Federal. The Federal Trade Commission (FTC) is authorized, among other things, to prevent unfair methods of competition, and unfair or deceptive acts or practices in or affecting commerce. Enforced by the FTC, the Magnuson-Moss Warranty Act generally prohibits manufacturers from conditioning warranty coverage on the use of particular products or services.
 
Federal copyright laws protect original works of authorship including artistic works such as computer software. Certain federal laws prohibit bypassing technical measures that control access to copyrighted works. Several exemptions are specified.
 
State. The Consumer Protection Act (CPA) prohibits unfair methods of competition or unfair or deceptive practices in the conduct of any trade or commerce. A person injured by a violation of the CPA may bring a civil action for injunctive relief, recovery of actual damages, and reasonable attorneys' fees. Under certain circumstances, the courts may increase awarded damages up to three times the actual damages sustained. The attorney general is authorized to investigate and prosecute claims under the CPA on behalf of the state or individuals in the state.
 
Under state law, a trade secret means information that derives economic value from being unknown to others who can obtain economic value from its disclosure, and is subject to reasonable efforts to maintain its secrecy. Trade secrets are protected from misappropriation under federal and state law.

Obligations. Effective January 1, 2024, an original manufacturer of digital electronic equipment and related parts that are manufactured for the first time and first sold or leased in this state on or after July 1, 2023, must make available to any independent repair provider and owner, on fair and reasonable terms, any parts, tools, and documentation required for the diagnosis, maintenance, or repair of such equipment and related parts. For equipment that contains an electronic security-related function, the original manufacturer must make available any special parts, tools, and documentation needed to access and reset the lock or function when disabled in the course of repair.
 
Original manufacturer equipment or parts sold or leased in the state for providing security-related functions may not exclude diagnostic, maintenance, and repair information necessary to reset a security-related electronic function from information provided to owners and independent repair providers.

Notice. Before repairing digital electronic equipment, authorized repair providers and independent repair providers must provide to any consumer, publish on their website, or post at the place of business, written notice that contains:

• steps taken to ensure the privacy; and
• recommended steps consumer's may take to safeguard device data; and
• a statement of a consumer's legal right to privacy under the state Constitution and under certain state laws, including that violations of privacy may be referred to law enforcement and violators may be liable for damages, including mental pain and suffering, that a violation of privacy may have caused to a consumer's business, person, or reputation.
  

Limitations. Nothing in this act requires original manufacturers or an authorized repair provider to take specified actions such as divulge a trade secret, except as necessary, or make available any parts, tools, or documentation for modifying any digital electronic equipment or repairing public safety communications equipment used by an emergency service organization.

Liability. Original manufacturers and authorized repair providers must not be liable for services performed by independent repair providers, including any indirect, incidental, special, or consequential damages.

Exemptions. This act does not apply to manufacturers or distributors of:

• medical devices, as defined under current law;
• motor vehicles, including related equipment and dealers;
• any power generation or storage equipment; or
• equipment for fueling or charging motor vehicles.

Enforcement. Violations of this act are deemed to affect public interest and constitute an unfair or deceptive act in trade or commerce for purposes of applying the CPA. Violations of this act are enforceable under the CPA solely by the attorney general.

PRO: The digital divide became front and center during the pandemic. There is a glaring need for devices to get repaired to provide devices for education purposes and to provide an affordable repair option for consumers on fixed incomes. Other states are considering this process but are looking to Washington for leadership. This policy is already being implemented in other countries. The language before the committee is very well vetted and requires businesses to educate consumers what their rights are with regards to their digital devices and privacy. There have been attacks against small businesses that they will use data from devices for nefarious purposes; however, there is no proven risk to safety. The requirements in the bill do not weaken cybersecurity but rather include digital safeguards that are best practices. This bill is good for consumers, the environment, and businesses.

CON: This bill may lead to unintended economic and privacy concerns for consumers. It may also lead to unintended harms to businesses developing software as the full functionality of a hosting device is needed to avoid malfunctions; third-party repairs could interfere with functionality. The additional costs to manufacturers could be reflected in higher priced devices. The bill may also compromises critical security protections, such as credit cards and passwords. New York's repair law should be used as a model to provide a nationwide policy, which provides predictability for consumers and businesses.