Using Kohler’s Poop-Analysis Camera? Double-Check This Key Privacy Setting First
In October, Kohler launched Dekoda, a camera that attaches to the toilet and uses AI to examine your feces. Some say good gut health is priceless, but the Dekoda costs $599 for the device, plus subscription fees ranging from $70 to $156 per year.
But after a blog post published this week raised questions about Kohler’s data practices for its new toilet gadgetthe company was forced to explain what it means by “encrypted” data to customers, and what its policy is for training its algorithms on their… uh… wasted information. And it’s not as simple as it initially seemed.
Don’t miss any of our unbiased technical content and lab reviews. Add CNET as your preferred Google source.
On its website, Kohler says Dekoda “analyzes gut health and hydration and detects the presence of blood in the toilet bowl, providing data to support healthy habits.”
On the same web page, Kohler touts the gadget’s privacy features. It says the camera only points at the toilet bowl, offers optional fingerprint authentication via the Dekoda remote, and “our technology is designed to keep your personal data personal. It’s end-to-end encrypted.”
The blog post published by security researcher Simon Fondrie-Teitler raised questions about what this encryption entails and pointed out that Kohler would likely have access to the data and images collected by Dekoda.
“The company’s responses clearly indicate that, contrary to the common interpretation of the term, Kohler is able to access data collected by the device and associated application,” he wrote.
Kohler addresses privacy concerns
Kohler himself seemed to confirm this idea in a statement shared with CNET. He writes: “The term end-to-end encryption is often used in the context of products that allow one user (sender) to communicate with another user (recipient), such as a messaging application. Kohler Health is not a messaging app. In this case, we used the term in relation to the encryption of data between our users (sender) and Kohler Health (recipient).
The company added: “We encrypt data end-to-end in transit, as it travels between user devices and our systems, where it is decrypted and processed to provide and improve our service. We also encrypt sensitive user data at rest, when stored on a user’s mobile phone, on the toilet, and on our systems. »
In other words, data collected by Dekoda is encrypted in transit, but can be decrypted by the company.
Regarding how the company uses data for training AI systems, Kohler said in the same statement: “If a user consents (which is optional), Kohler Health may anonymize the data and use the anonymized data to train the AI that drives our product. This consent checkbox is displayed in the Kohler Health app, is optional, and is not pre-checked.
According to Kohler’s statement, information associating a user’s identity with the data will be removed before it is used for optional training of the AI model.
The meaning of “encrypted”
This can be confusing for people familiar with the type of end-to-end encryption offered by services like Signal or even Apple. Here, the expectation is that companies will not have access, or even technological means, to decrypt the data that people transmit through their services.
What Kohler is doing seems different from this expectation, as Fondrie-Teitler points out in his article: “What Kohler calls E2EE here is simply HTTPS encryption between the application and the server, something that has been a core security practice for two decades now, plus encryption at rest. »
Kohler did not directly respond to questions about Fondrie-Teitler’s post on CNET beyond the shared statement.
