FTC Pushed To Crack Down On Companies That Ruin Hardware Via Software Updates Or Annoying Paywalls
from the you-don't-own-what-you-buy dept
We’ve noted for years how you no longer really own the things you buy. Whether it’s smart home hardware that becomes useless paperweights when the manufacturer implodes, or post-purchase firmware updates that actively make your device less useful, you simply never know if the product you bought yesterday will be the same product tomorrow.
Now a coalition of consumer groups, activists, and lawmakers are pushing the FTC to crack down on “smart” device manufacturers that suddenly pull support for products or make them less useful — either by simply removing features or hiding them behind annoying new subscription paywalls.
In a letter sent last week to key FTC officials, a coalition of seventeen different groups (including Consumer Reports, iFixit, and US PIRG) requested that the agency take aim at several commonplace anti-consumer practices, including “software tethering” (making hardware useless or less useful later via firmware update), or the act of suddenly locking key functionality behind subscriptions:
Both practices are examples of how companies are using software tethers in their devices to infringe on a consumer’s right to own the products they buy. While the FTC has taken some limited actions with regard to this issue, a lack of clarity and enforcement has led to an
ecosystem where consumers cannot reliably count on the connected products they buy to last.
The letter cites numerous instances of consumer harms Techdirt has covered at length, ranging from Peloton’s recent decision to charge used bike owners a $95 fee for no coherent reason, to the “smart” baby bassinet maker that recently decided to paywall most of the device’s most popular features.
The letter correctly points out that this environment, where consumers are constantly shelling out significant money for devices that can be killed or rendered less useful (often without clear communications to end users), is resulting in a “death by a thousand cuts” for consumer rights. And, the groups note, it’s likely to only get worse without clear guidance and enforcement by the FTC.
The FTC has occasionally made inquiries in this space, but often only superficially. For example the FTC launched an investigation into Google’s decision to turn Revolv smart home hardware into useless crap but then took no substantive action and implemented no meaningful consumer reforms.
But the (intentionally) underfunded, understaffed, and endlessly embattled agency only has so many resources, and struggles to tackle even far more pressing issues like widespread monopolization or privacy violations. Still, some federal guidance and a few warnings would probably go a long way in a “smart” hardware sector that’s become a hot mess in the cloud computing age.
Filed Under: bricked, consumers, ftc, hardware, ownership, smart home, software, subscriptions
Comments on “FTC Pushed To Crack Down On Companies That Ruin Hardware Via Software Updates Or Annoying Paywalls”
While I’m all onboard for this to happen, I need to add one word, lobbyists.
Re:
Well yeah, lobbyists are a perfect example of stuff you don’t own after buying without periodically paying more.
I wonder of the details, because a single security update could reduce performance by 30% (like recent Intel and AMD CPUs mitigations).
And what if companies would better stop providing updates after one or two years because that too much code to support. You’ve got a fine working but obsolete piece of technology that would catch the first virus luring around.
Users may be okay to loose 10% performance each year to continue to get their device secure.
Re:
The FTC already announced its intention to make rules “to curb lax security practices”. Presumably, stopping updates after a year when it’s known that the average customer keeps a product for, say, 10 years, would be frowned upon.
Of course, updates are only needed if the design was bad in the first place. If companies stopped making stuff needlessly network-connected, that would go a long way. There are some things such as TVs that need connections; but they should also be easy to sandbox, and don’t need writable storage.
Re: Re:
And a good thing, too: whenever a vendor announces end of support for an IOT product, the sharks smell blood in the water and immediately start focusing on those devices — because they know that whatever exploits they can develop will work as long as those devices are plugged in: the security holes will never be fixed. (Could third parties possibly fix them? Not if the vendors can help it.)
Some devices don’t have readily exploitable holes; some do. Some devices can be hijacked for bad things; some can’t. But the aggregate effect of all of this is to create an increasingly-insecure population of increaingly-abandoned devices, most of which will be plugged into networks for a long time.
The bill for this will come due.
Re: Re: Re:
A lot of people seem to think that if it’s behind their router, it’s okay. Nevermind that the device is decoding radio signals, or that it may be sharing a network with a dozen other dubious devices, or that some of those other devices are sometimes not behind the router (like when a phone is attached to a mall’s or coffee shop’s wi-fi).
Re: Re: Re: Firmware
Having source code I can update at least 50% of devices I have. But we never see a source code. The issue is connected to proprietary firmware only. When the firmware is open, you can paywall only cloud services. And anyone can provide similar cloud for less money.
Re: Re: Re:2
That’s overly pessimistic. OpenWRT can be flashed onto quite a few home routers—avoid anything with Broadcom chipsets, though—because a lot of the manufacturers release their source code. Stick with (non-Verizon) Google Pixel phones, and you’ll be able to unlock the bootloader and replace all the software. Again, that’s because Google chose to make it easy and release the code. Things should be even better once the EU force them to make the batteries easily replaceable.
Re:
There is a qualitative difference between the CPU mitigations and software security updates.
Without the former, your CPU is guaranteed to degrade and become useless through normal use.
… and between both of those and the kind of shenanigans that the FTC is being pushed to crack down on: Without the adverse actions of the company providing the software, you would be able to continue to use your product fully. (Until, y’know, your baby monitor gets pwned, or whatever…)
Re:
A repeated issue in the tech space right now is the adage of privatizing the profits, and socializing the losses. Right now, much of the risk of producing a new cloud connected tech device is on the users, who may be left holding the ball on expensive tech when companies decide they don’t have the user base to collect enough recurring revenue to justify ongoing support. These business models are wasteful, and directly opposed to popular public policy.
If a company does not want to take the risk of being required to provide updates for a product without a large, monetizable userbase, other business approaches could resolve the risk, at a cost to the customer capture the current model fosters.
One is to simply not lock down the hardware, allowing for third party support, including custom bios. The hardware remains functional as long as a community exists to support it.
Another is to separate functions which require network access from those that do not. Allow the system to operate without phoning home. That way a sudden collapse of your company doesn’t leave users with an expensive paperweight.
A third is to not require meaningless phoning home in the first place. Id fucking love those pill dispensers where you can fill a month’s supply, program the dosing schedule, and track things. But They all needed an app that required a proprietary server and a subscription, to ensure you are using their approved medication provider. Because the business model was recurring revenue marking up medication, not a pill dispenser.
If your business model requires dumping support long before the tech is obsolete, your business exists to create waste. you aren’t fullfiling a need, you aren’t producing a product. The fix is to require companies to start taking risk. And if those risks are too big for profit, perhaps attempting to capitalize the ideas is ill-advised.
Re: Re:
What does “obsolete” even mean here? A local flea market still sells 40-year-old game consoles, 50-year-old phones, hundred-year-old cookware. Elsewhere, there’s an actual full-time store selling nothing but “retro” bicycles, and they’ve been around for over a decade. CRT monitors such as the Sony FW900 are still bought and sold online.
I suppose 1G and 2G cellphones can reasonably be called obsolete, but that’s only because the telephone companies chose to shut down those networks. How much stuff actually becomes inherently obsolete, rather than simply unpopular or having nothing to connect to?
Re: Re: Re:
I apologize I haven’t gamed out the precise legislation, but the word obsolete was rhetoric, not intended as a term of art.
I am not proposing an obsolence standard. You are right – obsolete is a subjective goalpost. And while I can’t give an objective line, we can see that a lot of recently retired tech isn’t just not obsolete, it hasn’t even hit a point where its functionality is degraded from what we expect from similar devices purchased new to have. There wasn’t a sea change in the thermostat world that made nest thermostats ineffective.
YOur argument reads like I proposed never allowing companies to abandon tech, because it will never be obsolete. My position was that the tech shouldn’t be locked down, so that it can continue to be used after a loss of official support, like a retro gaming console or a sony trinitron. And if you want to lock your product down, the benefit of that tech lockdown needs to come with risk – the need to provide support for a time after first sale, up to and potentially including plans to unlock devices/provide so third parties could replicate the service in the case the company can no longer provide the backend services.
My position is not that companies should be tied forever into support, but that if they choose to lock the hardware down with software, the hardware manufacturer should be forced to take on risk to encourage more open hardware.
Re: Re: Re:2
Alright, that’s fair and I agree.
My comment wasn’t really intended to nitpick the language as a term of art, but to push back on the popular view that almost everything becomes obsolete, and quickly (as Weird Al parodied: “Your laptop is a month old? Well, that’s great, if you could use a nice heavy paper-weight.”).
People have that view, the manufacturers take advantage of it, and we end up creating a shitload of unnecessary waste. But it’s not that the stuff’s no longer good, it’s that we’ve made the free choice to give up on it. Like when people move into a new house and replace all the kitchen cabinets, just because they reminded the person of the 1990s.
Oh my.. have we moved on to more sternly worded letters?
Will the progress never end?
Re:
This is the strongest FTC we’ve had in two generations. But these things take time, and we’ve got one political party actively trying to prevent any progress. And it controls the Supreme Court.
Re: Re:
It wouldn’t matter if Lina Khan managed to break Google up.
31Bob would never accept any FTC that didn’t fall in lockstep with the Democratic Party.
The rest of us, though, hope this FTC will do its job.
Re: Re: Re:
Okay. What’s the basis for this hope, and for saying the FTC is “the strongest” in some generations? I don’t think 31Bob is crazy for having the impression of them mostly writing strongly-worded letters. It seems fairly common to see Techdirt stories about how some company was caught brazenly breaking the law, and the FTC “punished” them by making them promise to stop breaking the law… for a few years. And this story is only about them planning to crack down.
Yeah, I understand that there are procedures to be followed, and that these things take time. But how do we tell the difference between an FTC that’s getting stronger and an FTC that’s merely getting more vocal? Have there been some decent enforcement victories lately? More than usual?
Re: Re: Re:2
Regarding a potential Google break-up, by the way, that seems to have nothing to do with the FTC. FTC attorneys recommended in 2012, after a 19-month investigation, that the FTC start an anti-trust lawsuit. The commission decided, instead, to close the investigation. It was the DOJ that eventually filed suit, more than 7 years later.
Re: Re: Re:2
Let’s see…
https://www.techdirt.com/2024/07/12/ftc-fires-a-warning-shot-at-eight-companies-over-right-to-repair-violations/
Oh dear.
https://www.techdirt.com/2024/04/24/ftc-bans-non-competes-sparks-instant-lawsuit-the-war-for-worker-freedom/
Oh my.
And there’s the failed case over the Microsoft acquisition of Activision. They bungled it, of course, but the fact that they tried is more telling.
But yes, let’s ignore that the Lina Khan FTC has done stuff and pretend that the FTC traditionally has done nothing but rubberstamp their own regulatory capture.
I understand the sentiment, but let’s not deny that the Lina Khan FTC has some teeth.
Re: Re: Re:3
Sure, Khan seems to be on the side of the people, and I’m glad about that. Some of Khan’s predecessors didn’t even pretend to care. Now we’ve got some precursors to hope.
But your first link is about 8 sternly-worded letters, which hardly invalidates Bob’s point. The rule mentioned in your second link has already been blocked by a court. When you feel compelled to write “of course” after saying the FTC bungled a case, that’s not encouraging.
Re: Re: Re:4
Not disagreeing here.
But at least Lina Khan is trying.
toothless
With whose blood shall this be written with?
Surely not the brunchlords’ blood, of course.
Opposition
The coalition is being opposed by the Amalgamated Brotherhood of Brick Makers.
Is there a catchy word for anti-consumer practices?
Using ‘updates’ to slow down phones to pressure consumers to buy replacements.
Making electronics difficult to dismantle, to stop customers repairing them.
Deliberately using fragile glass for drinking glasses so bars/restaurants have to buy replacements more often.
Cutting up unsold shoes and binning unsold food to create artificial scarcity and keep prices high (‘because a profit cannot be taken from an orange…’).
Reordering bank transactions to put withdrawals before deposits, in order to charge customers more overdraft fees.
Trying to route around adblockers and other content filters, or punish users for using them.
Is there a catch-all name for this sort of act? Covering planned obsolescence, artificial scarcity, harmful monetization, bullshit fees, et-cetera? Everything that boils down to ‘we made stuff worse so we could take more money’?
And, can we outlaw it already?
Re: Is there a catchy word for anti-consumer practices?
Commercial solipsism, perhaps?
Re:
“Enshittification”
Re: Re:
‘Enshittification’ works, I think. It seems like it refers specifically to online platforms, but the pattern of ‘exploit a dominant market position/monopoly and barriers to entry to leech customers dry and enrich shareholders’ seems to hold true for material goods and services as well.
Heck, it’s even made Word of the Year. Do you think it would be possible to get laws against enshittification practices?
Re: Re: Re:
If people elsewhere are doing the same thing, we may as well use the same word. Like how people talk about postal spam and voicemail spam now.
Sure. The Magnuson–Moss Warranty Act is one such law, from 1975. “Right to Repair” laws are popular now and have already been passed in the USA. The EU’s “Digital Markets Act” specifically targets online platforms and their lock-in practices. Europe’s also passed sustainability laws, to do away with non-repairable batteries.
Re:
Does that actually happen? For what it’s worth, my local kitchen-supply store still sells the plastic Pizza Hut glasses I remember from the 1980s; and I wouldn’t be surprised if the glasses in the few remaining Pizza Huts date back to that time. Also, I still see glass drinking glasses advertised for durability.
So, if bars are getting bad ones, it’s probably because they don’t care or they’re valuing looks and weight over strength. If they really wanted, they could probably go to a thrift store and offer them like $20 to clear out an entire shelf of old glassware (I assume the stores occasionally recycle whatever doesn’t sell; they always seem to be over-stocked).
Re: Re:
I don’t know if it still happens today, but I watched a video about ‘superfest’ glass, or chemically strengthened glass; developed in East Germany post WW2, they couldn’t get foreign buyers (like the Coca Cola company) to buy any, since it would hinder their ability to sell replacements to consumers.
So, it at least happened in the past.
Re: Re: Re:
I’m not sure we have enough data to draw such a conclusion. There were a lot of reasons why foreign companies might’ve avoided dealing with the GDR, and Coca-Cola probably would’ve liked to reduce bottle-breakage if that glass were competitively priced—I assume they shipped more bottles than drinking glasses in those days, and I believe they did collect glass bottles for re-use.
Duralex glass is produced to this day, and is available in drinking-glass form. There’s some disagreement about whether it’s as good as the German stuff, but it’s apparently popular in restaurants (in certain areas) and is stronger than regular glass.
It’s not hard to find drinking vessels made from stainless steel (possibly insulated) or “unbreakable” plastic either.
It means out of date – not unusable as some people seem to think. For example I have a plasma TV that is obsolete, but it still works perfectly and I use it regularly.
Re:
I think it’s more of a Humpty Dumpty type of situation, where the word means whatever the person using it wants it to mean. It benefits the manufacturers to make us think things have become “obsolete”, when really they’ve just become antiquated.
Wiktionary gives one definition as “No longer in use; gone into disuse; disused or neglected”, and then inappropriately lists “antiquated” as a synonym, though it has none of those meanings. But even the listed definition of “obsolete” wouldn’t apply to plasma and CRT televisions, because those are still in use; and I’m kind of in agreement that they’re not obsolete.