No, this isn't a joke: Kohler's poop-scanning toilet attachment, which the company claims is … uh … end-to-end encrypted, appears to be anything butt.
The Dekoda, released in October by people seemingly unaware of this 11-year-old yet incredibly prescient Adult Swim spoof infomercial, attaches to existing dumb toilets. It includes a camera that thankfully only gazes downward at your leavings instead of elsewhere, and claims to be able to analyze waste for gut health, hydration, and the presence of blood.
Given the sensitive nature of what Dekoda is analyzing, Kohler says it designed Dekoda and the accompanying Kohler Health app "with privacy-first features" including so-called end-to-end encryption (E2EE). But according to freelance journalist, software engineer, privacy expert, and former Federal Trade Commission technology advisor Simon Fondrie-Teitler, Kohler is misusing the term "E2EE".
Writing in the premiere post of his /var/log/simon blog, Fondrie-Teitler dug into Dekoda's use of the term E2EE and its treatment of user data. E2EE is commonly understood to be encryption of communications data between a sender and recipient, with even the company providing the service unable to decrypt the shared data.
No such features exist in the Kohler Health app, Fondrie-Teitler noted.
"While one 'end' would be the user, it's not clear what the other end would be," Fondrie-Teitler explained in the Tuesday post before noting that his communications with Kohler made clear that the other end was the company itself.
According to the blog post and our review of Kohler's privacy policy, user data is encrypted "at rest, when it's stored on your mobile phone, toilet attachment, and on our systems," as well as in transit. That said, Kohler has access to user data, meaning its version of E2EE "is simply HTTPS encryption between the app and the server, something that has been basic security practice for two decades now, plus encryption at rest," Fondrie-Teitler explained.
For that matter, it appears the company is using said data for more than just serving poo-related health data through its mobile apps.
Per Kohler's privacy policy, Dekoda customers give the company permission to use anonymized health data "to train our AI models and for other machine learning purposes and we may disclose de-identified data to third parties."
Users have the right to decline to share personal data with Kohler, per the policy, but opting out means some services may not be provided.
In other words, Kohler really wants that data if you want to know what's up with your toilet deposits.
We reached out to Fondrie-Teitler to see what he had to say about Kohler anonymizing the data and what he thought about the company's use of such P(ee)II, and he told us that in an ideal world, none of that doo-doo data would leave its point of collection.
"Ideally this type of data would remain on the user's device for analysis, and client-side encryption would be used for backups or synchronizing historical data to new devices," Fondrie-Teitler told us in a chat on Bluesky. He's not sure that's possible, given he's not sure how Kohler's systems work, but at the least, he hopes they stop saying the system is end-to-end encrypted, giving users a false sense of security.
"I'm hoping they update the language on the website to more clearly articulate the scope of their privacy protections," Fondrie-Teitler told us.
Kohler didn't respond to questions for this story. ®
Source: The register