### Automakers Criticized for Trading Driver Data and Resisting Right-to-Repair Initiatives
In a significant display of concerns surrounding consumer rights and data protection, U.S. Senators Jeff Merkley (D-OR), Elizabeth Warren (D-MA), and Joshua Hawley (R-MO) have delivered a strong condemnation of leading automakers, including Ford, General Motors, and Tesla, among others. This bipartisan group of lawmakers reached out to these companies in letters, expressing discontent over their resistance to the right-to-repair movement and highlighting their contentious practice of selling driver information to outside entities.
The correspondence, directed to the CEOs of Ford, GM, Tesla, Honda, Hyundai, Nissan, Stellantis, Subaru, Toyota, and Volkswagen, emphasizes the companies’ opposition to measures that would grant consumers and independent repair facilities increased access to vehicle repair data and resources. The Senators contend that such resistance not only compromises consumer rights but also casts doubts on the automakers’ dedication to data security and privacy.
—
### **The Right-to-Repair Discussion**
The right-to-repair initiative pushes for laws that guarantee consumers and independent repair services access to the necessary tools, parts, and data for repairing modern automobiles. At present, many automakers limit this access, citing cybersecurity issues. Critics, however, maintain that these limitations are intended to redirect repair work to franchised dealerships, where prices tend to be much higher.
The Senators’ letter notes that independent repair shops carry out approximately 70% of car repairs, often regarded as more affordable and reliable compared to dealership services, which often receive unfavorable reviews for their pricing. By restricting access to repair data and components, automakers not only elevate repair costs but also prolong the process, placing car owners at a disadvantage.
The urgency of the situation has increased as vehicles have become more reliant on software. An increasing number of automotive repairs now involve software updates in lieu of mechanical repairs. Indeed, over 20% of vehicle recalls in recent years have been addressed through software fixes. As this trend continues, the demand for access to diagnostic tools, firmware, and connected services is predicted to surge.
—
### **Automakers’ Inconsistent Stance on Data Privacy**
A notable point raised by the Senators is the evident inconsistency in automakers’ stance toward data privacy. While they argue that sharing vehicle data with independent repair services poses cybersecurity dangers, they simultaneously gather and sell extensive amounts of data from their connected cars. This information, which encompasses driving patterns, location history, and other sensitive details, is frequently shared with third parties like data brokers and insurance companies—occasionally without explicit consent from drivers.
This conduct has provoked substantial backlash from privacy advocates, who argue that automakers are placing profit above consumer privacy. Senator Merkley aptly summarized the issue, stating, “We need to hit the brakes on automakers stealing your data and undermining your right-to-repair.”
—
### **Cybersecurity Issues: Genuine or Exaggerated?**
Automakers and the National Highway Traffic Safety Administration (NHTSA) have long claimed that cybersecurity concerns justify their opposition to right-to-repair legislation. In 2023, the NHTSA even advised automakers against complying with a Massachusetts statute mandating an open data platform for telematics. This law, which received overwhelming support from Massachusetts voters, is intended to allow consumers and independent repair shops access to vehicle data.
Nevertheless, cybersecurity experts and legislators have pushed back against these assertions. According to testimonies provided to the House Judiciary Committee in 2023, the actual cybersecurity risks stem not from third-party access to vehicle data but from the “subpar quality of deployed software and the inadequate state of device security” in numerous vehicles. The Senators also referenced a German court ruling that dismissed Mercedes-Benz’s cybersecurity argument against independent repairs, asserting that it was no valid reason to limit data access.
—
### **Automakers Face Difficult Questions**
In their correspondence, the Senators have requested comprehensive replies from the automakers by January 6. The inquiries encompass a broad range of subjects, including:
– The revenue generated by each automaker from car repairs.
– The types of user and driving data collected, and whether consumers are made aware or give consent.
– The specific third parties with whom this data is shared.
– The automakers’ practices concerning data protection and cybersecurity.
– Lobbying actions against right-to-repair legislation.
Responses to these queries could illuminate the extent of automakers’ data collection practices and their reasons for opposing right-to-repair initiatives.
—
### **The Way Forward**
The right-to-repair movement has gained substantial momentum in recent years, with states like Oregon and Massachusetts spearheading efforts. Advocates contend that these laws are crucial for safeguarding consumer rights, fostering competition, and lowering repair expenses. However, the pushback from automakers and federal entities like the NHTSA highlights the obstacles that lie ahead.
As vehicles become increasingly interconnected and dependent on software, the stakes in
