In 2012, Massachusetts voters became the first to bring the concept into the modern age by requiring automakers to add an onboard port that allowed anyone with a cheap tool to access a car’s data. The law led to a nationwide agreement, where automakers guaranteed independent repairers and owners would have access to the tools and software given to their own franchised dealerships.
But since then, the auto business has shifted online, and almost every new car these days comes with a telematics system that collects data on its operation—including how fast it’s moving, where it’s going, how hard its driver is braking, and whether everything in the car is working correctly. This data can be transmitted wirelessly, and some automakers no longer build the onboard port into their vehicles, arguing they don’t need it anymore.
Owners and repair shops worry that the auto industry will use such advances to cut off access to the information needed to diagnose and fix vehicles, instead directing repair business to their own franchise dealerships. In Massachusetts, 75 percent of voters decided that the new technology, and the potential loopholes it created, called for a new law and passed the ballot measure approving the updated right to repair.
“Everything that your car does—all of the data it generates and all of the functions it has after you buy it—that belongs to you,” says Nathan Proctor, who heads up the Right to Repair campaign at the US Public Interest Research Group, an advocacy organization. “Automakers should not get to tether you to their services.” He called the ongoing fight in Massachusetts “very frustrating.”
But the auto industry—and now, the US Department of Transportation—has said it believes giving wider access to car data is actually dangerous. In the lawsuit filed by the Alliance for Automotive Innovation in 2020, the industry argued that the Massachusetts law required them to create an open data platform too quickly, creating security risks.
Josh Siegel, an assistant professor of engineering at Michigan State University who studies connected-car security, says the automakers might be right—to a point. The Massachusetts law gave the industry about a year to build an open data platform, likely not enough time to create a safe system. “Open telemetry systems that are slapped together can allow unauthorized access and control,” he says.
But the federal government’s current stance argues that open systems aren’t just dangerous if they’re badly built. It argues they’re inherently dangerous—and Siegel doesn’t think that’s true. He says it is possible for everyone—right-to-repair advocates, vehicle safety and cybersecurity experts, manufacturers—to get together to build a data-sharing system. One standard, created for the entire US and not just one state, should be “designed with the public and manufacturers’ needs in mind and with care and attention paid to security from the start,” he says.
Beyond the legal and policy wranglings, the conflict between the state, the auto industry, and the federal government has had strange practical fallout in Massachusetts. In 2021, Kia and Subaru decided to cut off access to their telematics systems for new car buyers living in the state. The carmakers said they made the move to avoid breaking the law: They argued that because the open data platform the law required didn’t yet exist, the only way to comply was to limit access to their telematics systems altogether.
As a result, Massachusetts car buyers investing in the latest and greatest aren’t able to access Subaru’s Starlink service, including emergency roadside assistance and remote start, or Kia Connect, which includes stolen vehicle recovery and remote climate control.
The situation has frustrated state Subaru and Kia owners—and doesn’t look set to change soon. This week’s NHTSA letter cautioned automakers not to go the Subaru and Kia route and disable their telematics systems in Massachusetts, citing safety features that “could facilitate better emergency response in the event of a vehicle crash.” But in a statement, Subaru spokesperson Dominick Infante says the automaker wasn’t changing its stance. “Compliance with the Massachusetts Data Law is impossible for any automaker,” he says. “Subaru stands by its commitment to consumer choice when it comes to repairing vehicles.”
A Kia spokesperson declined to comment and referred WIRED to its trade group, the Alliance for Automotive Innovation, which in turn declined to comment on ongoing litigation. Now everyone will wait for the Massachusetts judge to have the last say on the law approved by state voters—and the future of automotive repair in Massachusetts, the US, and beyond.
Read the full article here