In this week’s podcast, Joe Grand of Grand Idea Studio and Kyle Wiens of iFixit join me to talk about the launch of securepairs.org and fighting cybersecurity FUD in the right to repair.
In this week’s episode, #144: lawmakers in 20 states this year are considering right to repair laws that would guarantee the owners of everything from smart phones and watches to tablet computers and tractors access to service manuals, diagnostic software and replacement parts needed to service and maintain their stuff.
There’s a very real chance that all 20 will be defeated – not with legislators voting them down in open session, but quietly, in committee hearings and closed leadership pow-wows where decisions to bring legislation to a vote are made. This after 17 nearly identical laws were killed off at the state level last year?
What’s going on? A concerted lobbying effort by major technology, heavy equipment, telecommunications and electronics firms, that’s what. While the right to repair is pro-consumer and pro-competition legislation is widely supported by the public,in the hallways of power in Washington DC and state capitols it faces a withering headwind in the form of lobbyists and strategic PR firms intent on scaring lawmakers away from granting consumers the right to fix their digital stuff.
One of their go-to arguments is cyber security. Using targeted “issue” groups like the Security Innovation Center, these firms and industry groups convey dire warnings about hackers, cyber criminals and other n’er do wells stealing consumers data or hacking into phones and other devices under the guise of “repair.” Are these arguments accurate? No. But they’re often enough to scare lawmakers off of right to repair, no matter how strong the economic and consumer rights arguments may be.
What is needed is for the information security community to speak up – and loudly. Thats why this week, I helped to launch a new group: securepairs.org, with the mission of connecting cyber security experts with lawmakers and legislative staff who need accurate information about the security risks of connected devices and the security benefits of things like documentation, access to diagnostic tools, replacement parts and software.
Joining me in this effort are some of the world’s top experts in cyber security: author and cryptographer Bruce Schneier of IBM and Harvard University. Jon Callas, an founder of PGP and now a technologist at the ACLU. Chris Wysopal the CTO at Veracode and bug bounty pioneer Katie Moussouris, and our guests this week: hardware hacker Joe Grand of Grand Idea Studio and the inimitable Kyle Wiens of the repair site iFixit.
Together, we talk about our securepairs and its purpose – and how cyber security FUD is being used to derail right to repair laws. I also ask Kyle and Joe to de-FUDify industry arguments against right to repair.