Tech Companies Are Trying To Neuter Colorado's Landmark Right-to-Repair Law (wired.com) 27
An anonymous reader quotes a report from Wired: Today at a hearing of the Colorado Senate Business, Labor, and Technology committee, lawmakers voted unanimously to move Colorado state bill SB26-090 -- titled Exempt Critical Infrastructure from Right to Repair -- out of committee and into the state senate and house for a vote. The bill modifies Colorado's Consumer Right to Repair Digital Electronic Equipment act, which was passed in 2024 and went into effect in January 2026. While the protections secured by that act are wide, the new SB26-090 bill aims to "exempt information technology equipment that is intended for use in critical infrastructure from Colorado's consumer right to repair laws."
The bill is supported by tech manufacturers like Cisco and IBM, according to lobbying disclosures. These are companies that have vested interests in manufacturing things like routers, server equipment, and computers and stand to profit if they can control who fixes their products and the tools, components, and software used to make those upgrades and repairs. They also cite cybersecurity concerns, saying that giving people access to the tools and systems they would need to repair a device could also enable bad actors to use those methods for nefarious means. (This is a common argument manufacturers make when opposing right-to-repair laws.)
[...] During the hearing, more than a dozen repair advocates spoke from organizations like Pirg, the Repair Association, and iFixit opposing the bill. YouTuber and repair advocate Louis Rossmann was there. The main problem, repair advocates say, is that the bill deliberately uses vague language to make the case for controlling who can fix their products. [...] The Colorado Labor and Technology committee advanced the bill, but it still needs to go through votes on the Colorado Senate and House floors before going into effect. Those votes may take place as early as next week. Regardless of how the bill goes in the state, it's likely that manufacturers will continue their push to alter or undo repair legislation in other states across the country. "The 'information technology' and 'critical infrastructure' thing is as cynical as you can possibly be about it," says Nathan Proctor, the leader of Pirg's US right-to-repair campaign. "It sounds scary to lawmakers, but it just means the internet."
The current wording of the bill "leaves it up to the manufacturers to determine which items they will need to provide repair tools and parts to owners and independent repairers and which ones they don't," says Danny Katz, executive director CoPIRG, the Colorado branch of the consumer advocate group Pirg. "This is a bad policy and would be a big step back for Coloradans' repair rights."
iFixit CEO Kyle Wiens said in the hearing: "There's a general principle in cybersecurity that obscurity is not security," iFixit CEO Kyle Wiens said in the hearing. "The money that's behind the scenes, that's what's driving the bill."
The bill is supported by tech manufacturers like Cisco and IBM, according to lobbying disclosures. These are companies that have vested interests in manufacturing things like routers, server equipment, and computers and stand to profit if they can control who fixes their products and the tools, components, and software used to make those upgrades and repairs. They also cite cybersecurity concerns, saying that giving people access to the tools and systems they would need to repair a device could also enable bad actors to use those methods for nefarious means. (This is a common argument manufacturers make when opposing right-to-repair laws.)
[...] During the hearing, more than a dozen repair advocates spoke from organizations like Pirg, the Repair Association, and iFixit opposing the bill. YouTuber and repair advocate Louis Rossmann was there. The main problem, repair advocates say, is that the bill deliberately uses vague language to make the case for controlling who can fix their products. [...] The Colorado Labor and Technology committee advanced the bill, but it still needs to go through votes on the Colorado Senate and House floors before going into effect. Those votes may take place as early as next week. Regardless of how the bill goes in the state, it's likely that manufacturers will continue their push to alter or undo repair legislation in other states across the country. "The 'information technology' and 'critical infrastructure' thing is as cynical as you can possibly be about it," says Nathan Proctor, the leader of Pirg's US right-to-repair campaign. "It sounds scary to lawmakers, but it just means the internet."
The current wording of the bill "leaves it up to the manufacturers to determine which items they will need to provide repair tools and parts to owners and independent repairers and which ones they don't," says Danny Katz, executive director CoPIRG, the Colorado branch of the consumer advocate group Pirg. "This is a bad policy and would be a big step back for Coloradans' repair rights."
iFixit CEO Kyle Wiens said in the hearing: "There's a general principle in cybersecurity that obscurity is not security," iFixit CEO Kyle Wiens said in the hearing. "The money that's behind the scenes, that's what's driving the bill."
You will own nothing and you will like it (Score:3, Insightful)
Heaven forbid we should have the right to even the tiniest bit of sovereignty over things we have paid for. I hope the state of Colorado takes these guys to the mattresses.
Re: You will own nothing and you will like it (Score:5, Insightful)
Re: (Score:2)
AI reverse engineering (Score:2)
Fully expect at this minute that there are dozens of labs using AI to reverse engineer everything from network edge devices, motherboards, GPU support chips, firmware images, heat sink and dissipation designs, ....
One wonders how much faster (100x ?) will it be to reverse engineer critical software with AI since the AI can reverse engineer, fuzz, code, test the new code vs the original all automated by AI.
We do have the we right to not buy (Score:2)
Re:We do have the we right to not buy (Score:4, Funny)
That's about it though.
Conditions and terms apply. Loiter and vagrancy laws may outlaw buying nothing. Check your local jurisdiction for information that applies to you.
to paraphrase a certain meme... (Score:2)
I am once again calling upon the sum total of the 'TechBro Community' to eat my entire ass like a sack of groceries.
Planned obsolescence is pure unadulterated bullshit. "No user serviceable parts inside" is naught but a warning label. Specialty tools requirements to open or repair devices is rarely beter than theft of time, effort, and yet more coin from device owners.
Re: (Score:1)
Kneel before your Masters, pleb.
Re: (Score:2)
"No user serviceable parts inside"
Or, in simple English, repair requires skill, training, knowledge, some combination of the three, beyond that a regular and common user would possess.
It also works, in the real world, to identify some product that can not, in fact, be repaired at the component level, either due to physical reality (epoxy potted components come to mind) or the manufacturer's inability to source the required components (third-part complex parts, I could offer examples which should be obvious
I would love to be in that hearing (Score:5, Funny)
"So, you think critical infrastructure shouldn't be repaired!?"
And watch the bullshit lame ass excuses the fuckwit companies come up with.
(yes, I know its so they can sell you service contracts and parts and labor n what not, but i want to see them attempt to justify it)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3)
"So, you think critical infrastructure shouldn't be repaired!?"
They know that critical infrastructure *must* be repaired, and want exclusivity over those repairs so that they can profit unreasonably. As you said they're going to make frivolous claims that you might buy counterfeit parts made by some fake parts manufacturer in China or whatever.
The problem with any argument they come up with is that most repairs don't involve motherboards or other components that could realistically have compromised firmware, but rather power supplies, RAM, and storage. (And yeah, sto
Re:I would love to be in that hearing (Score:4, Insightful)
"So, you think critical infrastructure shouldn't be repaired!?"
They know that critical infrastructure *must* be repaired, and want exclusivity over those repairs so that they can profit unreasonably.
So, let the companies retain their monopoly over repair and then regulate that repair business as a monopoly, with government oversight, regulation, and approval of all prices and offerings. If a free market doesn't exist, then there is no free market to be enabled by a laissez-faire government approach.
Re: (Score:2)
"So, you think critical infrastructure shouldn't be repaired!?"
They know that critical infrastructure *must* be repaired, and want exclusivity over those repairs so that they can profit unreasonably.
So, let the companies retain their monopoly over repair and then regulate that repair business as a monopoly, with government oversight, regulation, and approval of all prices and offerings. If a free market doesn't exist, then there is no free market to be enabled by a laissez-faire government approach.
In theory, sure. In practice, the FTC regulates things like this about as well as the CPUC regulates electric rates. Regulatory capture and bending to industry pressure has become the default at this point. Right to repair laws are really the only solution. Such laws distribute the enforcement responsibility by potentially enabling random annoyed DAs to prosecute or class-action attorneys to sue, depending on whether they are written as civil or criminal law.
Re: (Score:2)
"So, let the companies retain their monopoly over repair and then regulate that repair business"
Your solution is the highest abuse of rent-seeking for the ostensible purpose of 'making things right'.
And this is how government destroys our lives, beyond even the efforts of 'those evil corporations' that are assumed to exit merely to exploit us.
Your proposal is the opposite of liberty. It substitutes the State for the Corporation. And diminishes us further with no benefit, because the State will act in its ow
but don't allow locking of firmware updates under (Score:2)
but don't allow locking of firmware updates under pay walls then.
Free repairs (Score:2)
If your 'infrastructure' is so important than offer free repairs.
Anyone attempting to charge for repairs has no business expecting the government to prevent other people from offering cheaper repairs.
Cisco and IBM are the pay for access to updates pe (Score:2)
Cisco and IBM are the pay for access to updates people
Re: (Score:3)
The OEM can deny liability, provided they can prove your actions caused the problem.
Magnuson-Moss Act
https://en.wikipedia.org/wiki/... [wikipedia.org]
Imagine (Score:2)
Imagine this sentence in 1970: "My picture frame had a software vulnerability and someone used it to attack a bunch of countries."
Re: (Score:2)
Imagine explaining to a 10 year old what a rotary phone was and how you had to literally be at home when it rang in order to receive the call or how there were only a handful of channels on the one single tv in the entire house, which you also had to be seated in front of at a specific time else you would miss the show and have to wait who knows how long to catch a rerun.
What I'm trying to say, I have no idea what point you are attempting to convey with your sentence, since computers in 1970 took up a huge
Critical infrastructure Exempted? (Score:2)
It would seem to me that critical infrastructure is exactly the stuff that should require spare parts and repair manuals to be available. It's more important to keep machines doing useful work running than to fix toys like MP3 players.