Sometimes legislative proposals appear to be straight-forward, commonsense fixes aimed to help consumers with a problem. And sometimes these legislative answers to complex problems are just plain wrong. The so-called “Digital Fair Repair Act” is just such a piece of legislation – something that seems like a simple consumer right that in reality can be a very dangerous “fix”, especially to unsuspecting women, unaware of the unintended consequences of hastily passed legislation.
Several states have considered but rejected legislation that would mandate that producers of electronic devices provide repair shops with unfettered access to consumers’ electronic devices, such as your iPhone or laptop, and related personal information.
There are several reasons why these mandates are a bad idea, starting with the fact that many of these so-called “right-to-repair” proposals are unconstitutional. Federal copyright laws protect computer programs and “preempt[s] any conflicting state laws under the Constitution.” Moreover, many of these “right-to-repair” bills would mandate the disclosure of proprietary codes for operating systems, “’digital locks that protect these computer programs from unauthorized access and copying,” to name just two of the primary reasons these overly broad mandates are a violation of the protections provided in the Constitution.
But as a matter of policy, these so-called “right-to-repair” laws can be downright dangerous for women. Released late last year, a new study “found that privacy violations occurred at least 50 percent of the time” when unsuspecting consumers utilized local consumer electronic repair shops. Furthermore, devices owned by women “were more likely to be snooped on, and that snooping tended to seek more sensitive data, including both sexually revealing and non-sexual pictures, documents, and financial information.”
Researchers from the University of Guelph in Canada who conducted the study, were shocked by the research findings. Conducted from October through December 2021 in Ontario, researchers found that privacy violations occurred including accessing documents, photos, finance folders and customers browsing history. In two instances where the customers waited while the repair was completed, no intrusive privacy violation occurred. But otherwise, over half of the unsuspecting consumers found that “copying of data” occurred – meaning that the repair shop downloaded personal data without the consumer’s permission or knowledge.
My smartphone, laptop and tablet contain personal healthcare and financial data not only for me but also for my family. When a consumer electronic device needs to be fixed, repaired or replaced, I want assurances such as I receive from an authorized repair made by the manufacturer, that my personal data will not be viewed, not copied nor shared with strangers.
The current legislation being rushed through the Minnesota legislature — HF 1337 in the House / SF 1598 in the Senate — doesn’t provide any of these privacy assurances and should strike fear in consumers who dare to believe otherwise.