Smart toilet camera misleads customers on end-to-end-encryption

Home goods manufacturer Kohler was caught misleading customers about the end-to-end encryption of the Dekoda, a smart toilet camera that analyzes pictures of your stool to determine your gut health, according to a report from TechCrunch.

The company asserts on its website that the Dekoda is protected by several "Privacy-First Features" like a fingerprint authentication and end-to-end encryption. On the contrary, these claims may be misleading according to a blog post by security researcher Simon Fondrie-Teitler.

Kohler's privacy policy reveals that the smart toilet camera relies on Transport Layer Security (TLS) as its encryption protocol. However, TLS is primarily used by HTTPS websites, not end-to-end encrypted messaging applications like Signal and iMessage. Based on information given by a company contact, Teitler argues that the company is misusing this term because images are decrypted before being processed by an machine learning algorithm.

...emails exchanged with Kohler’s privacy contact clarified that the other “end” that can decrypt the data is Kohler themselves: “User data is encrypted at rest, when it’s stored on the user's mobile phone, toilet attachment, and on our systems.  Data in transit is also encrypted end-to-end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service.”

The contact also told the security researcher that customer data is encrypted-at-rest and in-transit. The training data is supposedly de-identified; however, Teitler argues that there is reasonable suspicion that the company has the ability to decrypt the images at will.

If the Dekoda was truly end-to-end encrypted, the images could not have been decrypted by Kohler in the first place. Since this term mostly refers to user-to-user messaging apps or secure cloud storage providers, it is clear that the company misled customers on their data practices.

Privacy-washing is a common technique used by companies to market their products. Instead of developing proper security or privacy features, many services oversell their capabilities to mostly mixed results. They range from comparably benign references to privacy, like Apple’s "Privacy. That’s iPhone" advertisement campaign, to the disastrous data breach at Flo Health, a menstrual‑tracking app that promised users their data would remain confidential.