CCC News & Insights

November 4, 2020

Right to Repair Act in Massachusetts - Implementation Challenges

By: Susanna Gotsch, Director, Industry Analyst, CCC Information Services Inc. The Right to Repair Law Vehicle Data Access Requirement was voted into law on Tuesday, November 3, 2020, in Massachusetts. The law will require manufacturers that sell vehicles with telematics systems in Massachusetts to provide vehicle owners and independent repair facilities with the right to access mechanical data and run diagnostics in a standardized format via an open data platform. [i] The mechanical data would be standardized across all makes and models and an authorization system for access to the vehicle networks and diagnostic systems would be administered by an independent party. Finally, the data must be easily accessible via an app, provide consumer consent controls, and must be in place in time to support model year 2022 vehicles.It is November 2020, with the first model year 2022 vehicles slated to be available for sale in fall 2021; in automotive timelines, the implementation timeline is tight.Concerted efforts at the federal level from multiple industries are underway to revise or delay the implementation of this law, yet there remains a possibility for the law as passed, and timeline, to persist. To many industry and technology experts, this appears to be a nearly impossible possibility to achieve.If actions at the federal level do not delay the timing of the law, manufacturers have only a few months to devise a path forward – a path that might need to facilitate the consumption of up to 4,000 gigabytes/car of data daily, ensure secure consent-driven access, and be accessible by Massachusetts repair facilities for two-way access via an app.[ii]A Different Beast, A Shorter Clock The industry has proven it can and will rise to evolving regulatory requirements. It did this following the initial right to repair law in Massachusetts in 2012 that provided repair facilities the right to access repair and diagnostics information. The law ended up providing manufacturers with several years to ensure data was easily accessible to repair facilities. Thus, giving consumers the confidence needed, and repair facilities the data needed, to accurately repair vehicle damage.Though intended to be an extension of this law, which previously left out telematics, this new regulation comes with significantly more challenges to implement within a shorter timeframe. Unlike relatively fixed repair data, telematics data is constantly evolving at the pace of innovation. Playing a crucial role in the operation of a vehicle, its dynamic nature, and the vital role it plays in active operations add a new layer of complexity to data access and control.The complexity of the data shared is not the only challenge left for the industries and Congress to contemplate, the complexities are wide reaching and varied.Challenges AheadThere are very few companies today that are familiar with the nuances, scale, and challenges of standardizing telematics data for use across industries. Experience and infrastructure to rapidly process telematics data are essential. Though applications of standardized telematics data have been growing at a rapid pace in recent months, this has been a collaborative evolution between technology providers, insurance carriers and manufacturers – working together to leverage telematics to reshape how an industry operates. The data flow is rapid, consent-driven, but information is read-only. Overcoming the read-only requirement will be one of the major hurdles auto manufacturers and repair facilities may need to tackle. Here are others:

  1. Consumer consent management: The Massachusetts law requires vehicle owners to consent to sharing data related to their vehicle. Transparency about what data is being collected, and how it is collected, stored, and used can also help build the consumer’s trust that the OEM wants to protect and provide the best possible experience to their customer. For example, one consumer may be happy to share information on how often and how hard the brakes on their vehicle are being applied, while others may not.
  2. Data collection, ingestion, and standardization: The new law requires the data provided by the OEM to be in a standardized format. In order to do so, the data to be collected should be clearly defined, account for the differences per OEM, securely communicate data, and be standardized for consumption by the vehicle owner and the designated repairer.
  3. Entity management: The new law extends access to the repair data to independent repairers upon authorization where capability must be built to enable seamless data request and delivery to those designated parties. App development can come quickly. Network integrations whereby data makes its way into workflows reaching intended recipients will prove more challenging.
  4. Permissions: Consumers will need to decide whether to make the repair-relevant telematics data available indefinitely or via a specified timeframe for a single repair. Clear guidelines should be established to inform the consumer of what they are signing up for.
  5. Data security: Consumers will need to feel comfortable that the repairer(s) they’ve chosen to work with has the appropriate data security in place to transfer data.

The Journey has Already BegunThough the path ahead presents multiple challenges, there already exist examples where these capabilities are in place. For example, numerous OEMs already work with independent third parties to share data collected from their customers’ connected cars that enable the consumer to receive potential offers from insurers, and the ability to submit notice of accident loss to their insurance company from the OEM’s own mobile apps. Integration has been developed that facilitates OEMs getting consumer consent to access and share data that uses secure APIs to extract, secure, and standardize the data, and that supports secure communication protocols among the OEM’s system and those of the third party provider in the ecosystem. Diagnostics data moves from an OEM into the workflow of an authorized collision repair shop, streamlining the process of important pre-, during, and post-vehicle scans. Data moves between parties quickly and securely – helping to provide the right data at the right time to the right party. These proof points and existing capabilities could help guide a path forward as the industry faces the pressures of a set timeline as dictated by the law.Certainly, market competition was a key driver of the original Right to Repair Act back in 2012 and is what drives the current updates. Transparency, trust, and informed repairs will help consumers feel good about their vote. However, it will require significant trust, transparency, technology, and fortitude for the automotive and repair industries to foster a path forward that creates an open marketplace without opening new risks.Risk to ActFailure for auto manufacturers to comply would result in treble damages or $10,000 in compensation to the vehicle owner.[i] https://ballotpedia.org/Massachusetts_Question_1,_%22Right_to_Repair_Law%22_Vehicle_Data_Access_Requirement_Initiative_(2020)[ii] https://www.rollcall.com/2019/04/09/your-car-is-watching-you-who-owns-the-data/#:~:text=A%20car%20can%20generate%20about,consulting%20firm%20McKinsey%20has%20estimated