Judge Clears Massachusetts to Finally Enforce Its Right-to-Repair Law (boston.com) 67
An anonymous reader shared this report from Boston.com. On Thursday, Massachusetts Attorney general Andrea Campbell "began enforcing the state's new right-to-repair law following years of bitter debate and a wildly expensive ballot initiative that was approved by voters in 2020."
In a nutshell, the law requires automakers selling cars in the state to provide customers and independent repair businesses with access to a type of information called "telematics." The term refers to information that is first detected by a car and then transmitted wirelessly elsewhere. This information can be used to easily ascertain problems with a vehicle...
Now, new car dealers must tell buyers what kind of data is being collected by a car's telematics system and provide them with a way to access that data. It must also be accessible to independent auto repair shops. If this does not happen, car owners and repairs shops can sue carmakers either triple damages or $10,000, whichever is greater. Manufacturers must equip vehicles starting with model year 2022 with a standardized platform for telematics data that owners can access through a mobile application. Owners can then make this information available to independent repair shops and dealers...
The lawsuit has yet to be resolved, and last week carmakers asked US District Judge Douglas Woodlock to issue a temporary restraining order that would prevent Campbell from enforcing the law. In a hearing Woodlock took issue with the law, calling its goal "likely unattainable" and that its enforcement could harm carmakers, according to the Globe. But ultimately Woodlock said that he would not block enforcement.
"The people have voted on this and that's the result," he said. "I am loath to impose my own views on the initiative."
Now, new car dealers must tell buyers what kind of data is being collected by a car's telematics system and provide them with a way to access that data. It must also be accessible to independent auto repair shops. If this does not happen, car owners and repairs shops can sue carmakers either triple damages or $10,000, whichever is greater. Manufacturers must equip vehicles starting with model year 2022 with a standardized platform for telematics data that owners can access through a mobile application. Owners can then make this information available to independent repair shops and dealers...
The lawsuit has yet to be resolved, and last week carmakers asked US District Judge Douglas Woodlock to issue a temporary restraining order that would prevent Campbell from enforcing the law. In a hearing Woodlock took issue with the law, calling its goal "likely unattainable" and that its enforcement could harm carmakers, according to the Globe. But ultimately Woodlock said that he would not block enforcement.
"The people have voted on this and that's the result," he said. "I am loath to impose my own views on the initiative."
Good (Score:5, Insightful)
In a hearing Woodlock took issue with the law, calling its goal "likely unattainable" and that its enforcement could harm carmakers
Likely unattainable? Of course the automakers can provide access to the same data they collect. They have two ways to do it without making any modifications to the car. Either 1) shut down the service that collects the data, or 2) share the collected data with anyone who can prove they own or are working on the vehicle. They've all got customer portals.
And if its enforcement could harm carmakers, then they deserve to be harmed. That's our data. We deserve to not only know what it is, but also to receive it.
Re: Good (Score:1)
I know it feels like that data belongs to âoeus.â But in America, and England before it, property rights (âoeownershipâ) are determined by the state (or previously the Crown). In other words today, what âoebelongsâ to anyone is a matter of law, and property rights have been thus for 100s of years.
Re: Good (Score:5, Informative)
Nah, he just needs slashdot to stop being the last site on the internet thatâ(TM)s incapable of handling Unicode properly.
Re: Good (Score:5, Insightful)
Or Apple needs to get their shit together and not spit unicode when something simpler would work.
Re: (Score:1)
Can't we just agree that both behaviors are lame? Slashdot doesn't even do that much, you could knock out a replacement with any decent CMS in a hot second. When it was created doing it in perl was awesome, it was a really effective way to develop quickly and yet still be resource efficient (since most of the load is in the database or the network anyway.)
Meanwhile Apple decided to change how text input worked on the web without asking anyone, and without doing any kind of checks to the site to see if it wa
Re: (Score:2)
Find me one other site besides this one where it's a problem. It's a slashdot problem not an Apple problem.
Re: (Score:2, Flamebait)
Ooohh, noooo, did someone actually call out the unholy Apple? Are you triggered! I'm so sorry! ;)
Re: Good (Score:2)
/.â(TM)s headers say itâ(TM)s serving UTF-8 content. The comment submit page is a UTF-8 page. Why shouldnâ(TM)t the browser post using UTF-8?
I canâ(TM)t write my countryâ(TM)s currency symbol when posting from Firefox, FFS. Safari on the desktop lets me change the page encoding to Latin/Western Europe, which fixes that problem. Mozilla, in their infinite wisdom took away the ability to fix text encodings and so works worse than Safari!
This Unicode problem is entirely a /. bug, s
Re: (Score:2)
Whatever you say there, doesn't happen on a non-toy machine.
Re: Good (Score:2)
Well, thatâ(TM)s a mature, on-topic response. You have no idea what youâ(TM)re talking about, eh? Or just admitting Iâ(TM)ve successfully called out your BS and ignorance? What on earth has the hardware got to do with an applicationâ(TM)s behaviour? Never mind that I said Firefox canâ(TM)t successfully post to /., and itâ(TM)s a cross-platform application that normally behaves the same on whatever device itâ(TM)s running on, whether itâ(TM)s a toy or a real machin
Re: (Score:2)
Dude, I can't even read that splotch
Apple + Slashdot. (Score:2)
Apple + Slashdot.
Re: Good (Score:4, Informative)
Trust me, it's more complicated than you suggest, because you can have a legal *interest* in things you don't own.
We own the data. (Score:2)
We own the data.
Re: Good (Score:2)
Thatâ(TM)s true, bit doesnâ(TM)t really address the issue I raised, which, stated using your language, is âoeall property interests are state defined.â
Many folks believe that ownership is some fixed and absolute status that descends from God and occurs with a magical value exchange.
In reality in the western world, ownership is nothing more than a shift in rights of use and possession. They are fluid, changing over time, and decided by law.
Whenever I raise this issue Iâ(TM)m always m
Re:Good (Score:4, Informative)
Re: (Score:2)
Cynical me expects the car manufacturers to come up with a new way to circumvent the law.
I'm not sure what's meant by "mobile application" to access the data. I hope it doesn't mean cell phone app. If so, the law is too specific. There need to be several ways to get the data.
There already exist many inexpensive OBD-II / CAN bus adapters which gather the car's data and send it to a phone or computer via BlueTooth or USB. Problem is, if you don't have one of those and your car develops a fault, as you sai
Re: (Score:2)
I hope they mean via bluetooth or something so you don't need to use an outdated OBT adapter
Re: (Score:2)
"OBT"? Did you mean OBD? As in OBD2 (OBD-II)? They're still the standard data port in cars.
I'm not aware (nor could find) a "standard" for bluetooth in a car. Radio / entertainment system might have that for audio, but I'm talking about diagnostic data.
DRM loophole (Score:2)
Cynical me expects the car manufacturers to come up with a new way to circumvent the law.
Yup, probably something along the lines of:
- car encrypts everything with a rotating key before uploading.
- data uploaded via 5G (or Wifi) as usual.
- manufacturers now forced to share the data by law's update.
- manufacturers share the encrypted data blob.
And the loophole:
- independent repair shops and self-repair car enthusiasts are not legally allowed to break the encryption because of DMCA (or something along those lines).
- manufacturers offer to sell the decryption key for $5'000 (but remember the key is
Irony (Score:3, Interesting)
Oh the irony of forcing carmakers to share their locked-down proprietary data via one of the two locked-down proprietary app stores.
Fix (Score:4, Insightful)
Oh the irony of forcing carmakers to share your locked-down proprietary data via one of the two locked-down proprietary app stores.
There, fixed that for you.
Re: (Score:2)
If they were truly your telematics then someone would craft an app for the F-droid repository and only optionally share that data with their local third party repairer.
Just imagine you were building a time machine. Had locked down manufacturer telemetry existed in 1985 then you would be locked out of your own hardware and never be able to install an aftermarket flux capacitor because the Delorean Motor Co. went bust 3 years earlier.
Re: (Score:2)
Whenever legal scholars look at the idea of using the concept of ownership by an individual of the data pertaining to him, they conclude it's not going to work to protect interests like privacy. You maintain interests in data that pertains to you even if you don't own that data.
The thing about things you "own" is that you can sell them, so arguably when you sign off on letting car companies collect and use data pertaining to you, you don't really own that data anymore. Most people would say that even if a
Re: (Score:3)
We have to accept that the only way the app store duopoly changes is the same way the automaker collected data is becoming accessible to people; legislatively.
That said it's a good start as in practical terms mobile apps is how most people are going to prefer and be able to access it. Having accessible on their website via a standard browser should also be a requirement though (and downloadable).
Re: (Score:2)
That's an Apple issue, not and android issue. There are multiple app stores available on android. My s22 came with two right off the bat. I could install more but don't really have the need to do so.
I wonder... (Score:1, Offtopic)
calling its goal "likely unattainable"
Sounds like this judge was bought and paid for by the auto industry, or he is really really stupid about tech. All that means is the auto industry needs to open up access, if they can't then a recall is in order. I hope the fines start today :)
I wonder if that abortion law in Texas forced his decision ? I believe it was blessed by the Supreme Court a bit ago. If this case does get appealed, and the Supreme Courts overrules it, it will be another strong indication the US Supreme Court is fully "pwned" by
Re:I wonder... (Score:5, Informative)
Sounds like this judge was bought and paid for by the auto industry, [...]
On the contrary! This judge has an opinion, which is allowed. Please read the remainder of the summary:
But ultimately Woodlock said that he would not block enforcement.
"The people have voted on this and that's the result," he said. "I am loath to impose my own views on the initiative."
In other words: this judge says that democracy is more important than his own opinion.
Your optimism is showing (Score:1)
The alternative explanation is that he's decided he has no prospect of promotion within the judiciary, so reckons he'll act as an unbiased judge instead of obeying what the people who run the world want.
Re: (Score:3, Insightful)
The Supreme Court showed who owns them by the Citizens United ruling.
its enforcement could harm carmakers.... (Score:4, Interesting)
Since the article is behind a paywall I can't read that opinion so I may be missing something.
What happened to ownership? Should not all the keys be delivered? The car/product was sold. It no longer belongs to the manufacturer or the previous owner. Copyright protects the software from redistribution. I wonder how this would work if an individual tried the same tactics. You sell your car and place trackers and locks, electronic or otherwise, preventing the next owner from maintaining the vehicle and selling the info collected to advertisers or ex's. Oh by the way, the terms of service are in the trunk and if the vehicle was driven then they agreed to all that was written.
Re: (Score:2)
no it was sold to the dealer ship and then the dealer ship needs to get them to you. But they will not as that hurts there repair income
Dealerships are obsolete (Score:2)
This model is only in the USA.
Dealerships are obsolete, BTW.
How will this work with a software defined car? (Score:2)
https://www.schneier.com/blog/... [schneier.com]
Re: (Score:1)
How will this work with a software defined car?
You have it backwards. How would it work with a not-software-defined car? There would be no way to get this data out of the cars of yesteryear specifically because they didn't have software. Even cruise control used to be accomplished without micros, and using only discrete components. Now almost all vehicles are throttle by wire, and cruise control is a software function. Before, it didn't (couldn't) have a data link. Now it's just a routine, of course it can have diagnostics.
Re: (Score:2)
Could there be an open-sourced version of all of a car's software? Imagine a LineageOS for your car.
Re: (Score:2)
If the data doesn't/can't be exported then it's not covered under the law
Re: (Score:2)
If the data doesn't/can't be exported then it's not covered under the law
I'm glad you're keeping up with what the law does, now try to keep up with the thread
Re: (Score:2)
The question was "How will this work with a software designed car?" and then you said "How would it work with a not-software-defined car?" I answered that. Did you forget the start of your own post?
Re: (Score:2)
You explained how it wouldn't work, not how it would work.
Nice try, though. I guess.
Re: (Score:2)
Right, it wouldn't work, there's no need for it to work
US thing? (Score:2)
Re: (Score:3)
Yes we have the same thing here. But there are plenty of manufacturer specific codes that aren’t published. On some high end cars the scanner has to phone home and authenticate before it will read anything. Say I have want to get a new key fob programmed. Right now only the dealer has that capability and they’re going to chan hour labor on top of hundreds for the fob with $5 worth of electronics inside.
Re: (Score:2)
Say I have want to get a new key fob programmed. Right now only the dealer has that capability and they’re going to chan hour labor on top of hundreds for the fob with $5 worth of electronics inside.
Not completely true. Most vehicles let you add authentication to cheap fobs yourself if you have the original key fobs that came with it. It’s not very user friendly or even deterministic and can be every bit the pain that programming the automatic garage door opener that sometimes also comes with the vehicle can be. If you lost one or both of the original full user key fobs then it is off to the dealer to be vastly overcharged which does need to change.
Re: (Score:2)
On some vehicles there is no known way to program new keys/fobs without the dealer tools because you have to get an unlock code generated by a manufacturer-controlled server. For the most part you can clone the chip in the key for dumb keys, but fobs are becoming problematic — vehicles which don't require the key to be put into a receptacle, and you instead just keep it in your pocket, may have brainier fobs that can't be cloned.
Even on a 2006 Sprinter the keys are cloned with a Zedbull instead of new
Re: (Score:2)
Re: (Score:2)
The same setup but the rightful owner of the car (the person who buys it) holding the master key would also keep the car from being stolen and would also let the owner add/remove fobs and many other things at will.
Put down the cool-aid and actually think it through.
Consider, you buy a car. You are presented with your key and fob and a USB key (or other device) containing the master key to the car. You lock that master key up somewhere. Perhaps make a duplicate and lock it up somewhere else. That key control
Re: (Score:1)
It it keeps the vehicle from being stolen, I don't mind paying $500 per fob and $300 for an authorized Mercedes tech to use a secure system.
It doesn't. They bring their own matching PCM and SKREEM (from a vehicle they were able to get the key for) and swap them in. Buh-bye Mercedes! Obviously it has to come from the same model, but thieves target models these days. Also, pros just show up with a rollback and haul the whole vehicle off.
Re:US thing? (Score:4, Informative)
I believe there is a lot of telemetry and other data happening that is not available via OBDII or CANBUS is the concern here.
Also even on those systems while you can do quite a lot with a generic OBDII adapter there are quite a lot of more advanced functions that are only available with a more advanced scan tool (Autel, SnapOn, etc) and even then some functions are still locked behind tools and software that are only available from the manufacturer (GM MDI, Ford IDS, VW ODIS, Toyota TechStream)
Re: US thing? (Score:2)
Requirement of special scan tools .... (Score:2)
IMO, *this* is really the issue that needs to be addressed. The average vehicle owner who wants to do some troubleshooting him/herself is going to try to use an OBDII scan tool. But the industry standard supported for these tools only covers a specific set of error codes. Most auto makers extended OBDII with a bunch of errors and programmable settings specific to their own vehicles, and then kept those proprietary. So only the dealer's own tool can access them.
I used to own a Chrysler Crossfire SRT-6, for e
Re: (Score:1)
Most auto makers extended OBDII with a bunch of errors and programmable settings specific to their own vehicles, and then kept those proprietary. So only the dealer's own tool can access them.
Yeah, that. We have a 2006 Sprinter, with OM647. If you scan this vehicle with the wrong tool you will literally get out codes which are not even valid for the vehicle. If you scan it with a tool that knows what it's doing, the same codes literally do not appear. Some P-codes also appear to have nonstandard meanings! I had to get a special scanner because the cheap crap scanner I already had (which is one rung above the bottom as it has support for ABS) was just incapable of talking to it. You can get gener
Re: (Score:2)
US Cars have ODB as well. The problem is that only a specific set of information needs to be exposed on that, so to get more stuff, for example, it's $100/month to get "everything" from Toyota vehicles, and that's for the individual user price, not even the shade tree mechanic price.
I can get basic diagnostic information from the port - like if an O2 sensor is likely failing, but I can't do things like reprogram fobs, the tire pressure sensors, etc...
The TPMS system is what really irked me when I was livin
Re: (Score:3)
Same way they know anything about the car, they get that info from the manufacturer.
It's a real "shit rolls downhill" type of situation.
Re: (Score:3)
Not my problem.
Totally support this, but (Score:3, Insightful)
Same goes for side-loading apps onto your iphone. I’m all good with requiring this by law, as long as Apple is released from liability the second that a user installs a side-loaded app from North Korea.
Same goes for the whole John Deere kerfuffle. Jim Bob should be allowed to repair his own tractor. Absolutely. But if he turns his million dollar system into a pile of twisted metal and shreds himself in the process, JD does not have to write a large check to his widow.
Extreme personal freedom comes with extreme personal responsibility. It’s the American way. I’m fine with it, and I wouldn’t change it. But the companies do NOT have to shell out big dollars when idiots reap the results of their idiocy. Downmod in 3,2,1
Re: (Score:2)
People need to be ready for repair shops to harvest and sell the data. And the car manufacturers certainly won’t be responsible or liable for any privacy breach.
... unless it's them that does the breaching. As an IT professional you should hesitate to collect data on people without good reason, but to a business operating in a country like the US with weak privacy protections, when in doubt, collect more data. You might be able to make money from it or, as in this case, lock the customer in to your proprietary services. But as a customer it'd be naive to assume your data will be handled in a way that guards your interests.
Re: (Score:2)
as long as Apple is released from liability the second that a user installs a side-loaded app from North Korea.
Apple is already released from liability. What makes you think they are liable today?
Re: (Score:2)
Re: (Score:3)
Re: (Score:2)
Nobody cares the IOS EULA.
Re: (Score:2)
What a word salad.
Try expressing yourself better.