Tech companies are trying to neuter Colorado’s landmark right-to-repair law
Foto: Getty Images
Eight U.S. states have already passed right-to-repair legislation, but Colorado has set a global standard by extending regulations beyond consumer electronics to include agricultural and medical equipment. However, tech giants such as Cisco and IBM are now intensively lobbying for the introduction of amendment SB26-090, which seeks to exempt so-called critical infrastructure from these regulations. This category includes routers, servers, and advanced IT systems that form the foundation of the modern digital economy. Manufacturers justify their position by citing cybersecurity concerns, claiming that widespread access to diagnostic tools and technical documentation could facilitate the work of hackers. For users and independent repair shops, however, this means maintaining a corporate monopoly over repairs and updates of key networking hardware. If the amendment takes effect, the right to repair will be drastically limited in the professional technology sector, forcing companies and institutions to use only authorized, often significantly more expensive service channels. The struggle for hardware control demonstrates that the line between digital security and the ownership rights of a purchased device is becoming a major battlefield for the future of sustainable technology. Exempting IT infrastructure from Right to Repair regulations could set a dangerous precedent, allowing manufacturers to arbitrarily define products as "critical" solely to block access to their internals.
The fight for the Right-to-Repair is entering a decisive phase, and the state of Colorado has become an unexpected battlefield where the fate of global technology service standards is being weighed. Since 2022, Colorado has consistently built a leadership position, introducing breakthrough regulations regarding wheelchairs, agricultural machinery, and ultimately, consumer electronics in a broad sense. This success triggered a domino effect—repair bill projects appeared in every US state, and in eight of them, they have already been approved. However, where users see savings and ecology, tech giants see a threat to their profits and control over the product ecosystem.
Currently, we are observing an attempt at a systemic limitation of these freedoms. A new state bill project, designated as SB26-090, serves as a glaring example of how corporations are trying to "neuter" existing law before it can properly begin to protect consumers. Although the Consumer Right to Repair Digital Electronic Equipment Act came into force in January 2026, the new legislative proposal aims to introduce broad exemptions that could drastically narrow the definition of equipment subject to free repair.
Critical infrastructure as a legislative skeleton key
Project SB26-090, titled "Exempt Critical Infrastructure from Right to Repair," seeks to exclude IT equipment intended for use in so-called critical infrastructure from state repair regulations. At first glance, this sounds like a rational step aimed at protecting public safety; however, the devil lies in the details of the definitions and the intentions of lobbyists. Entities such as Cisco and IBM are actively supporting these changes, as clearly shown by disclosed lobbying documents. These companies are the primary manufacturers of routers, servers, and advanced computer systems upon which the modern digital economy relies.
Read also
Excluding these categories of devices from the right to repair means that owners of expensive networking or server equipment will still be forced to use only authorized, often exorbitantly expensive manufacturer services. This is a business model based on informational and technical monopoly. The manufacturer controls not only access to spare parts, but above all to specialized diagnostic software and manuals, without which modern electronics remain a useless hunk of metal and silicon in the event of the slightest failure.
The manufacturers' arguments invariably revolve around the issue of cybersecurity. They claim that making the tools and systems necessary for repair available to third parties could open a door for "bad actors" who would use these methods for criminal purposes. This is a classic "security through obscurity" strategy, which security experts often criticize as ineffective against professional hackers, while primarily hitting honest users and independent repair shops.
Colorado as a testing ground for global corporations
Danny Katz, executive director of CoPIRG (the Colorado branch of the consumer group Pirg), rightly notes that Colorado currently possesses the broadest repair rights in the entire United States. It is precisely this "breadth" of protection that has become the target of the attack. The Colorado Senate Business, Labor, and Technology Committee voted unanimously to refer SB26-090 for further work in the senate and house of representatives, suggesting that corporate arguments are falling on fertile ground among lawmakers.
- 2022: First legislative successes regarding wheelchairs and agricultural machinery.
- 2024: Passage of the broad digital electronics act.
- January 2026: Official entry into force of consumer protection regulations.
- SB26-090: Attempt to exclude routers, servers, and infrastructure computers from the right to repair.
For tech giants, the stakes are enormous. Control over the product life cycle is not just profit from the sale of parts, but above all the ability to force cyclical equipment replacement (so-called planned obsolescence). If a user cannot repair an old Cisco router due to a lack of access to a software key, the only option is to purchase a new model. The right to repair was intended to break this mechanism, restoring real ownership over the purchased item.
Industry perspective: Repair is not just a screwdriver
In today's technological realities, "repair" rarely ends with the replacement of a physical component. Modern devices are protected by part pairing, where each component has a unique digital identifier assigned to the processor. Without an official tool from the manufacturer, even installing an original part from another, identical device can result in blocked functions or complete immobilization of the equipment. Project SB26-090 protects this state of affairs under the guise of concern for critical infrastructure.
Blocking access to technical documentation and service software for third-party companies creates bottlenecks in the maintenance of networks and data centers. In crisis situations where immediate intervention is required, dependence on a single service provider can paradoxically weaken infrastructure security instead of strengthening it. A monopoly on repair is a monopoly on response time and price, which on a global scale translates into billions of dollars transferred from users to manufacturers.
"Manufacturers make more money selling tools, spare parts, and service contracts if they can control the whole process than if they let people fix things on their own."
The actions taken in Colorado are a warning signal for the Right-to-Repair movement worldwide. If corporations succeed in pushing through exemptions for "critical infrastructure," we can expect that soon every category of equipment—from laptops to smart refrigerators—will be deemed too "sensitive" to allow for its repair outside of an authorized service center. The fight over SB26-090 is not just about server rooms in Denver; it is a fight over the definition of ownership in the digital age, where the line between owning a device and "renting" it long-term from the manufacturer is becoming increasingly blurred.
Instead of an open market for service repairs that stimulates innovation and lowers costs, we risk returning to closed systems where the consumer is merely a passive payer. The success or failure of SB26-090 will show whether law made in the public interest can resist a precision strike from the lobbying of the world's largest tech players.
