The security industry is working with leaders, allied organizations and lawmakers to exclude security and life safety devices from the overwhelming volume of right-to-repair legislation continuing to crop up across the country.
So far in 2023, over 85 right-to-repair bills or digital repair acts have been filed at the state level, and that trend is expected to grow. None of the acts filed this year has included exemptions for the security industry.
Right-to-repair legislation, first introduced in several states in 2021, mandates that original equipment manufacturers (OEMs) of digital electronics provide unauthorized repair providers with diagnostic and repair information, along with tools, related parts and software—without requiring any of the critical consumer protections afforded by authorized repair networks, such as contractual protections, liability or warranty concerns, training requirements, competency certifications or other restrictions.
These bills could also permit access to technical information and encourage cyberattacks and hacking. This could compromise data privacy and security measures for home appliances, smartphones, computers, security equipment and other connected devices.
Potential for consumer harm
According to the Security Industry Association (SIA), Silver Spring, Md., without a vetting process for unauthorized repair facilities, the potential for consumer harm is significant and undermines industry innovation affecting manufacturers’ intellectual property and copyright safeguards. OEMs and the local small- to medium-sized enterprises who benefit from having contractual agreements regarding proprietary source code, diagnostic and repair information on security equipment could also see the erosion of revenue sources and certification opportunities, as unauthorized service providers would be given free access to this information.
“While we understand this is a complex issue being supported by those with the best of intentions, these bills have drastic unintended consequences and compromise the safety and security of individuals and businesses which rely on electronic security systems,” said Colby Williams, SIA’s associate director of government relations.
Lobbying successes
In late May, Minnesota became the second state in the country to adopt a right-to-repair law, slated to go into effect July 1, 2024. The Digital Fair Repair Act in New York became effective July 1. Colorado and Massachusetts adopted right-to-repair laws specific to agricultural equipment and motor vehicles.
While Minnesota’s law was the broadest so far, the scope was narrowed significantly throughout the legislative process. As finalized, Minnesota’s right-to-repair provisions do not require a manufacturer to make available documentation, tools or parts that would disable or override antitheft security measures or could reasonably be used to compromise cybersecurity.
In additon, manufacturers are not required to release information that would provide third-party access to trade secrets or personally identifiable information, or that pertain to any equipment used in work that could be performed under relevant licensure. The bill also exempts any IT equipment intended for use in critical infrastructure as defined by the federal Critical Infrastructures Protection Act of 2001.
Williams said these laws should shield security industry products and manufacturers from new requirements.
“While we understand the intent of right-to-repair laws is to consider new ways of reducing consumer electronic waste, it is important that the only two states to have adopted these laws for electronic products have both provided exemptions and provisions which protect the integrity of the products and services our industry provides,” he said. “Policymakers have so far acknowledged that far beyond fixing broken smartphones, such legislation has the potential to create real risks to consumers if applied too broadly, and we hope these concerns will continue to be taken seriously.”
Holly Borgmann, vice president of government affairs for ADT, Boca Raton, Fla., said that while these types of laws may make sense for some industries, tools and manuals that could enable someone to disarm an alarm or reroute an emergency signal should remain proprietary. Borgmann is an SIA board member and vice chair of the SIA government affairs committee.
“Many of the bills introduced this year were initially drafted so broadly that they included alarm equipment, along with other electronic devices,” Borgmann said. “Fortunately, legislators seem to share our commitment to security and public safety and have subsequently opted to exclude security and life safety equipment from the final bills. As an industry, we need to remain vigilant to ensure that future right-to-repair bills do not trigger security and public safety-related unintended consequences.”
The industry is monitoring rumors of right-to-repair activity on the federal level and has already started conversations with members of Congress.
shutterstock / paper cut design