One month ago, I dared any truly bold gift-giver with $10 million to spare this holiday season to bid on the solid 18 karat gold toilet up for auction at Sotheby’s. Alas, there was only one, and it sold. Thankfully, the bold look of Kohler has a candidate for runner up. Not another commode, but commode-adjacent. I present Dekoda, a camera you affix to the toilet. Why would you want to do such a thing? So that it can record your poop and have AI examine the health of each specimen, of course! How much does this can-camcorder cost? $599 for the device itself, then $70 to $156 a year depending on which subscription you choose on their Kohler Health app. WHAT COULD GO WRONG? Well, so far the biggest clog in the drain is Kohler claiming Dekoda has “end-to-end encryption,” meaning the server, in this case Kohler, wouldn’t be able to access data from Dekoda. Except oops! Kohler absolutely is able to see every image the camera captures. The crappy truth was flushed out by a blogger:
Privacy in the privy? On its website, Kohler says Dekoda “analyses gut health and hydration and detects the presence of blood in the toilet bowl, providing data for building healthy habits.” On the same webpage, Kohler highlights the gadget’s privacy features. It says that the camera only ever points down into the toilet bowl, that it offers fingerprint authentication optionally via the Dekoda remote and that, “our technology is designed to keep your personal data personal. It is end-to-end encrypted.” … The blog post published by security researcher Simon Fondrie-Teitler raised questions about what the encryption entails and pointed out that Kohler would likely have access to the data and images collected by Dekoda. “Responses from the company make it clear that — contrary to common understanding of the term — Kohler is able to access data collected by the device and associated application,” he wrote.
Kohler’s tossed out word salad response: “The term end-to-end encryption is often used in the context of products that enable a user (sender) to communicate with another user (recipient), such as a messaging application. Kohler Health is not a messaging application,” the statement said. “In this case, we used the term with respect to the encryption of data between our users (sender) and Kohler Health (recipient).” The company went on to say: “We encrypt data end-to-end in transit, as it travels between users’ devices and our systems, where it is decrypted and processed to provide and improve our service. We also encrypt sensitive user data at rest, when it’s stored on a user’s mobile phone, toilet attachment and on our systems.” In other words, the data Dekoda collects is encrypted in transit, but can be decrypted by the company on its end.
Kohler’s tech is ‘encryption in transit’: Nico Dupont, the founder and CEO of the AI security company Cyborg.co called the description “very misleading.” “While (Kohler) clarifies that the data is encrypted from the device to their servers, this process is more commonly referred to as ‘encryption in transit,’” Dupont said. “End-to-end encryption usually suggests a sense of privacy which is characterized by servers not having access to the data, which is not the case here. While secure, it’s not private.” Another executive in the security industry was even more blunt. “End-to-end encryption literally has one job and one meaning: keep the company out of the middle. If the vendor can see it, analyze it or even take it to power AI features, then it is not at all ‘end-to-end,’” said Zbyněk Sopuch, CTO of data security company Safetica.
Here I was all set to make a crack like, “just when I thought my opinion of AI couldn’t be even more in the toilet!” But in this case, it really seems like the error was human, not AI-generated. Kohler wanted Dekoda to sound more secure than it is, but their use of a technical term with a specific definition was a flush that didn’t ring true for those actually familiar with “end-to-end encryption.” And it seems the message got through, because the language on Kohler’s website now reads: “Dekoda and the Kohler Health app are intentionally designed to keep your data private and secure through encryption at rest and in transit.” Should a lawyer have caught this before? Probably. On the other hand, I didn’t even know about the poop-cam until this snafu, so maybe it was a calculated risk to see how long before the truth overflowed and caused a stir. In any event, I have no doubt we’ll be back very soon to dissect the AI component issuing wildly inappropriate comments on the state of people’s sh-t.
Are you shitting me? A camera that will analyze your poop? Thank you NO!!!
Everyone who greenlit this, everyone at that company who thought- this seems like a great idea- the next innovation- everyone will want one.
1. They’re fired
2. Psych eval
There’s not enough yuck in the world to express the yuck of this.
I am not overly germ-wary but this is definitely a nope from me, there is so much I would want disinfected. I used to get the over the rim toilet block things but always the one where the block was on a plastic arm that you threw away when it was done, never the refillable ones. Then I switched to the toilet duck ‘discs’ of thick jelly you stick directly to the inside of the bowl.
Anyway, gross and no thanks. I can’t imagine 99.9% of people have any actual need for this.
That said, there is amazing research being done using waste water sampling and analysis looking at drug levels among other things and I’m sure I saw something about covid at one point. We do flush away a lot of useful data but this is not something we need.
😬
I can guarantee this was designed by a man. How does it handle period blood?
If it was designed by a man it will throw you an old towel and avert its eyes (eye)
Yet another way to make us anxious about our body functions! Thanks, I hate it!
I’m also furiously trying to brainstorm as many silly “end-to-end” punchlines as I can – add your best!
Hard NOPE from me on this. No way, no how, never.
Sorry Kohler, this is one place that I absolutely, positively, unconditionally, insist on privacy. I promise not to invade your private space, please return the favor.