fb-pixel Skip to main content

Federal agency raises concerns about Mass. right-to-repair ballot question

The National Highway Traffic Safety Administration is warning of cyber threats

In Massachusetts, so-called right-to-repair legislation has been debated since at least 2012.David L. Ryan/Globe Staff/David L Ryan, Globe Staff

Car manufacturers have found a formidable ally in their fight against the new “right to repair” ballot question in Massachusetts: the federal government.

A top official at the National Highway Traffic Safety Administration sent a detailed letter to the cochairmen of the Legislature’s consumer protection committee this week, raising concerns about the ballot question and its potentially adverse effects on public safety.

At issue is legislation that will go before voters in November that would give independent mechanics access to wirelessly transmitted information specific to particular vehicles. Opening up access to vehicle “telematics,” wrote the agency’s deputy administrator, James Owens, raises a host of cybersecurity concerns. A cyber attack on a motor vehicle, particularly one moving at high speeds, would pose an “incredible amount of danger,” Owens wrote.


The letter coincides with the launch of an advertising campaign by the industry-funded Coalition for Safe and Secure Data. Some of the federal agency’s points overlap with the coalition’s main argument: that the ballot question, financed in large part by auto-parts companies through two trade groups, would provide too much real-time access to consumers’ vehicle systems and locations, potentially exposing the data to wrongdoers.

This isn’t the first time these sides have fought, with Massachusetts as the battleground. This is actually a sequel to the first right-to-repair ballot question, passed by voters in 2012, and subsequently tweaked by the Legislature in 2013. That law required manufacturers to provide repair codes to independent repair shops. But the proponents are back at it this year, saying that an increasing amount of repair data is being handled wirelessly, via telematics systems, and would not be covered by the 2013 law.

By the time it’s over, the warring industries probably will burn through millions of dollars on the fight. It’s not clear how much has been spent so far on marketing and other expenses, though, as ballot committees don’t yet have to disclose their spending for 2020.


It’s possible some of the language from the federal agency will become fodder for the automakers’ ads. The ballot initiative, Owens wrote, requires manufacturers to redesign their vehicles in a manner that introduces cybersecurity risks. (The bill would take effect beginning with 2022 models.) Telematics systems, Owens wrote, remain of great concern to federal regulators, in part because vulnerabilities in such systems could allow “malicious actors to cause a crash or incident” or “potentially interface with multiple vehicles at a time.”

Conor Yunits, spokesman for the auto manufacturer-backed coalition, said in a statement that Question 1, as the ballot question is known, is not about who can fix your car. Rather, it’s about how many companies and people can remotely access your vehicle’s data and location, he said, and the exposure of this sensitive information to “strangers, hackers and criminals, without any safeguards.”

The Massachusetts Right to Repair committee says this is nonsense. Tommy Hickey, its director, said in a statement that NHTSA is not fully informed about Question 1. The ballot question, he said, allows only mechanical information to be shared for the purpose of repairing a car, with the owner’s permission.

“It shows the awesome power of the automakers in Washington and . . . the Trump administration that the NHTSA would weigh in erroneously about a Massachusetts consumer issue this quickly and without consulting the sponsors and its experts,” Hickey said.


Barry Steinberg, president of the Direct Tire and Auto Service group of repair shops, called issues raised in the letter “scare tactics” pushed by the manufacturers. He said many of the newest cars are wirelessly relaying repair and maintenance information back to manufacturers and their dealer networks. He said automakers oppose the ballot question, in part, to help keep the garage bays busy at their affiliated dealerships.

Steinberg said he hasn’t come across any customers with blocked telematics information, because these newer cars are covered under warranties and are probably getting fixed at dealerships instead of independent shops like his. But he expects this will become a problem for his business soon, as these warranties expire.

“It’s going to be a completely different language that we don’t have the book for,” said Steinberg, one of many repair shop owners who support Question 1. “If they don’t include us, the consumer loses.”

A NHTSA spokeswoman responded with a statement on behalf of the agency, saying the letter from Owens was in direct response to a request for information from a legislative committee — presumably the consumer protection committee.

A committee’s cochairman, Senator Paul Feeney, said he didn’t ask for the information, but he believes his cochair, Representative Tackey Chan, did. (Chan couldn’t be reach for comment.) Feeney said his committee reviewed the legislation but could not reach a consensus on the issue.


Feeney said he supported the previous right-to-repair initiative but acknowledged this debate might be more nuanced.

“It’s about protecting consumers’ rights to go where they want to go,” Feeney said, “but striking the right balance to make sure the data is safe and protected.”

Jon Chesto can be reached at jon.chesto@globe.com. Follow him on Twitter @jonchesto.