STATEMENT: NHTSA walks back letter pre-empting Mass. car data law

BOSTON — The National Highway Traffic Safety Administration (NHTSA) on Tuesday issued a letter clarifying its stance about car repair data transmitted over the internet. The letter, addressed to the attorney general’s office in Massachusetts, walks back a June letter which advised automakers that they should not comply with a Massachusetts car data law over safety concerns. That letter was widely criticized for errors in both process and substance.

Massachusetts’ law, passed overwhelmingly by voters in 2020, mandates that automakers provide access to vehicle maintenance and repair data (often called “telematic data”) transmitted over the internet. In the new letter, NHTSA, a U.S. Department of Transportation division, expressed strong support for the Right to Repair, and suggested an alternative method which would allow independent mechanics to access data, but only via Bluetooth, which still leaves a disparity between how dealerships and local mechanics can access repair data. The latest letter also shares new concerns about how manufacturers handle security and remote access, especially regarding remote reprogramming.

In response, MASSPIRG Executive Director Janet Domenitz made the following statement: 

“Thanks to the leadership of our attorney general, Andrea Campbell, the will of the voters here in Massachusetts will be upheld. We look forward to continuing our work to expand the Right to Repair in Massachusetts to cover the products we use everyday– starting with pending legislation that would give us that right to repair our handheld electronics.”

Nathan Proctor, PIRG’s national Right to Repair campaign director, added: 

“When you buy a car, any data it generates should belong to you. I’m grateful that NHTSA is no longer saying the Massachusetts law is preempted — however this is just one small step toward recognizing all Americans’ Right to Repair.

“It’s time to have a frank conversation about the future of internet-connected cars to ensure it’s one which respects privacy, safety and the Right to Repair. NHTSA’ latest letter could be the start of that conversation. For example, it admits that the security problems in cars are not created by independent repair access — if there are security issues with car data, they are already there. But it’s only the start of a conversation if we keep discussing the problems and moving toward solutions.

“We strongly support the goals the agency puts forward — to protect repair choice and maintain safety. However, as it stands, the agency has achieved neither goal. Instead, it has allowed a proliferation of serious safety and monopolization issues to continue without meaningful resistance. Let’s hope this new letter signals a change in approach. We don’t plan to stop our work until cars not only are safe, but also enjoy the full slate of Right to Repair protections.”