Kohler has recently launched a new smart toilet camera called the Dekoda, which attaches to the toilet bowl and takes pictures of its contents. The Dekoda’s main goal is to interpret these images and give you the best guidance to improve your gut health. At $599 the device isn’t cheap, and you’ll need to pay for a mandatory subscription starting at $6.99 per month to keep using it.
Additionally, Kohler has said that the Dekoda’s sensors are tailored to only detect the toilet bowl to protect user privacy. They claim that all the information the device gathers is protected by “end-to-end encryption.” Security researcher Simon Fondrie-Teitler has been a persistent thorn in DOT’s side on this very specific claim. He says the term “end-to-end encryption” is being incorrectly used in this case.
Kohler maintains that as far as data collected goes, it’s encrypted at rest and in transit. As Fondrie-Teitler notes, the Dekoda doesn’t employ end-to-end encryption either. It just uses TLS encryption like HTTPS websites do. This has led some to believe that the device actually provides security.
Kohler’s privacy contact elaborated on their encryption practices, stating, “data in transit is also encrypted end-to-end, as it travels between the user’s devices and our systems, where it is decrypted and processed to provide our service.” They further emphasized that user data is “encrypted at rest, when it’s stored on the user’s mobile phone, toilet attachment, and on our systems.”
Despite these claims, experts are still cautious about how effective Dekoda’s security measures are. The issue is more than just the language. It includes how Kohler manages in-bound data after it lands on their servers.
Lorenzo is a Senior Writer at TechCrunch, where he covers hacking, cybersecurity, surveillance and privacy. He further stresses that while Kohler’s intention to protect user data is admirable, how they go about encrypting their users’ information should be questioned. You can email him at lorenzo@techcrunch.com. Or, reach him on encrypted messaging apps such as Signal at +1 917 257 1382, or via Keybase/Telegram at @lorenzofb.