between embracing new technology and managing the risk posed by a strategic rival.

But there could also be a third way, where we get the best of both worlds, and that’s the approach taken in Switzerland.

Over there, the Swiss public transport operator, PostAuto AG, has signed a deal with Baidu to provide a robotaxi and ride-pooling service from 2027. The cars and the technology are exactly the same as Apollo Go’s proposed London service. However, what’s different is that PostAuto will be forced to comply with strict requirements on operations, for instance ensuring that all remote operators are based in Switzerland and have a Swiss driving licence. PostAuto also owns the vehicles, has full operational control, and has the ability to dismantle them to check for kill-switches if it wishes to do so. The Swiss firm also retains full ownership over the data that’s collected by the vehicles.

This focus on trusted ownership could lead to a more secure service. The Norwegian transport operator owned the buses which allowed for the kill-switch discovery. By analogy, this is also why the US has pushed for American ownership of TikTok on security and oversight grounds.

So could we do the same in Britain too?

On the surface Apollo Go’s British deal may already look like the Swiss model. Rather than operating the service itself, evidence suggests that it has handed that role to Lyft and possibly Uber. So the similarities are there, a trusted Western firm owns the fleet, and Apollo Go supplies the technology.

But there are crucial differences too: PostAuto is a public transport operator with full operational control and a clear mandate to serve Swiss citizens. Lyft and Uber are commercial firms whose primary incentive is growth. The details of Apollo Go’s partnership with Uber remain opaque, but the Lyft press release is revealing. The announcement states that Apollo Go’s role will be to provide vehicles, validate the technology and provide “comprehensive technical support”. Unlike in the PostAuto deployment, Apollo Go’s control over the autonomy software is not explicitly ruled out.

So it remains publicly unclear how much control either firm will have over the software, such as which firm can send an over-the-air update.

A question of risk

In practice, the extent to which Chinese firms contribute to British autonomous vehicle services should depend on the scale of the risk, the strength of oversight, and the degree of operational control held in the UK or by trusted partners.

Right now, Waymo has a hundred vehicles in London, and Apollo Go could scale beyond that size in less than a year. As robotaxi services grow they will inevitably become critical national infrastructure. So now is the time to work out our approach – so that one day in the future, when robotaxis are carrying thousands of people every day, we’re not forced to do an awkward Huawei-style U-turn.

With thanks to Otto for an early reading of this draft and James H for later review.