Who Owns Your Connected Device?

It’s been clear for years that IoT companies gather a large amount of data from customers. Everything from a smart thermometer to your new car gathers and reports data back to the cloud. California has tried to tackle customer data privacy through the California Consumer Privacy Act that went into effect on January 1.

Web companies must provide California consumers the ability to opt-out from having their personal information sold to others. Consumers must be given the option to have their data deleted from the site. Consumers must be provided the opportunity to view the data collected about them. Consumers also must be shown the identity of third parties that have purchased their data. The new law defines personal data broadly to include things like name, address, online identifiers, IP addresses, email addresses, purchasing history, geolocation data, audio/video data, biometric data, or any effort made to classify customers by personality type or trends.

However, there is one area that the new law doesn’t cover. There are examples over the last few years of IoT companies making devices obsolete and nonfunctional. Two examples that got a lot press involve Charter security systems and Sonos smart speakers.

When Charter purchased Time Warner Cable, the company decided that it didn’t want to support the home security business it had inherited. Charter ended its security business line earlier this year and advised customers that the company would no longer provide alarm monitoring. Unfortunately for customers, this means their security devices become non-functional. Customers probably felt safe in choosing Time Warner Cable as a security company because the company touted that they were using off-the-shelf electronics like Ring cameras and Abode security devices – two of the most common brands of DIY smart devices.

Unfortunately for customers, most of the devices won’t work without being connected to the Charter cloud because the company modified the software to only work in a Charter environment. Customers can connect some of the smart devices like smart thermostats and lights to a different hub, but customers can’t repurpose the security devices, which are the most expensive parts of most systems. When the Charter service ended, homeowners were left with security systems that can’t connect to a monitoring service or law enforcement. Charter’s decision to exit the security business turned the devices into bricks.

In a similar situation, Sonos notified owners of older smart speakers that it will no longer support the devices, meaning no more software upgrades or security upgrades. The older speakers will continue to function but can become vulnerable to hackers. Sonos offered owners of the older speakers a 30% discount on newer speakers.

It’s not unusual for older electronics to become obsolete and to no longer be serviced by the manufacturer – it’s something we’re familiar with in the telecom industry. What is unusual is that Sonos told customers that they cannot sell their older speakers without permission from the company. Sonos has this ability because the speakers communicate with the Sonos cloud. Sonos is not going to allow the old speakers to be registered by somebody else. If I was a Sonos customer I would also assume this to mean that the company is likely to eventually block old speakers from their cloud. The company’s notification told customers that their speakers are essentially a worthless brick. This is a shock to folks who spent a lot of money on top-of-the-line speakers.

There are numerous examples of similar incidents in the smart device industry. Google shut down the Revolv smart hub in 2016, making the device unusable. John Deere has the ability to shut off farm equipment costing hundreds of thousands of dollars if farmers use somebody other than John Deere for service. My HP printer gave me warnings that the printer would stop working if I didn’t purchase an HP ink-replacement plan.

This raises the question if consumers really own a device if the manufacturer or some partner of the manufacturer has the ability at some future time to shut the device down. Unfortunately, when consumers buy smart devices they never get any warning of the rights of the manufacturer to kill the devices in the future.

I’m sure the buyers of the Sonos speakers feel betrayed. People likely expect decent speakers to last for decades. I have a hard time imagining somebody taking Sonos up on the offer to buy new speakers at a discount to replace the old ones because in a few years the company is likely to obsolete the new speakers as well. We all have gotten used to the idea of planned obsolescence. Microsoft stops supporting older versions of Windows and users continue to use the older software at their risk. But Microsoft doesn’t shut down computers running old versions of Windows as Charter is doing. Microsoft doesn’t stop a customer from selling a computer loaded with Windows 5 to somebody else, as Sonos is doing.

These two examples provide a warning to consumers that smart devices might come with an expiration date. Any device that continues to interface with the original manufacturer through the cloud can be shut down. It would be an interesting lawsuit if a Sonos customer sues the company for essentially stealing their device.

It’s inevitable that devices grow obsolete over time. Sonos says the older speakers don’t contain enough memory to accept software updates. That’s probably true, but the company went way over the line when they decided to kill old speakers rather than let somebody sell them. Their actions tell customers that they were only renting the speakers and that they always belonged to Sonos.