Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
In October, Kohler launched Dekoda, a camera that attaches to the toilet and uses artificial intelligence to scan stool. Some say you can’t put a price on good gut health, but the Dekoda costs $599 a device, plus subscription fees that range from $70 to $156 per year.
But after a A blog post published this week raised questions About Kohler’s new data practices Toilet toolthe company had to clarify to customers what it means by “encrypted” data, and what its policy is on training its algorithms on… uh… information garbage. It is not as simple as it seemed at first.
Don’t miss any of our unbiased technical content and lab reviews. Add CNET As Google’s preferred source.
On its websiteDekoda “analyzes bowel health and hydration and detects the presence of blood in the toilet bowl, providing data to build healthy habits,” Kohler says.
On the same webpage, Kohler touts the device’s privacy features. It says the camera only points at the toilet bowl, that it optionally offers fingerprint authentication via the Dekoda remote and that “our technology is designed to keep your personal data private. It’s end-to-end encrypted.”
The blog post published by security researcher Simon Fondrie-Teitler raised questions about what such encryption entails and noted that Kohler could potentially access data and images collected by Dekoda.
“The company’s responses make clear that — contrary to common understanding of the term — Kohler has access to data collected by the device and its associated app,” he wrote.
Kohler responds to privacy concerns
Kohler himself seemed to confirm this idea in a statement he shared with CNET. “The term end-to-end encryption is often used in the context of products that enable a user (the sender) to communicate with another user (the recipient), such as a messaging application. Kohler Health is not a messaging application. In this case, we used the term in relation to encrypting data between our users (the sender) and Kohler Health (the recipient),” she wrote.
The company went on to say: “We encrypt data end-to-end in transit, as it travels between users’ devices and our systems, where it is decrypted and processed to provide and improve our services. We also encrypt sensitive user data while it is stored on the user’s mobile phone, toilet facility, and on our systems.”
In other words, the data Dekoda collects is encrypted in transit, but the company can decrypt it on its end.
Regarding how the company uses data to learn its AI systems, Kohler said in the same statement: “If the user consents (which is optional), Kohler Health may de-identify the data and use the de-identified data to train the AI that drives our product. This consent checkbox is displayed in the Kohler Health app, is optional, and is not previously verified.”
Based on Kohler’s statement, it will remove information linking a user’s identity to the data before using it for optional training of AI models.
Meaning of “encrypted”
This may cause confusion for people who are familiar with the type of end-to-end encryption offered by services like Signal or even Apple. Here, there is an expectation that companies will not have access, or even the technological method, to decrypt the data that people transmit through their services.
What Kohler does seems different from that expectation, as Fondrie-Teitler points out in his post: “What Kohler refers to as E2EE here is simply HTTPS encryption between the application and the server, something that has been a core security practice for a couple of decades now, in addition to encryption at rest.”
Kohler did not directly respond to questions regarding Fondrie-Teitler’s post to CNET other than the statement he shared.