- Alliance for Automotive Innovation contends Massachusetts voter-approved measure is preempted by federal law
- Voters in November revised the state's 2013 "Right to Repair" law
- Auto execs warn of grave cybersecurity risks
(Reuters) - A group representing General Motors Co, Fiat Chrysler Automobiles NV and other automakers went to trial on Monday in a bid to block a Massachusetts voter-approved measure that would expand access to vehicle data and allow independent shops to repair increasingly sophisticated automotive technology.
Executives with the trade group Alliance for Automotive Innovation and its member companies took the witness stand to testify before U.S. District Judge Douglas Woodlock in Boston, who will decide whether federal law preempts the state measure.
The group sued in November after voters approved a ballot initiative to revise the state's 2013 "Right to Repair" law to require automakers to provide expanded access to mechanical and electronic repair data.
Unprecedented advancements in modern vehicles and crash avoidance systems have prompted many automakers to limit information and warranties to only parts and repairs from authorized dealers to ensure safety and privacy.
The group's lawyers in a brief filed last week argued that if allowed to take effect, the law, by expanding the universe of who can access a vehicle's diagnostic system will "make serious cyberattacks much more likely and deadly than the attacks on pipelines and meat processors currently in the news."
Its attorneys at Mayer Brown and Mintz, Levin, Cohn, Ferris, Glovsky and Popeo contend that the law would require them to degrade cybersecurity controls related to safety- and emissions-critical vehicle functions.
And, because those functions are governed by the National Traffic and Motor Vehicle Safety Act and the Clean Air Act, the group claims the Massachusetts measure unconstitutionally conflicts with those federal laws.
Much of Monday's testimony was conducted behind closed-doors, such as that from Kevin Tierney, the vice president of global cybersecurity at General Motors.
In an affidavit filed ahead of the trial, he said that the law's "requirements run directly counter to GM's cybersecurity approach, and would seriously compromise vehicle safety and emissions control."
Steven Douglas, the vice president for energy and environment at the Alliance for Automotive Innovation, also testified and faced questions by a state attorney that went to what extent the industry could not comply with the law.
Massachusetts Attorney General Maura Healey, who is defending the law, in court papers noted the measure allows manufacturers to establish a standardized system run by a third-party to authorize access by independent repair shops to diagnostic systems.
Assistant Attorney General Julia Kobick in questioning Douglas noted the National Automotive Service Task Force (NASTF), whose board Douglas sits on, already helps manufacturers authorize locksmiths to create increasingly technical new keys.
But under questioning by Jason Linder of Mayer Brown, Douglas said the NASTF in facilitating such authorizations had avoided ever creating a central database of all of the companies' data.
Douglas said that doing so would put the vehicle security information of 280 million vehicles at risk by putting it all in a central location.
"That would presumably become the focus point of every hacker, every ransomware hacker, every vehicle thief and every crime syndicate in the world," he said. "There's just no possible way that NASTF could maintain that kind of security or that kind of data."
The case is Alliance for Automotive Innovation v. Healey, U.S. District Court for the District of Massachusetts, No. 1:20-CV-12090.
For the Alliance: John Nadolenco, Erika Jones, Jason Linder, Daniel Queen, Eric White of Mayer Brown; and Laurence Schoen, Elissa Flynn-Poppey and Andrew Nathanson of Mintz, Levin, Cohn, Ferris, Glovsky and Popeo
For Massachusetts Attorney General Maura Healey: Robert Toone, Eric Haskell, Phoebe Fischer-Groban, Julia Kobick and Christine Fimognari of the Attorney General’s Office
Our Standards: The Thomson Reuters Trust Principles.