In a recent ruling, the National Highway Traffic Safety Administration (NHTSA) has instructed auto manufacturers to ignore a 2020 Massachusetts right to repair statute that allows third-party repair facilities and owners access to vehicle data that automakers claim is proprietary to themselves and dealers only. In a letter to manufacturers obtained by Reuters, federal regulators argue that bad actors could “utilize such open access to remotely command vehicles to operate dangerously, including attacking multiple vehicles concurrently.”
The law derives from a ballot initiative overwhelmingly approved by voters in 2020. The Alliance for Automotive Innovation, an industry association with over 40 members, including Toyota, Samsung, Ford, Stellantis, and many other OEMs and OE equipment suppliers, has been actively engaged in lawsuits in federal court challenging the Commonwealth statute for a number of years. This ruling from the NHTSA will undoubtedly bolster their case. It’s not entirely clear how the directive will play out in a legal sense, as there is currently no specific federal code that supersedes the Massachusetts law, but the NHTSA does have wide power over vehicle safety, which the agency’s ruling targets directly. This could have spin-off effects in many other states with similar laws, including Colorado, Florida, Texas, and Montana. Mainers are also pushing a vehicle data access initiative.
The “right to repair” movement first gained significant traction when tractor manufacturer John Deere locked out farmers and others working in agriculture from key data- and electronically-based service and repair procedures in their machinery. With a limited dealer network, wait times for service spiraled out of control, and eventually, the company acquiesced to allow limited access. Lawmakers and advocacy groups responded with bills and ballot initiatives that sought to push for more open data sharing across not only the agricultural sector but into passenger cars and light trucks as well.
What does this mean for the overlander? Increasingly, new vehicles are not just sold for transportation but are also data-generation and data-collection machines that represent significant income streams for both OEMs and the service departments at dealers. The security question that the NHTSA ruling addresses is an important one. With so many onboard services linked to new cars via over-the-air networks, there is a significant risk if security measures that protect them are exposed to a wider field of view. Subaru and Kia stopped equipping data- and security-sensitive features in their new cars in Massachusetts in 2021 in response to its right to repair statute. Broken down in a remote location? Need to fix a small issue or a large one? That could be a challenge if automakers continue to link both basic service procedures and major repairs to data-sensitive systems in their vehicles and you’re nowhere near a dealer.
Our No Compromise Clause: We carefully screen all contributors to ensure they are independent and impartial. We never have and never will accept advertorial, and we do not allow advertising to influence our product or destination reviews.