Discover more from Paying the Piper
Right to Repair: Privacy is a Red Herring
Automotive industry lobbyists pour money into failed campaign opposing Massachusetts antitrust ballot measure
One of the cascading consequences of the financialization of U.S. voting cycles (and one which may be a pet peeve of mine alone) is the number of catchy names claimed in bad faith by short lived industry lobbying firms; names which might otherwise have been adopted by ostensibly progressive organizations.
Enter the Coalition for Safe and Secure Data (I’ll refer to them as CSSD for brevity, but they were not operational for long enough to adopt an abbreviation). I learned about them when I was reading the ballot measure leaflet that Massachusetts sends to residents, in which advocates for and against each ballot question are given 150 words to sway voters toward taking their position. CSSD advocated for the ‘no’ position to Question #1 on the 2020 Massachusetts voters’ ballot.
Question #1 concerned the Right to Repair, a consumer protection measure defined by Consumer Reports as expanding access to the information and tools necessary for consumers and independent shops to make automotive repairs, so that consumers are not captive to the original manufacturer for aftermarket repairs. By preventing vehicle manufacturers from forcing consumers to return exclusively to the original manufacturer for all repairs, Right to Repair laws help to decrease wait times for repairs, remove barriers to technical innovation, and prevent manufacturers from setting any repair cost they choose.
The Right to Repair Connected Devices
If you’ve bought, leased, or driven a car manufactured in the past decade, there’s a good chance you’ve encountered one of the myriad ‘smart’ driver assistance capabilities included in modern vehicles by default. If not, never fear—by 2023, about a quarter of all passenger cars in use worldwide will be connected to the web in some fashion, according to a 2019 report by Capgemini.
Perhaps I’ve led you to think that this initiative’s purpose was to curtail the privacy and cybersecurity weak points that this could introduce. Not quite—this initiative takes as a given the proliferation of connectivity in consumer devices, vehicles included, and forestalls the resulting ability of manufacturers to use this ‘connectedness’ to set up new barriers to entry for third party repairers.
Whether we like it or not, it’s hard to buy a new Ford without Sync, BMW without ConnectedDrive, Honda without HondaLink, etc. And where there’s a connected device, there’s data being captured—driver data is already being collected at a rate of 25 gigabytes per hour according to some estimates. Suffice to say that to whatever extent this data collection is a violation of one’s privacy—legally or ethically—it is already being collected.
Meanwhile, the computerization of present day and future vehicles extends well under the hood; beyond infotainment centers or driver assist functionalities. Like a hatchling turtle’s instinct to get to water, this connectedness invariably evolves into—and is exploited as—a new revenue stream for the manufacturer. Manufacturers can then determine, by their own arbitrary standards, which mechanics are entitled to access a vehicle’s diagnostic data necessary for repairs (viz. Tesla-Approved Body Shop Network).
Right to Repair in Massachusetts
Massachusetts already passed a ‘Right to Repair’ law in 2012, which restricted manufacturers’ ability to close off access to a car’s on-board diagnostics port, the source of the vehicle’s operational data that is necessary for routine repairs. Building upon this, 2020’s Right to Repair ballot question sought to expand that scope to include the vehicle’s wireless data.
Freedom to Tinker
In the absence of adequate anticompetitive regulations, incumbent market leaders embargo new entrants through patent law, copyrighting, and tort reform. Established manufacturers can also sever the means for adversarial interoperability, the technical term for a tool or service that works with an existing tool or service—without permission from the existing tool's maker, as often reported on by Cory Doctorow of the Electronic Frontier Foundation. Anywhere regulation isn’t, the dominant technology vendor sets up tolls. Interoperability is placed behind a paywall.
Restricting a software’s interoperability means that other tools may only build off of or alongside the dominant software if the dominant vendor has a financial interest in them doing so. It is not a concern borne from mere speculation. Rather, this practice is the prudent and instinctual software design pattern of the dominant vendors, and thus an inevitability without regulation.
Consider the example of Lexmark, a printer manufacturer that pioneered the business model in which owners of Lexmark printers were only able to use Lexmark’s own ink and toner refills. Lexmark printers enforced the authenticity of ink cartridges based upon microchips they built into their cartridges. Unless the printer could verify the authenticity of the chip, the cartridge would be disabled.
Another company, Static Control, was able to build their own chip which mimicked the behavior of the authentic Lexmark chip. Static Control marketed this chip to third party ink cartridge remanufacturers, leading Lexmark to file a copyright infringement lawsuit. That case followed a winding path to a 2014 Supreme Court decision against Lexmark, favoring Static Control’s counter-claim.
In comparison to the Right to Repair ballot measure, automotive manufacturers are not even fighting to retain an already-implemented revenue stream, as was the case for Lexmark and their two-tiered printer/toner captive consumer trap. They are not advocating to retain control over who can—legally or technically—repair their vehicles post-purchase, so much as they are protecting their right to assume this control once the means to do so—technically and logistically—become available.
Here though, the vehicle manufacturers’ proxy, CSSD, portrayed their shared interest in the ballot measure as a benevolent concern for the privacy of their drivers’ data.
A Fair-Weather Coalition
Although they gave up fighting for privacy rights after losing on November 3rd, the Coalition for Safe and Secure Data wielded a considerable purse for its 13 month existence. A colorful roster of almost exclusively multi-national vehicle manufacturers raised over $26 million fighting the ballot measure.
CSSD’s application to the Massachusetts Office of Campaign and Political Finance described the committee’s purpose as wholly related to the issue of allowing third party access to vehicle data:
These answers were apparently suitable enough to pass the scrutiny of Massachusetts’ campaign disclosure laws, which stipulate that:
(a) Every political committee, other than a political party committee or a candidate's committee, shall name and identify itself in its organizational statement pursuant to section five by using a name or phrase that:
clearly identifies the economic or other special interest, if identifiable, of a majority of its contributors…
CSSD flouted this regulation by framing the shared special interest of its contributors as ‘data privacy.’ It may shock you to learn that the manufacturers’ advocacy for this issue does not extend to their respective business practices when it comes to how they themselves use your data.
Nissan, for example, gave $2.4 million to CSSD, yet requires a driver to call a customer service hotline if they would like to request that their vehicle’s telematics data (location history, driving routes, schedules, etc) not be collected, owned, and sold forevermore by Nissan. Their requests will be processed in a few business days, and will result in the discontinuation of some of the vehicle’s functionality.
Masquerading as concern for the protection of consumers from “hackers, criminals and an unlimited number of strangers,” CSSD’s Willie Horton-esque fear mongering was not motivated by a desire to keep a driver’s data under said driver’s control. It was motivated by a desire to keep it under the manufacturers’.