bose – Techdirt (original) (raw)

Companies Are Simply Ignoring Many New State ‘Right To Repair’ Laws

from the fix-your-own-shit dept

Last March Oregon became the seventh state to pass “right to repair” legislation making it easier, cheaper, and more convenient to repair technology you own. The bill’s passage came on the heels of legislation passed in Massachusetts (in 2012 and 2020), Colorado (in 2022 and 2023), New York (2023), Minnesota, Maine and California. All told, 30 states are considering such bills in 2024.

While the popular reforms are a nice example of U.S. consumer rights headed in the right direction, many of the bills (like New York’s) were watered down almost to the point of uselessness to appease larger tech companies. And in many states, companies simply aren’t complying because enforcement has been largely absent.

A recent report by PIRG examined 21 different mainstream tech devices subject to New York’s recently passed electronics Right to Repair law, then graded them “based on the quality and accessibility of repair manuals, spare parts, and other critical repair materials.” Most fared poorly in terms of easy access to parts and manuals, and New York’s done zero enforcement of its own law so far:

“_The New York Right to Repair Bill has had mixed success. It has gone a long way in pushing companies towards greater repair standards, but it has been surpassed by newer repair bills in other states like the recent passage in Oregon. In order for this bill to remain useful for the people of New York, it should be updated to bring it in line with newer repair standards, as well as provide greater enforcement to move companies towards full compliance in the future._“

NY’s lax enforcement is not particularly surprising, given that NY Governor Kathy Hochul went out of her way to make her state’s law as loophole-filled as possible.

In California, the state legislature recently passed SB-244, the Right to Repair Act, which only just took effect last July. The bill requires that appliance and electronics companies make repair manuals, parts, and tools widely available to consumers, repair shops, and service dealers. But companies in California also seem in no particular rush to come into compliance with the new state law:

“Even though the law’s been in effect for nearly two months now, a couple repair shop owners tell KSBY some manufacturers are not following it…[local independent repair shop owner Eric] Vanderlip told KSBY he reached out to Bose and Polk Audio for schematic diagrams and manuals for certain products, but neither would provide them.

KSBY then reached out to both companies and has not heard back.”

Cool.

Laws are, of course, only worth something if they’re meaningfully enforced, and so far there have not been many indications that major companies are rushing to comply with these new consumer right to repair protections, or that state officials are in any particular rush to make them. Granted many of these laws are new, and it’s going to take a few shots over the bows of major offenders to spark compliance.

The problem is many of these bills already carved out many of the more problematic industries and hardware, including agricultural hardware and medical gear manufacturers. It’s been amazing to see the progress activists have made with these reforms, but it would be a shame if such reforms with widespread bipartisan support wound up being predominantly performative.

Filed Under: california, consumers, drm, hardware, manuals, new york, reform, right to repair, state law, tools
Companies: bose, polk audio

Bose Lawsuit For Collecting Headphone Data Is Flimsy, But Highlights Continued Lack Of Real Transparency

from the dumb-tech-is-often-smarter dept

Wed, Apr 26th 2017 01:21pm - Karl Bode

Being transparent about what private consumer data is being collected and sold appears to be a hard lesson for hardware vendors to learn. Earlier this month, Bose was hit with a new lawsuit (pdf) accusing it of collecting and selling personal subscriber usage data of the company’s $350 QC 35 noise-canceling headphones. More specifically, the lawsuit claims that the Bose Connect smartphone companion app is collecting user preferences when it comes to “music, radio broadcast, Podcast, and lecture choices” — and then monetizing that data without making it clear to the end user:

Unbeknownst to its customers, however, Defendant designed Bose Connect to (i) collect and record the titles of the music and audio files its customers choose to play through their Bose wireless products and (ii) transmit such data along with other personal identifiers to third-parties?including a data miner?without its customers? knowledge or consent…Though the data collected from its customers? smartphones is undoubtedly valuable to the company, Defendant?s conduct demonstrates a wholesale disregard for consumer privacy rights and violates numerous state and federal laws.

To be clear, the complaint, filed last week by Bose customer Kyle Zak in federal court in Chicago, seems more than a little thin. The suit appears to piggyback on growing concern about the wave of internet of things devices (from televisions to smart dildos) that increasingly use internet connectivity to hoover up as much as possible about consumers. Often, this data is collected and transferred unencrypted to the cloud, then disseminated to any number of partner companies without adequate disclosure.

That said, while Bose marketing insists users need the app to “get the most out of your headphones” and get the “latest features” for their headphones, in this instance, users can avoid data collection by simply not using the Bose companion app. And while Bose only appears to be collecting metadata, the suit tries to somehow claim that collecting this type of metadata — which any and every music service also happily collects — somehow violates the Wiretap Act:

… customers must download and install Bose Connect to take advantage of the Bose Wireless Products? features and functions. Yet, Bose fails to notify or warn customers that Bose Connect monitors and collects?in real time?the music and audio tracks played through their Bose Wireless Products. Nor does Bose disclose that it transmits the collected listening data to third parties.

Were Bose, say, using the headphone jack on a headset to monitor actual user communications, the case might have legs. That said, while the suit’s central Wiretap Act claims may be weak, the suit once again highlights that consumer data collection policies, if disclosed at all, are often buried in overlong privacy policies few if any consumers actually read — using language carefully crafted to obfuscate what precisely is happening. Bose doesn’t really help its case all that much in a statement on its website that declares the lawsuit “inflammatory” and “misleading,” before being a little misleading itself:

We understand the nature of Class Action lawsuits. And we?ll fight the inflammatory, misleading allegations made against us through the legal system. For now, we want to talk directly to you. Nothing is more important to us than your trust. We work tirelessly to earn and keep it, and have for over 50 years. That?s never changed, and never will. In the Bose Connect App, we don?t wiretap your communications, we don?t sell your information, and we don?t use anything we collect to identify you ? or anyone else ? by name.

While Bose insists it doesn’t “sell your information” — its app privacy policy does note that it “may partner with certain third parties” to “engage in analysis, auditing, research, and reporting” (hey, it’s not selling if we call it something else). And while Bose may not personally identify you “by name,” we’ve long noted that “anonymized” data is far from anonymous. Study after study has made it clear that it only takes a shred of additional contextual data to make “anonymous” data easily and personally identifiable. If “trust” were truly Bose’s top priority, they’d actually explain precisely what the app is doing, who data is sent to, and why.

Again, many may not care that Bose is collecting this data. Especially in an age where everybody carries around a miniature computer in their pocket, happily oblivious that their every step and click are being monetized by cellular carriers, app vendors, OS makers, advertising networks, and everybody else in the food chain. The problem is that companies continue to believe there’s nothing wrong with hoovering up every shred of data they can, then hiding this collection in overlong, carefully-worded privacy policies — and the false sense of security “anonymization” is supposed to provide.

Filed Under: information, kyle zak, privacy, tracking, transparency, wiretap act
Companies: bose