Brian Hohmann, mechanic and owner of Accurate Automotive, in Burlington, Mass., points to an engine readout on a computer. Hohmann said most independent shops are perfectly capable of competing with dealerships on both repair skills and price as long as they have the information and software access they need. (AP)
WASHINGTON — U.S auto safety regulators told nearly two dozen major automakers on Tuesday not to comply with a Massachusetts vehicle telematics law, saying it poses significant safety concerns.
The National Highway Traffic Safety Administration (NHTSA) said in a letter to major automakers they must comply with a federal vehicle safety law and not with a state law that requires open remote access to vehicle telematics and vehicle-generated data.
Because federal conflicts with and therefore preempts the state law, “NHTSA expects vehicle manufacturers to fully comply with their Federal safety obligations.”
The 2020 measure seeks to allow independent repair shops to access diagnostic data that newer cars can send directly to dealers and manufacturers to allow consumers to seek repairs outside dealerships.
The NHTSA said a malicious actor “could utilize such open access to remotely command vehicles to operate dangerously, including attacking multiple vehicles concurrently.” Massachusetts is seeking to enforce a 2020 ballot initiative that was overwhelmingly approved by voters.
NHTSA added that “open access to vehicle manufacturers’ telematics offerings with the ability to remotely send commands allows for manipulation of systems on a vehicle, including safety-critical functions such as steering, acceleration, or braking.”
The 2020 vote revised the state’s 2013 “Right to Repair” law to require automakers to provide expanded access to mechanical and electronic repair data and allow independent shops to repair increasingly sophisticated technology.
The Alliance for Automotive Innovation, a trade group representing major automakers, has sued to block the law and has asked a federal judge to seek a temporary restraining order barring enforcement of the Data Access Law.
They warned complying with the Data Access Law would require an automaker “to remove essential cybersecurity protections from their vehicles.” The group declined to comment Tuesday on NHTSA’s letter.
“Vehicle manufacturers appear to recognize that vehicles with the open remote access telematics required by the Data Access Law would contain a safety defect,” NHTSA said in its letter to General Motors, Tesla, Ford, Toyota, Rivian, Volkswagen and others.
Massachusetts Attorney General Andrea Joy Campbell said “consumers and independent repair shops deserve to know whether they will receive access to vehicle repair data in the manner provided by the law.”
NHTSA said is aware that some vehicle manufacturers have stated an intent to disable vehicle telematics and warned “this measure has its own adverse impacts on safety.”