“Common sense tells us that illegal hackers are not waiting for legal access to repair documentation, nor that they would be in the least constrained by the threat of litigation for copyright violations.”
Fixing things is legal under multiple sections of Copyright Law. Repair doesn’t modify books, music, videos or licensed software, so it’s absurd that copyright law is even being used to restrict repair.
The Section 1201 Exemption Process is Transparent
Apparently, the U.S. Copyright Office agrees. They recently granted a broad new set of exemptions to Section 1201 of the Digital Millennium Copyright Act (DMCA) for repair, including the repair of medical equipment.
A recent blog post by Peter Pitts, President of the Center for Medicine in the Public Interest, argues that the Copyright Office was wrong to exempt medical device repair from copyright peril under Section 1201 of the DMCA, writing:
The unintended consequence of the Copyright Office’s ruling [on the right-to-repair] is that what was once an illegal activity that was hard to track is now a legal activity that is hard to track and increases threats not only to patient safety but to patient privacy.
As declared above, this piece doesn’t argue points of copyright law, but rather of how Right to Repair as a legislative movement is dangerous and ill-conceived. Even if you agree with Pitts that manufacturers of medical equipment should be allowed a repair monopoly (which, it’s worth noting, the Food and Drug Administration [FDA] does not agree with [see p. 2, Executive Summary]), why should the Copyright Office be regulating repair of medical equipment at all?
17 U.S.C. § 1201 (known as “Section 1201”) is designed to protect copyrighted works from piracy and makes it a crime to bypass a digital lock set up to protect copyrighted content like music, video games or movies. But some manufacturers have exploited that provision to lock customers into their own expensive, inaccessible repair services, by locking repair functions, too.
Every three years, the Copyright Office allows for exemption requests to be made under Section 1201. This process, set up by Congress, has been in place since 1998 and includes multiple rounds of hearings and opportunities for discussion and testimony. The recent ruling by the Copyright Office granted exemptions for technicians to break digital locks for purposes of repair of equipment as diverse as tractors, gaming consoles, servers and ventilators.
There is nothing mysterious or behind the scenes about this process: it’s as regular as clockwork. Pitts suggests that the process was hidden and swept under the rug of the Federal Register, stating: “The U.S. Copyright Office’s announcement, deep inside the Federal Register and written in very user unfriendly dense government jargon, landed not with a bang, but with a whimper. On purpose. Hiding in plain sight. This terrible ruling offered without a comment period or any other appeals mechanism, will have a profoundly negative impact on America’s public health.”
The Copyright Office report to Congress itself shows otherwise.
Under Section iii of the Register’s Recommendations (see pages 224-231), there are extensive references to the engagement of major medical device trade associations AdvaMed, MITA, ACT and directly by Phillips as a manufacturer. In the text of the report, the Register explains her logic in evaluating the requests, including the input of the FDA, Federal Trade Commission (FTC) and Biden Administration. Anyone who wished to participate was heard.
The arguments against the recommendations of the Copyright office, such as those offered by Pitts, don’t even strike me as copyright or intellectual property arguments at all. Instead, this piece appears to be a stealth argument against opening repair access as a general policy having nothing to do with copyright law.
We hear these claims in legislative hearings not just for medical equipment but for cell phones, home appliances and even lawn mowers. Pitts suggested that repair information is of value to illegal hackers with this statement:
Straying beyond the limits of ‘repair’ could very well result in installing new software, changing system configurations, etc. These activities raise real and relevant patient safety and cybersecurity concerns for FDA-regulated medical devices.
These same arguments were made in public comments and discussed by the Copyright Office. I can only assume Pitts simply does not like the result.
Repair of medical equipment is restoration of equipment to service as designed by the manufacturer and using manufacturer-developed repair materials. The Copyright Office did not agree that providing access to all necessary repair materials would facilitate hacking, nor result in patient harm, agreeing with the FTC analysis from their “Nixing the Fix Workshop” Section C, discussion Cybersecurity. Pg 30:
By providing such access [repair materials] to individuals and independent repair shops, manufacturers would have greater confidence in the repair activities that occur outside of their authorized networks. As noted above [in the FTC report] in connection with safety concerns, with appropriate parts and repair information, the record supports arguments that consumers and independent repair shops would be equally capable of minimizing cyber security risks as are authorized repairers.
Further, the Copyright Office also sought input from the FDA in 2021 and was apprised by Suzanne B. Schwartz of the FDA that there is no reason to block independent repair in the context of patient safety or cyber security (found in the footnotes on pg 229 of the Report).
‘Absurd’ Scare Tactics
Common sense tells us that illegal hackers are not waiting for legal access to repair documentation, nor that they would be in the least constrained by the threat of litigation for copyright violations.
“Nefarious hackers” with a profit motive aren’t looking to sell ventilator firmware (as an example) on the black market, since there is no black market for firmware. Firmware for all devices is included with the product in the first place – so the only parties needing firmware already have it. Restoring lost software is specifically legal under Copyright Law Section 117.
It’s also absurd to imagine there are roving bands of nefarious hackers pretending to be qualified repair techs breaking into hospitals plying service offers, whispering, “Hey, Lady– I happened to be in the neighborhood and I have leftover MRI Repair parts that maybe you could use.”
This is not how the industry works. There are a host of regulations that make sure medical product repair is safe. In 2018, the FDA investigated whether additional regulation of independent repair was appropriate, but instead reported in their Executive Summary on Pg 2 that “the continued availability of third party entities to service and repair medical devices is critical to the functioning of the U.S. healthcare system.”
While utmost care should be taken in the service of medical equipment, care facilities already have full responsibility for the technicians and subcontractors they hire under a variety of FDA, Joint Commission, CMS and other regulators. This, too, is not a copyright issue. It is not the responsibility of the Copyright Office to intervene.
Patients Deserve Access
It has been the Digital Right to Repair Coalition’s mission to make it practical for the owners of equipment, including health care facilities, to be able to acquire the full suite of manufacturer-created service materials to be used for that specific purpose. Framing arguments in opposition to right-to-repair legislation as intellectual property issues does nothing to advance patient care. Patients deserve access to fully functional and tested equipment as needed, and artificial delays in care due to manufacturer intransigence in providing access to repair materials is simply unconscionable.
Image Source: Deposit Photos
Image ID: 13449947