On Tuesday, January 21, 2020, SecuRepairs member Tarah Wheeler was among those who appeared before a Washington State Senate Committee considering a bill to establish a digital “right to repair” in that state. This is her testimony.
Thank you, Chair Carlyle, and members of the Environment, Energy, and Technology Committee for the opportunity to testify here today. My name is Tarah Wheeler, I live in Seattle, and I am here to speak in support of Senate Bill 5799.
I am a Cybersecurity Policy Fellow with New America. I started in computers by building Pentium machines after school for my stepdad’s computer repair company. I have been a Linux systems administrator, an architect for secure systems, a senior cybersecurity executive at two large publicly traded security corporations, and I am an offensive information security researcher. That’s how you pronounce “hacker” when you’re testifying in front of a legislative committee.
One of the opposition arguments given by manufacturers is that Right to Repair represents a threat to the security of our devices. As a cybersecurity expert, I can tell you that if taking your iPhone apart represents a serious threat to the safety and security of communications in this country, we should be talking right now in an underground situation room, and not on public access TV in the 13th most populous USstate–though of course the number one state for crabbing, go duck hunting, and breathing clean air.
As a cybersecurity expert, I can tell you that if taking your iPhone apart represents a serious threat to the safety and security of communications in this country, we should be talking right now in an underground situation room.— Tarah Wheeler, New America Foundation.
While on many levels I am an Apple fan [waves phone and Apple Watch about], especially due to their strong and repeated commitment to secure encryption without creating back doors that would inevitably lead to foreign penetration and mass surveillance, I must tell you that permitting a screen replacement or a battery charger housing resolder on an iPhone or a Google Pixel is not the same thing as deliberately breaking encryption. It *is*creating a well-designed machine intended to be reused and repaired.
We are not talking about letting people illegally supercharge their car engines; we’re describing a world where anyone can still change their own tire. The lack of a right to repair is the equivalent of making it impossible to carry a spare tire and tire jack in your car, and requiring someone to have their car towed to the dealer for a simple tire change. That leads to price inflation, a lack of people who understand the simplicity of changing a tire, and very likely a future lack of independent auto mechanics.
As someone who hires in the information security industry, I know how critical it is to employ people with curious minds who want to understand how things work. I want to see more of those minds working in jobs here in the State of Washington. It is simply not the case that allowing someone to swap out a phone screen will let that person reverse engineer every bit of software on the phone or access private data. Apple and Google can still design phones that protect user security while allowing private repairs. We have real geopolitical problems in cybersecurity, and we should be asking Apple and Google to answer questions about data security, not about supply chain components that are easily physically testable and examine-able.
Thank you again to Chair Carlyle and the members of the committee for your time today, and I am happy to answer any questions you may have now, and after the hearing.
Tarah Wheeler (@tarah)