The right-to-repair movement has suffered a setback in Massachusetts this week. The Biden administration told car manufacturers not to comply with a state law that would allow independent auto shops and car owners the ability to fix their own vehicles.
Vice first reported that the major concern the Biden administration’s National Highway Traffic Safety Administration has with the law, which is colloquially titled the Data Access Law, is hacking. To express these concerns, Kerry Kolodziej, from assistant chief counsel at the NHTSA, authored a letter (dated yesterday) to the chief counsel of nearly two dozen major automotive manufacturers including BMW, Ferrari, Ford, and Hyundai. Kolodziej argues in the letter that since the law grants open access to a car’s telematics—which are used to wirelessly send commands to cars—a “malicious actor here or abroad” could remotely command a car. The outcomes, the NHSTA says, could be vehicle crashes, passenger injuries, or death.
“Open access to vehicle manufacturers’ telematics offerings with the ability to remotely send commands allows for manipulation of systems on a vehicle, including safety-critical functions such as steering, acceleration, or braking, as well as equipment required by Federal Motor Vehicle Safety Standards (FMVSS) such as air bags and electronic stability control,” Kolodziej wrote in the letter.
According to The Boston Globe, the Data Access Law, which is more formally known as Chapter 93K, was enacted after Massachusetts residents voted in favor of the law on a 2020 ballot. Massachusetts Attorney General Andrea Campbell announced in March that the law would move forward, with enforcement beginning June 1 of this year. For some time, the law was stuck in the District Court of Massachusetts after the Alliance for Automotive Innovation filed a lawsuit to stop it. The letter also vaguely reminds these car manufacturers of their commitment to vehicle and passenger safety under the National Highway Traffic Safety Act—essentially instructing them to ignore Chapter 93K.
“Given the serious safety risks posed by the Data Access Law, taking action to open remote access to vehicles’ telematics units in accordance with that law, which requires communication pathways to vehicle control systems, would conflict with your obligations under the [National Highway Traffic] Safety Act,” Kolodziej wrote.
Likely to the chagrin of NHSTA, however, sometimes hacking can actually help repair vehicles. A hacker last August demonstrated a way to jailbreak John Deere tractors that can reveal over 1.5 gigabytes of logs that dealers could use to assess problems with the tractor—logs that a layman would never even be able to see. Just a few months later in April, Colorado farmers won a landmark deal with John Deere, which would require the agricultural hardware manufacturer to provide farmers in the state with manuals for its proprietary software and repair tools.
More from Gizmodo