A group of organizations are urging the Federal Trade Commission to address companies’ habit of orphaning products and forcing consumers to pay for subscriptions post-purchase.
There has been a growing rash of incidents involving companies suddenly abandoning products shortly after releasing them, or locking features behind subscription paywalls after consumers purchase the product. Representatives for Consumer Reports, U.S. PIRG, iFixit, the Electronic Frontier Foundation, the Software Freedom Conservancy, Californians Against Waste, the Center for Economic Justice, Secure Resilient Future Foundation, Fixit Clinic, BigBattery/OutBack Power/TitanGreen, Zero Waste Washington, Plastic Ocean Project, Repair Cafe Hudson Valley, Repair Cafe, Inventurous, Digitunity, and Hamilton Computer Repairs signed the open letter.
Consumer Reports and U.S. PIRG write to ask the FTC to create clear guidance to address the issue of software tethering which leads to several consumer harms, including locking features behind a subscription after the purchase of a device, and companies selling connected devices only to render them nonfunctional later using software. Both switching features to a subscription and “bricking” a connected device purchased by a consumer in many cases are unfair and deceptive practices.
Both practices are examples of how companies are using software tethers in their devices to infringe on a consumer’s right to own the products they buy. While the FTC has taken some limited actions with regard to this issue, a lack of clarity and enforcement has led to an ecosystem where consumers cannot reliably count on the connected products they buy to last. Further measures will help alleviate the worst outcomes of software tethering, that is, making functions of a device reliant on embedded software that ties the device back to a manufacturer’s servers. This software-server connection tethers the device to the manufacturer, giving the manufacturer post-purchase control of the software and changing the nature of ownership.
The group cites examples of recent issues that have cost consumers, taken by Snoo and Spotify.
In the last three months we have seen one business brick a device and another company limit the consumer’s ability to resell their product by locking away features behind a subscription. In July customers who had spent $1,695 on a Snoo connected bassinet discovered that some of the features that originally were advertised with the product would become part of a new, $19.99 monthly subscription. Happiest Baby, which makes the Snoo, told customers in June that it planned to move features such as a weaning mode, sleep tracking, car ride mode, and more to a premium service starting July 15. Customers who already had purchased the bassinet for those features don’t have to pay the monthly fee, but if they want to resell their Snoo or give it to others, the new buyers will not have access to those features. Given the short shelf life of a bassinet and the cost of the Snoo, there is a thriving resale market for the device that Happiest Baby now can monetize.
The group goes on to cite similar examples from Amazon, Mellow, Juicero, Leelo, and Kano. Even established companies, such as Google, are called out for killing off products’ connected support, despite the products still be operational.
As the the group points out, often such decisions are made quickly, with little to no effort made to compensate users.
In some cases the decision to end support for a product is done well with advance notice, refunds, and a plan to recycle the non-working hardware. But in most cases, consumers end up with a hunk of e-waste that could still function with the right software, and a sense of disappointment. Add to this, consumers have spent money on a product without understanding the limited lifespan of that device. Knowledge of the expected lifespan and an understanding that the lifespan was reliant on software, not the physical failure of the device, would certainly change consumers’ purchasing decisions.
The group says they expect the problem to get worse as companies increasingly building smart products that rely on internet connectivity, and asks the FTC to establish clear guidelines. The group outlines a number of measures it recommends the FTC adopt.
- Require disclosure of a guaranteed minimum support time on the product packaging: Companies should plan for and disclose, to the consumer, their plans for both security updates but also anticipated engineering and cloud resources to keep a product functional to a certain date. This date can be extended at the company’s discretion, but should represent the minimum amount of time that the consumer can rely on the product to keep working. The Federal Communications Commission has started down this path with its voluntary U.S. Cyber Trust Mark program that asks those that get the label to include a minimum support date by which consumers can expect to receive security updates, but also allows companies to state that they have no plans to include support time frames. The ability to ignore the requirement to post a minimum support date, and the voluntary nature of the FCC’s program means there is still a sizable opportunity for companies to harm consumers by shutting down or stopping security updates for their connected devices without providing any compensation or even notice to consumers.
Commensurate with mandated minimum support time frames on packaging, the FTC should also help establish minimum support expectations for different classes of devices. Consumers are using trial and error to figure out the expected lifespan of their connected products. But when it comes to cars, large connected appliances, or products installed in homes the agency should establish clear guidelines for an expected lifespan that matches software support to the hardware lifespan.
- Require companies to ensure that the core functionality of a product will work even if the internet connection fails or the software stops getting updated. An e-bike should start without a connection to the server or control from an app. An oven should maintain its ability to heat food and a thermostat should still retain the ability to control an HVAC system.
Encourage tools and methods that enable reuse if software support ends. Companies could create and distribute tools and software to repurpose products so products provide continued use. Tools could include upgrades to hardware so manufacturers can continue software support, or software that would allow consumers to repurpose the hardware for offline use, and should be continually available for the reasonably likely lifespan of the hardware.
- Protect “adversarial interoperability.” One way products can be repurposed is when a competitor or third-party creates a reuse or modification tool — something that adds to or converts the old device. These tools are often the subject of copyright lawsuits. For example, a company could build a tool to rewrite the software on a Sonos speaker, no longer supported by the manufacturer, so that speaker could continue to be used, but because of the legal liability, it is very unlikely a company would risk selling such a tool. Protecting adversarial interoperability incentivizes corporations to provide consumers with reuse options at the end of a product’s life, ensures that entrepreneurs can innovate with alternative reuse options for hardware, and thereby enables competition in the reuse market. The FTC has already come out in favor of allowing exemptions to the copyright law so consumers can repair devices they own. Similar support of adversarial interoperability could revitalize the reuse market and ensure that far less hardware gets trashed when it loses software support.
Conduct an educational program to encourage manufacturers to build longevity into the design of their products. Much like the Cybersecurity Infrastructure and Security Agency has pushed its Secure by Design program to encourage companies to build security into their products from the beginning, we encourage the FTC to create a clear list of design principles that would promote the longevity of the connected products manufacturers sell. These principles could include repairability scores, replaceable batteries, modular electronic elements that allow for aged chips and modems to be swapped out, and requirements to calculate the ongoing cost of supporting every connected device sold. The effort could be modeled on the agency’s 2017 Stick with Security guidance and Start with Security publication that was designed to inform companies about how to safeguard sensitive consumer data.
Ultimately, the group wants the FTC to force companies to support products for a minimum time, as well as allow products to continue to be useful without official support.
Mandating companies include minimum support times on their connected products enables consumers to make informed choices about which products to purchase. Clear communications around the expected lifespan of connected products will help manufacturers allocate resources for their connected products and help regulators recognize egregious examples of software obsolescence. It will also help consumers understand the tradeoffs they may be making when they choose a connected product over a “dumb” one.
When possible, providing consumers with the tools to continue using their connected devices absent official support will help keep waste out of landfills and maintain the consumers right of ownership of a physical product. When providing those tools are impossible, the agency should consider those product subscriptions to be sold and marketed accordingly .
For the sake of consumers, hopefully the FTC will take the group’s recommendation to heart.