And then there is Chapter 93J of the Massachusetts general law. Back in 2012, the state voted 87 percent in favor of a right-to-repair law that would establish new requirements for auto makers: A car’s physical, onboard diagnostics port would have to use a nonproprietary standard, making mechanical information more accessible, which meant people would no longer be forced to go to dealerships to diagnose car problems. It was the first law of its kind in the US and was seen as a win for consumers and independent repair shops.
(When I asked sources for this story how Massachusetts became the vanguard state for repair reform, I heard a wide range of responses. Some suggested the state’s penchant for progressivism and consumer protections played a factor, while others cited constituents’ close-knit relationships with auto shop owners. Roberts gave a simpler explanation: “Because Massachusetts is awesome.”)
A lot of manufacturers aren’t keen on the idea of people having the tools and guides to crack open their smartphones or fix their own cars. There’s big business in requiring consumers to send their products back to the original manufacturer, who may charge a fee to fix a product in a way that only it knows how. And manufacturers often insist that there are inherent security and safety risks in designing products to be more open and fixable.
Batteries do catch fire. Jeeps can be hacked. The question isn’t whether these things are technically possible. It’s how overblown they are. How do you measure the risk of expanding what security experts call the “attack surface” against the idea that once a person purchases a product they should have ownership over repairs—and the information that flows in and out of that product? As cars have become computers on wheels, the information that they collect has become more extensive and more sophisticated. Question 1 on the 2020 ballot is an attempt to keep up with the digital times.
When Massachusetts’ right-to-repair initiative was signed into law in 2013, cars that transmitted mechanical information wirelessly were exempt. Now, seven years later, an estimated 90 percent of new cars are being built with telematics systems, which the proposed amendment defines as any system that “collects information generated by the operation of the vehicle” and transmits it wirelessly to a remote server. Broadly, this encompasses data about mileage and driving habits, but it can get unnervingly specific; US wireless provider Verizon says telematics can include “location, speed, idling time, harsh acceleration or braking, fuel consumption, vehicle faults, and more.”
If a majority of Massachusetts residents vote Yes on Question 1 this fall, carmakers would have to install standardized, open data-sharing platforms on any cars with telematics systems starting with model year 2022. “Owners of motor vehicles with telematics systems would get access to mechanical data through a mobile device application,” the ballot summary reads.
Aaron Lowe, senior vice president of the Auto Care Association, which represents auto parts suppliers and supports Question 1, emphasized that the ballot question is focused on mechanical data. “It does not go into the reams of data that the car can transmit to the manufacturer. The only data we’re discussing or interested in is the mechanical data that would be assisting an independent repair shop on diagnosing or repairing that vehicle,” Lowe told WIRED.
But even those in support of Question 1 have said it lacks important technical details, like defining explicitly what “mechanical data” means. And opponents of the initiative bristle at the idea that automakers would have less control over their in-car systems. “It’s specifically excluding automakers from protecting their own systems, and as a result it’s creating huge amounts of risk,” says Conor Yunits, a spokesperson for the Coalition for Safe and Secure Data. “It’s opening a gateway into vehicle systems wirelessly that can be exploited by anyone with malicious intent.”
After Question 1 landed on the ballot this year, the Coalition for Safe and Secure data sprang into action. The group is backed by major car brands—GM, Ford, Honda, BMW, Subaru, Nissan, VW/Audi, and others. The coalition released an ad showing a woman being stalked as she approached her car in a dark parking garage. It included a strong “Vote NO on 1” message. “Domestic violence advocates say a sexual predator could use the data to stalk their victims,” the narrator read. Another ad from the coalition was the video that came across Roberts’ desk in late July, depicting a man entering a home by wirelessly opening the garage door. (Vice criticized the ads in a report this summer; the videos have since been listed as private on YouTube.)