Wireless Carriers, Hardware Companies Use Flimsy IOT Security To Justify Attacks On Right To Repair Laws

A few years ago, anger at John Deere's draconian tractor DRM birthed a grassroots tech movement. The company's lockdown on "unauthorized repairs" turned countless ordinary citizens into technology policy activists, after DRM and the company's EULA prohibited the lion-share of repair or modification of tractors customers thought they owned. These restrictions only worked to drive up costs for owners, who faced either paying significantly more money for "authorized" repair, or toying around with pirated firmware just to ensure the products they owned actually worked.

The John Deere fiasco resulted in the push for a new "right to repair" law in Nebraska. This push then quickly spread to multiple other states, driven in part by consumer repair monopolization efforts by other companies including Apple, Sony and Microsoft. Lobbyists for these companies quickly got to work trying to claim that by allowing consumers to repair products they own (or take them to third-party repair shops) they were endangering public safety. Apple went so far as to argue that if Nebraska passed such a law, it would become a dangerous "mecca for hackers" and other ne'er do wells.

Wary of public backlash, many of these companies refuse to speak on the record regarding their attacks on consumer rights and repair competition. But they continue to lobby intensely behind the scenes all the same. The latest example comes courtesy of the "The Security Innovation Center," a new lobbying and policy vehicle backed by hardware vendors and wireless carriers. The group issued a new "study" this week that tries to use the understandable concerns over flimsy IOT security to fuel their attacks on right to repair laws.

The study starts out innocuously enough, noting how they hired Zogby to run a poll of 1015 users on consumer privacy and security concerns in the internet of broken things era:

"Almost two-in-three American consumers said that the explosive growth of Internet-connected products makes them more concerned about their privacy and security, the survey of 1,015 Americans found. And only 1 in 3 Americans expressed confidence that people they know would not be affected if one of their devices was hacked."

Which is understandable. Especially in an era where countless IOT companies value gee whizzery over privacy or security. But it doesn't take long for the real purpose of this study to reveal itself--demonizing efforts to break the monopoly over repair:

"These concerns have placed a focus on security when getting Internet-enabled products fixed: 84 percent value the security of their data over convenience/speed of service....More than 80 percent expect repair professionals to both provide a warranty for their repairs and demonstrate that they are trained or certified to fix their specific product. Further, 75 percent value warranty protections over convenience and 70 percent feel most comfortable having their products fixed by a manufacturer or authorized repair shop. Yet, only 18 percent can determine if an electronics repair shop is protecting their security and privacy."

In other words, the not so subtle message being sent by hardware vendors and wireless carriers is this: don't allow third-party or user self repair because you'll wind up hacked, or worse. That matches the same message being sent by Verizon, Apple, Microsoft and others as they try to convince the public that being able to access less expensive third-party repair vendors (or repair your own devices yourself) will result in reduced security and privacy, dogs and cats living together and the world being ripped off its axis.

Again, the "Security Innovation Center" isn't much of a center at all. It's basically just a lobbying and policy vessel created by a New York PR firm (Vrge), backed by other, existing lobbying and policy vessels (CTIA, CompTIA, NetChoice). It's such a thin veneer, the Center's press release lists its "executive director" as Josh Zecher, the guy who founded the PR outfit running the campaign. It's basically just the Russian nesting doll equivalent of lobbying and policy, all to obfuscate Apple's, Verizon's and other companies' blatant disdain for repair competition and consumer rights.