The Right To Repair Law: Why It Is No Reason To Be Worried About Your Security
It’s been a year since the right to repair legislation was put in place in both the UK and US. Since then, the EU has followed suit as part of its green objectives. Before laws were passed, the movement gained real traction, and for good reason.
On 1st July 2021, new rules for electrical goods manufacturers were put into effect in the UK. The new law made it a legal requirement for spare parts to be available for all manufacturers’ products in production and for 10 years following their discontinuation. Then, just days later, President Biden signed an executive order (EO) directing the Federal Trade Commission (FTO) to draft new regulations that would allow people to carry out independent repairs of manufacturers’ products.
In March 2022, the European Commission announced that it plans to put forward a legislative proposal on the right to repair later this year. In addition, the European Parliament also submitted a call for the right to repair law to address the whole life cycle of products, from its design to manufacturing, as well as information on reparability and consumer guarantees.
The aim of this law in the UK has been to tackle the mass amounts of e-waste, save consumers money and to prolong the life of our tech products.
What is the right to repair?
As the name suggests, the right to repair law is about giving consumers the power to fix goods and products they purchase from manufacturers. Currently, many manufacturers withhold information and tools needed to repair products or devices. By having this monopoly on repairs, they make it practically impossible for consumers to fix issues by themselves, or even seek the help of a third party.
And it’s not just physical tools they withhold. Strict software rules mean troubleshooting codes and reset systems are accessible by authorised service providers only. So even an experienced repairman won’t be able to fix any software issues on your device. Some product warranties even outright forbid third-parties from attempting to fix any problems (Apple, I’m looking at you!).
Having a monopoly on product repairs doesn’t just allow manufacturers to hike up their repair costs. It also means they can avoid repair costs altogether by offering customers a complete replacement, producing huge volumes of e-waste.
Let’s take a look at how the new law will help alleviate these problems…
How will the right to repair law help?
In our modern world, everyday products are becoming more and more technologically advanced every day. For example, the continued growth of the Internet of Things (IoT) means that billions of physical household devices are now collecting and sharing data via an internet connection. However, just because something is high-tech, that doesn’t mean it’s immune to damage. When a product breaks, it needs fixing. And when your job relies on a piece of equipment or connectivity, you need it fixing fast! Unfortunately, across many industries, this isn’t possible.
Take modern farmers, for instance. Most tractors are now connected via IoT. Resolving malfunctions on these tractors requires special diagnostic tools that only manufacturers and authorised dealers have access to or are allowed to use. This poses a serious problem for farmers, who rely on tight windows to harvest their crops. Not only could they lose income from any compromised crops, but they may also have to fork out high call-out fees to get the repairs done.
The right to repair law would save farmers essential time and money - time and money they could spend supporting local and international food supplies.
Right to repair sounds great, so why would anyone oppose it?
Good question.
It’s unsurprising that manufacturers with a monopoly on the repairs market aren’t happy about giving up the said monopoly. So much so, that some companies and organisations are using so-called cyber security risks as a way to scare their customers into voting against the proposed legislation.
To consumers, this may seem like a valid argument, especially when dealing with the repair of personal items such as mobile phones and laptops (which are currently not covered by the UK right to repair law). These devices often contain personal information (photos, financial records, sensitive documents). Thus, the idea of providing diagnostic access (and potentially access to this personal information) to a larger group of individuals can feel a little scary.
Some firms also argue that third-party repair shops could inadvertently disable key hardware security features or prevent firmware updates. The risk here is that devices could be left vulnerable to hacking and the accidental downloading of malware.
Are these arguments valid?
Short answer: no.
The Federal Trade Commission released an in-depth report on the issues detailed above, which concluded that there was no evidence to suggest that independent repair shops are more or less likely than authorised repair shops to compromise or misuse customer data. At the end of the day, the product will remain as secure as it was designed to be. Independent repair shops do not influence that. All they want is access to diagnostics and firmware patches to help solve any errors.
And, if the security of a device is already compromised, then the right to repair law will not make the device any less safe than it already is!
Okay, but I am still concerned about security...
And so you should be. The right to repair law is neither going to improve nor reduce the security of your devices. Cyber security risks are ever-evolving, and the security of any data stored or communicated online must be taken seriously, especially with the quantum threat on the horizon.
Luckily, British-startup Arqit has developed a unique quantum encryption Platform-as-a-Service which makes the communications links of any networked device secure against current and future forms of attack – even from a quantum computer. In a world of hyper-connected devices, we must equip ourselves with the very best level of cyber security to protect us against not only the threats that exist today, but those likely to arrive in the near future. Arqit’s cloud-based Platform-as-a-Service, QuantumCloud™, is a simple and effective solution that can do exactly that.
The essential thing to remember from this is that the right to repair law exists to serve the consumer. In an age where we are so reliant on technology, it’s assuring to have legislation in place that makes repairing accessible. And what’s better yet - we’ll be reducing waste and saving money in the long term!
Sources:
https://arqit.uk/quantum-cloud/
https://www.wired.co.uk/article/right-to-repair-uk
https://www.themanufacturer.com/articles/new-right-to-repair-rules-for-uk-manufacturers/
https://www.wired.com/story/biden-executive-order-right-to-repair/