The Biden administration to car companies: ignore the right-to-repair law, it’s a safety risk

A hot potato: If there’s one area that’s a real hot-button topic, it’s the right-to-repair movement, especially in Massachusetts, where the Biden administration has told car manufacturers not to comply with a state law that allows independent repair shops and owners the ability to service and fix their own vehicles.

The National Highway Traffic Safety Administration (NHTSA) wrote in a letter (via Vice) that it has significant safety concerns with a Massachusetts law titled Chapter 93K, aka the Data Access Law.

Signed by NHTSA assistant chief counsel Kerry Kolodziej, the letter is addressed to the chief counsel of 22 auto manufacturers, including Ford, GM, Hyundai, BMW, Kia, Toyota, and Honda. It states that the right-to-repair law conflicts with the Safety Act.

The NHTSA’s main objection is with the Data Access Law allowing access to a vehicle’s telematics, used to send commands wirelessly. The agency says this could allow manipulation of systems on a vehicle, including critical functions such as steering, acceleration, and braking, as well as equipment such as airbags and electronic stability control. It claims that a malicious actor in the US or abroad could utilize this access to hijack multiple vehicles concurrently, possibly causing crashes, injuries, or deaths.

Back in 2020, Massachusetts voters approved an amendment (by 75%) to a right-to-repair law passed in 2013 that required automakers to make parts and diagnostic tools available to independent auto shops and car owners. The amendment, which took into account the number of cars that require wireless diagnostic tools, allows vehicle owners and independent mechanics to access vehicle data for repairs by opening up telematics, starting with vehicle model year 2022.

Vehicle manufacturers protested the law and the Alliance for Automotive Innovation sued Massachusetts in 2021 to try and stop it. The NHTSA said in a testimony that it supported the car companies, and that the amendment could increase the risk of cybersecurity attacks and threaten public safety.

“Given the serious safety risks posed by the Data Access Law, taking action to open remote access to vehicles’ telematics units in accordance with that law, which requires communication pathways to vehicle control systems, would conflict with your obligations under the [National Highway Traffic] Safety Act,” Kolodziej wrote in the letter.

Vice notes that the Biden administration has repeatedly said it supports consumer rights such as the right to repair, while the FTC said it was unable to prove that allowing repair access to a vehicle made it less safe, a conclusion that cybersecurity experts agree with.