TuSimple Sent Sensitive Self-Driving Truck Data to China Despite US Agreement

In a striking revelation, self-driving truck startup TuSimple, now rebranded as CreateAI, transferred a trove of sensitive autonomous vehicle data to a Beijing-owned company despite committing to U.S. national security agreements. This data essentially served as the blueprint for an American-made autonomous vehicle system, raising serious concerns about the effectiveness of current safeguards designed to protect critical technology.

The transfers occurred around February 2022, just a week after TuSimple signed an agreement with U.S. regulators requiring the company to separate its business and technology from China-based employees and partners through firewalls and governance controls. Despite these measures, data sharing continued up until the six-month compliance deadline.

A subsequent investigation by the Committee on Foreign Investment in the U.S. (CFIUS) found that while the data sharing didn’t technically violate the agreement, TuSimple was fined for other infractions and paid a $6 million settlement without admitting fault. This episode highlights the challenges regulators face in enforcing national security protections amid complex international business relationships.

TuSimple’s internal struggles and federal investigations into its China ties culminated in the company’s decision to exit U.S. operations and voluntarily delist from the stock market in January 2024. The company aimed to restart self-driving operations in China, but regulatory restrictions on transferring assets to China made this nearly impossible.

Adding complexity, TuSimple’s employees reportedly worked for Hydron, a Chinese hydrogen trucking startup founded by one of TuSimple’s co-founders, sharing confidential information and office space. Hydron’s partnership with Foton, a Chinese truck manufacturer linked to the military, further entwined TuSimple’s technology with Chinese entities.

Through emails, Slack messages, and video calls, TuSimple provided detailed technical instructions on server dimensions, brake designs, sensors, steering, power supply, and chips to its Chinese partners. Employees also downloaded autonomy source code developed by their American counterparts, underscoring the depth of data sharing.

This saga serves as a cautionary tale amid rising geopolitical tensions and intensifying competition between the U.S. and China in advanced technology sectors. It has spurred a shift in U.S. policy toward stricter rules on Chinese-linked tech deals and a broader push to block high-risk transactions outright.

TuSimple’s story illustrates the complex challenges tech companies face when balancing innovation, international collaboration, and national security. It raises critical questions about how to effectively safeguard sensitive technology in an increasingly interconnected world.