Right-to-repair sweetens McFlurry but sours when lives are at stake

McDonald’s enthusiasts across the country are celebrating a change that could end the chain’s notorious ice cream machine breakdowns. Thanks to a new copyright exemption, McFlurries and soft-serve ice cream may soon flow without interruption.

A recent update to the Digital Millennium Copyright Act allows outside entities to access and repair “retail-level commercial food preparation equipment.” Previously, McDonald’s employees had to rely on specialized repairs from the manufacturer. Now, franchise owners can bypass copyright restrictions and fix the machines themselves.

Applying a ‘McFlurry-style’ right-to-repair policy to medical devices could compromise patient safety and device reliability.

Goodbye to “broken machine” memes — and hello to reliable ice cream.

The ruling marks a significant victory for the right-to-repair movement, which pushes for greater consumer and business control over repairing the products they own. While this is a win for consumers, it raises concerns about whether policymakers might overextend the movement into sensitive areas like medical devices.

Last month, I joined a panel discussion on the right to repair and examined how a “one-size-fits-all” approach to policy reform could lead to unintended consequences.

Unlike simpler technologies, where errors might cause inconvenience or financial loss, failures in medical devices can directly affect patient health and safety. Medical devices are heavily regulated by the U.S. Food and Drug Administration, which enforces strict guidelines and approval processes to ensure all repairs and modifications meet safety and performance criteria.

The consensus at the event was clear: Applying a “McFlurry-style” right-to-repair policy to medical devices could compromise patient safety and device reliability. Unauthorized repairs might fail to meet the stringent regulatory standards necessary to ensure these critical health care tools remain safe and effective.

While the right-to-repair ruling for McDonald’s machines is a victory worth celebrating, a cookie-cutter, one-size-fits-all approach doesn’t work for medical devices. Higher standards are essential when patient safety and human lives are at stake.

Unlike McFlurry machines, medical devices often store sensitive personal and patient information. This reality underscores the need for a controlled, regulated, and safe repair process.

On top of that, sensitive patient data is closely tied to medical devices, requiring a cautious, highly coordinated approach from policymakers. Rushing repairs without strong security measures could worsen vulnerabilities, risking severe consequences for data integrity and the health care system as a whole.

A cyberattack this spring on British hospitals illustrated a worst-case scenario. The attack, triggered by issues from an outside contractor, caused a 40-minute shutdown. Essential surgeries were interrupted, and access to critical medical records was lost, bringing hospital operations to a halt. The disruption affected 800 operations and forced more than 700 patients in London’s leading hospitals to reschedule their appointments.

Health care systems worldwide remain frequent targets for hackers. According to an FBI report, cybercriminals launched 249 attacks on health care institutions in 2023 alone. Using methods like ransomware and zero-day exploits, these hackers aim to maximize disruption, expose sensitive patient data, and destabilize systems for financial or political gain.

We can clearly see maintaining a distinction between higher risk technologies and other products within any legislative or regulatory action is not just prudent, but necessary.

The stakes in health care are far higher, as patient lives and sensitive personal data are at risk. The complex, interconnected nature of today’s health care systems demands carefully crafted policies that prioritize safety and security — not a generalized, “one-size-fits-all” approach.

While McDonald’s may now keep its McFlurry machines whirring, medical device repairs are another story. It’s best to leave those to regulated professionals to ensure patient safety remains the top priority.