Hoist your wrenches into the air, folks. As of today, October 28, you can now hack, repair, and conduct security research on your own car—or tractor!—without risking jail time for copyright infringement.
If you’re wondering what car repair has to do with copyright law—believe me, you’re not the only one. People have been repairing, modifying, and tinkering with cars ever since we left horses in the dust. But cars have changed a lot since Henry Ford rolled the first Model Ts off the assembly lines just over 100 years ago. Cars aren’t just pistons and pumps anymore—they are giant computers on wheels. And the software that tells those computers what to do is (you guessed it) copyrighted.
Thanks to the Digital Millennium Copyright Act, manufacturers can potentially sue you for fiddling with their copyrighted programming. Even if you just want to fix your car or tractor. Even if you just want to check your 2014 Jeep Cherokee for security vulnerabilities—on the off-chance that hackers could commandeer its operations. Because, it turns out, they can.
Last year, automotive cybersecurity researchers Charlie Miller and Chris Valasek remotely hacked and disabled a Wired reporter’s Jeep while he was driving on the highway (don’t panic: the reporter was a willing and unharmed participant). Miller and Valasek’s work prompted Chrysler to issue a massive security update. Technically, Miller and Valasek’s experiment could have violated the DMCA—and Chrysler could have prosecuted the digital do-gooders.
Obviously, most researchers wouldn’t risk hacking cars if it could put them in jail. And that’s troubling. We need more security researchers, not less of them. Especially in an age when manufacturers are hooking up absolutely everything (thanks, IoT) to the Internet and carmakers are teaching their vehicles to cheat emissions tests.
And the DMCA stifles more than security research. Last year, John Deere claimed that farmers didn’t own the software in their own tractors. As such, Deere argued that farmers were not allowed to access the programming to repair the tractors themselves. Naturally, that rubbed a lot of people the wrong way. Including us.
iFixit, Repair.org, and the Electronic Frontier Foundation (and many others!) fought for nearly a year to have repair and security research (activities that have nothing to do with copyright) exempted from Copyright law. The US Copyright Office agreed.
Exactly one year ago, the Copyright Office granted a host of exemptions—including three-year exemptions for repairing, modifying, and conducting security research on your own vehicle. Unfortunately, the Copyright Office also decided that the vehicle exemptions wouldn’t go into effect until 12 months after the initial ruling. Which is today.
Yeah we know, the year of waiting cut into those three years of freedom—but that’s bureaucracy for you. The upside: For the next two years, you’re legally entitled to fix your tractor and tinker around under the hood of your car—even if it requires access to the car’s programming. The downside: In 2018, advocates will have to ask for permission to repair their cars again—a daunting process that costs a massive amount of time, effort, and legal fees.
But we’re trying to change that. Yesterday, iFixit and Repair.org submitted comments to the Copyright Office in support of carving out a permanent exemption for all repair and security research—for cars and everything else. Hopefully, fixing your tractor or hunting for security vulnerabilities in your car won’t be a jailable offence ever again.
If you want to help make the world safe for repair, join Repair.org—they’re on the front lines every day, fighting for your right to fix everything you own.