$300 smart hubs that are suddenly bricked when the manufacturer is sold. Video game consoles that mysteriously lose features after you bring them home. Books or films you purchase that you suddenly and inexplicably lose the ability to access. Printers that don't print without an ink subscription.
In the modern internet era, it’s increasingly clear that consumers no longer actually own the things we buy. Instead, we’re shelling out big bucks for products that can easily lose features or worse—stop working entirely on the whim of a corporation. The latest example comes courtesy of Sonos, which this week informed customers in an email that it would no longer be supporting certain speaker systems. In the email, the company says that certain “legacy” systems will stop receiving security and software updates starting in May. “Legacy products were introduced between 2005 and 2011 and, given the age of the technology, do not have enough memory or processing power to sustain future innovation,” the company’s email claims. Users that have shelled out hundreds or thousands of dollars for smart speakers that still work didn’t take the news particularly well. In a blog post, Sonos says owners of these legacy systems have two options: they can simply keep using the products, understanding they won’t receive new features, bug fixes, or software and security updates. Or users can trade in the older gear while nabbing a 30 percent discount on the purchase of a new Sonos system. The first option potentially opens customers up to security headaches in an era where internet of things devices are routinely hacked. Sonos’ second option, its trade-in program launched last October, came under fire just last month for being wasteful. Users who trade in older Sonos systems immediately get a 30 percent discount—but their older hardware immediately enters a 21 day countdown before being put in “recycle mode.” Products in recycle mode can’t be re-used or repurposed without Sonos’ permission—a wasteful outcome for a program Sonos claims was designed to minimize environmental impact.
Nathan Proctor, the head of USPIRG's Right to Repair Campaign, told Motherboard that Sonos’ decision to leave consumers between a rock and a hard place is emblematic of a tech industry in which sustainability, security, and consumer rights are often distant afterthoughts. “This is an epidemic problem,” Proctor said, noting that having millions of unsupported and unpatched devices connected to the internet poses significant security risks for an internet of things sector already widely criticized for being a privacy and security dumpster fire.
Proctor said forced obsolescence also not only incentives the public to discard perfectly good hardware, products now effectively have expiration dates that consumers aren’t being clearly informed of at the time of purchase. “There needs to be some transparency around obsolescence,” Proctor said. “There should be some imagination put into what these devices can be used for when they can’t be connected all the time to the internet. I think that there's some responsibility for manufacturers to have a plan—and not just zombie devices.”
Some companies, like Samsung, have toyed with efforts to root and repurpose older smartphones. Others, like defunct fitness tracking company Pebble, released their source code to the public, helping create a community of users who gave the hardware a second wind. But by and large, most companies are far more interested in hyping and selling the next round of products than spending money to make sure older customers remain happy.
“This is something that these companies are just neglecting,” Proctor said. “Sonos is like the opening salvo. There will probably be a wave of these things that happen over the next couple years. And eventually, people are going to start being really upset about it.”
Security experts like Bruce Schneier have long argued that the internet of things is a broken market that creates both visible and “invisible pollution”—such as when your dated IOT camera is hacked and incorporated into a distributed denial of service attack. Ultimately, Schneier has warned, an attack will be severe enough to wake the broader public up to the threat. Until then, a scattered coalition is trying to build a framework that respects sustainability, security, and consumer privacy. Consumer Reports, for example, has been working on an open source standard that would incorporate security and privacy concerns into all product reviews, letting consumers avoid bad actors before attaching new devices to the internet. But by and large, most companies and governments remain apathetic to the threat.
“This is a chance now to come up with a system that doesn’t cause massive planetary damage in exchange for disposable stuff,” Proctor said.