Colorado Senate Committee Advances Bill to Exempt Critical Infrastructure from Right-to-Repair Law

The Colorado Senate Business, Labor, and Technology Committee voted unanimously on Friday to advance Senate Bill 26-090, titled 'Exempt Critical Infrastructure from Right to Repair,' to the full Senate and House for consideration. The bill proposes modifications to the Consumer Right to Repair Digital Electronic Equipment Act, enacted in 2024 and set to take effect in January 2026.

That act mandates that manufacturers of digital electronic equipment provide consumers with access to tools, parts, instructions, and software needed for repairs.

SB26-090 would exempt information technology equipment intended for use in critical infrastructure from these requirements. Critical infrastructure includes sectors such as energy, transportation, and communications, where such equipment like routers, servers, and computers is commonly deployed. The bill's supporters include tech manufacturers Cisco and IBM, as indicated in lobbying disclosures.

Colorado has enacted right-to-repair laws since 2022, covering wheelchairs, agricultural equipment, and consumer electronics. These laws aim to enable users to perform their own repairs or upgrades by granting access to necessary resources. Danny Katz, executive director of CoPIRG, the Colorado branch of the Public Interest Research Group, stated that Colorado has the broadest repair rights in the country.

“Colorado has the broadest repair rights in the country," says Danny Katz, executive director of CoPIRG. "We should be proud of leading the way.”

Right-to-repair initiatives have expanded nationally, with bills introduced in all 50 U.S. states and enacted in eight. Manufacturers' positions on these laws vary; some have increased product repairability, while others have opposed expansions.

Cisco and IBM back SB26-090, arguing that providing repair access to critical infrastructure equipment could introduce cybersecurity vulnerabilities. They contend that such access might allow unauthorized parties to exploit tools and systems for harmful purposes.

This cybersecurity concern is a recurring argument from manufacturers in right-to-repair discussions, according to Ars Technica reporting.

The bill's passage through committee highlights ongoing tensions between consumer access to repairs and industry concerns over security in essential systems. If approved by the full legislature, the exemption would limit the scope of Colorado's 2024 act for specified equipment.

Stakeholders, including consumer advocates and tech firms, are expected to engage further as the bill proceeds. The outcome could influence similar debates in other states with right-to-repair laws.