NHTSA Supports ‘Short-Range Wireless Protocol’ for Right to Repair

Right to Repair: NHTSA Open to Short-Range Wireless Protocol

If the proposal sees the light of day, it would limit the scope of the Massachusetts data-access law.

The National Highway Safety Administration (NHTSA) has outlined an approach for automakers to comply with the expanded Massachusetts right-to-repair law without running afoul of federal safety regulations.

However, if the proposal sees the light of day, it would mean implementing just a portion of the law – which Massachusetts approved by an overwhelming margin in November 2020.

The intent of the expanded right-to-repair law was to require automakers to equip vehicles sold in Massachusetts with a standardized data platform that enables motorists to access their vehicles’ telematics data through a mobile app.

In June, Kerry Kolodziej, NHTSA’s assistant chief counsel for litigation and enforcement, sent a letter to 22 automakers urging them to ignore the data-access provisions of the law due to cybersecurity concerns.

In an Aug. 22 letter to the Massachusetts Office of the Attorney General, however, Kolodziej asserts that OEMs can comply with the law “by providing independent repair facilities wireless access to a vehicle from within close physical proximity to the vehicle, without providing long-range remote access.”

“For instance, NHTSA understands that, according to the attorney general, vehicle manufacturers could comply with the Data-Access Law by using short-range wireless protocols, such as via Bluetooth, to allow the vehicle owner or an independent repair facility authorized by the owner to access all ‘mechanical data,’ as defined by the law, for that individual vehicle,” Kolodziej says in the letter. “In NHTSA’s view, a solution like this one, if implemented with appropriate care, would significantly reduce the cybersecurity risks –  and therefore the safety risks – associated with remote access.”

Kolodziej notes that the proposal stems from conversations with Massachusetts Attorney General Andrea Joy Campbell.

“Limiting the geographical range of access would significantly reduce the risk that malicious actors could exploit vulnerabilities at scale to access multiple vehicles, including, importantly, when vehicles are driven on a roadway,” Kolodziej adds in the letter. “Such a short-range wireless compliance approach, implemented appropriately, therefore would not be preempted [by the National Traffic and Motor Vehicle Safety Act].”

NHTSA Letters ‘Underscores Imperative for a 50-State Solution’

Aftermarket trade associations issued a swift response to NHTSA’s letter.

MEMA Aftermarket Suppliers called it a “step forward” that the Massachusetts Office of the Attorney General and NHTSA have acknowledged “the need to address protocols for the open-access implementation” of the law.

However, MEMA asserted that “a short-range wireless protocol is insufficient to provide consumers with repair choice and stakeholders with a level playing field going forward.”  

“The letter from NHTSA underscores the imperative for a 50-state solution that ensures both consumer choice in repair and enhanced safety on our roads,” the association said in a news release. “Moreover, it emphasizes the need for a cybersecure, technical solution that prioritizes consumers and is developed by and agreed to by all stakeholders.”  

MEMA Aftermarket Suppliers also pointed to HR 906 – the REPAIR Act – as “a benchmark in cybersecurity for repair access.

“MEMA Aftermarket Suppliers firmly believes that the best solution is a collaborative, federal solution and invites automakers and other stakeholder to join the aftermarket in providing expert guidance and perspective to achieve that outcome,” the association added.   

Meanwhile, the Auto Care Association said it “appreciates the continued support of the Massachusetts Office of the Attorney General to support the 2020 Data Access Law and the willingness of [NHTSA] to revisit its position on the enforceability of the law.”

“The Auto Care Association is gratified by NHTSA’s acknowledgement that the Data Access Law is not preempted by the Federal Vehicle Safety Act and by its latest statement that NHTSA strongly supports the right to repair,” Auto Care said in a news release. “The Auto Care Association further supports Attorney General Campbell’s stalwart efforts to ensure that vehicle manufacturers implement the Data Access Law safely and promptly. We look forward to the auto manufacturers’ compliance with the law.”

You May Also Like

CRP Marks 40 Years of Pentosin Fluids in North America

CRP Automotive will mark the anniversary with specialty signage and featured products at AAPEX in Las Vegas, slated for Oct. 31-Nov. 2.

CRP Automotive is recognizing the 40th anniversary of the Pentosin brand of technical fluids in North America.

CRP Automotive began selling Pentosin fluids in the North American market in 1983 and offers the import-vehicle community a comprehensive line of antifreeze, brake fluids, hydraulic fluids, motor oil,  transmission fluids and kits.

House Subcommittee Examines Potential Impact of REPAIR Act

Subcommittee members and others expressed enthusiastic support for the legislation.

Lincoln Highway Leads to Vegas in ‘Road to AAPEX’ Season 2

This year, the spotlight shines on an ultra-rare 2002 Lincoln Blackwood as it embarks on a historic journey.

Trade Groups, OEMs Agree on Data Access for IRFs

MEMA Aftermarket Suppliers called the agreement “a step in the right direction” but asserted that the pact “falls short of all the protections necessary to ensure consumer choice now and into the future for all parties.”

NHTSA Better Have ‘Good Answers’ for RTR Rebuff

The Berkshire Eagle, which endorsed the data-access measure in 2020, is skeptical of NHTSA’s cybersecurity concerns.

Other Posts

MEMA Aftermarket Suppliers Achieves UAF Gold Lifetime Trustee Status

The designation goes to “outstanding donors who significantly support the UAF’s mission.”

MEMA UAF Gold Lifetime Trustee
MEMA Announces Remanufacturing Roadshow & Annual Conference

The event is scheduled for June 25-26 in Greenville, South Carolina.  

MEMA Greenville
Trend Hunter’s Chief Futurist to Keynote Auto Care Connect

Auto Care Connect is scheduled for May 5-8 at the Hyatt Regency Chicago.

Armida Ascano
Vision Conference to Spotlight Industry Research and Analysis

Separate sessions will discuss a new study on AI in the aftermarket and a whitepaper on improving CEO understanding.

Vision Conference