This really isn't up to iRobot Corporation or Colin if the company gets acquired. They are publicly traded, hostile take overs are possible. The promise is meaningless.
There are ways to construct contracts that bind your future self, even through acquisitions. Most companies don't, because they care more about the flexibility of "we can change our minds at any time". But they could.
Yup. It doesn't even have to be a contract in order to have legal consequences.
Wizards of the Coast made a public announcement back in the 90s that they would not reprint cards on the reserved list in Magic: The Gathering. Even though they're now owned by Hasbro, they're still afraid of a lawsuit from collectors and trading shops if they do reprints or functional reprints (because that would drop the value of existing collections, causing material damages).
They toyed with non-playable collector editions for a few years, and then even that was shut down.
Right, and that's a challenge with privacy in general, whether or not there's a contract (and whether or not that's scoped to apply to future owners of the company).
Right now, the legal system does not always afford breaches and violations of privacy the level of gravitas that they deserve.
Given that personal data is bought and sold every day by various parties, it should be possible to put a dollar value on a particular piece of information (e.g. address, gender, demographic info). I'm not surprised this hasn't happened yet though since it would make assessing damages in privacy breaches much easier for the victims/users and open the door to more lawsuits.
The challenge in this case is assessing the dollar value of a new piece of personal info (room geometry). Perhaps there should be a small floor value (priced in $/byte) for any personal data when assessing damages - it would greatly discourage collecting novel data about users "for future use" or "just because we can".
Edit: "anonymized" data can be discounted based on an expert assessment of how easy it is to de-anonymize.
What a species. We elevate, or have been so conditioned to elevate, corporations that one of the scummiest of them, restricting arbitrarily the supply of a bit of paper and ink, is defended by our legal system. We're doomed.
> What a species. We elevate, or have been so conditioned to elevate, corporations that one of the scummiest of them, restricting arbitrarily the supply of a bit of paper and ink, is defended by our legal system. We're doomed.
This makes no sense to me as a criticism, because (a) the legal situation would be entirely identical if Magic: The Gathering were produced by a single individual, and (b) Wizards is refraining from printing more cards in response to pressure from the collectors.
I would love to see a company put its consumer data in a trust, to be kept locked up forever in the event of an acquisition. Has this been done before? (And what happens if the trust gets acquired)
Good point, I don't know anything about law so I wasn't aware of this.
Maybe I can restate my comment as "This promise is meaningless, but there are meaningful promises they can make that they chose not to, and that is meaningful."
Exactly, unless there is some 'suicide' clause in the company bylaws that says all data will be destroyed on change of ownership (which would be fiduciarily [1] irresponsible anyway) then the statement of the CEO is constrained to 'during my tenure' at best. And 'during my tenure, while we are meeting our numbers goals' at worst.
[1] I don't think that is a word but hopefully what I hope it would mean if it were a word is clear :-)
I disagree with your assessment that it's a priori fiduciarily irresponsible [1]: it's entirely possible that the extra business gained by having a data self-destruct term would create a better financial situation for the company than having the data available to re-purpose would, and thus would be in the best interest of the shareholders. (There are similar arguments about marketplace health, etc. There's not a strict duty to generate the best financials, per se.)
As a tangent, there's also mechanisms you could use besides something in the bylaws to prevent it -- I don't think you actually need anything but restructuring the contract. (Though, obviously, bylaws or articles would carry more weight.)
That is a good argument, and it would rest on being able to show the greater good from the business model. If I were your activist shareholder though I would argue that your argument conflates the residual value of the company with the operational value :-).
Sure, I'm not invested enough in the outcome to drill down to the numbers but I'm happy to share how I would analyze it.
There are two choices the analysis; 'do nothing' which leaves the business as it is, collecting sensor data from the operation of the robots into aggregated data sets, and 'destruct on sale' which is a promise to delete any and all sensor data collected so that the new owner can not use it.
I am further assuming that at the time of sale the business has two components of value, its 'operational' value which is the annual recurring revenue of its subscribers/users less the cost of managing the revenue, and 'residual' value which consists of company assets such as the physical plant (offices), algorithms or patents, real estate holdings, and data sets.
In the 'do nothing' case we assume that subscription rates ($SUBS) stay the same (so revenue is unchanged) and that the data set accumulated has some value (say $DS)). Using $SUBS as the revenue model, $ASSETS for the stuff that doesn't change in either choice (office, patents) the value generated by the company would be something like:
years * $SUBS + $ASSETS + $DS.
And in the scenario where you argue that destroying the data would result in more users it would be
years * ($SUBS + $Delta) + $ASSETS.
Does that make sense so far?
So my analysis would say that the 'better' choice is the one that generates more value over time for the company. And given the structure above that depends entirely on one thing, is the value of ($DELTA * years) greater or less than the value of $DS.
Next I'm going to stipulate that the value of $DS has a 'years' component as well since the data set keeps customer data regardless if they are a current customer or not. So the more customers you've had over the years the more value $DS. And using that stipulation I'm going to simplify the analysis to just the comparison of $DELTA and $DS.
Then I'm going to ask can we characterize the size of $DELTA? And I will argue, perhaps unfairly, that $DELTA would consist entirely of people who 'care about privacy.' Then I'm going to look at all of the experiments in tech where the differentiating factor of the product was 'privacy' or 'less tracking' and compare their addressable customer market to the the overall market. (I actually got to 'live' this advocating the privacy features of the Blekko search engine to people)
Then I'm going to argue that while there are many people who will talk about their concerns around privacy and security the number that will change their behavior relative to that concern if astonishingly small. It shouldn't be but there are examples all around of how it is. And based on that argument I'm going to argue that $DELTA is very small, 1 or 2% of the subscriber base at best.
Then I am going to talk about the challenges of developing a dataset like $DS. How difficult it would be for anyone to create such a data set without a way of explicitly running a sensor suite in thousands of homes. And given how hard it is to compete, that someone with sole possession of that data would have a competitive advantage over others who might seek to use it, or might have a salable product based on that data that nobody else could offer. (joke idea: use it to validate square footage numbers in Redfin listings). I would argue that this data set which would be unique in the world would be very valuable, and assert that $DS was >> $DELTA and so the right choice for the company was to keep it.
And in that analysis, if the most value would be maintained by keeping it, then changing the company so that it could not be kept would impair the value of the company and violate the fiduciary duty of the board.
I think it is very unlikely that this would "work".
The "business judgement rule" means that boards get a huge amount of latitude in how they run their business, especially absent "disloyalty" to the business (like enriching themselves at the company's expense).
In a 2005 case (re Walt Disney Co. Derivative Litigation), the Court said "not entitled to any remedy unless the transaction constitutes waste... [that is,] the exchange was so one-sided that no business person of ordinary, sound judgment could conclude that the corporation has received adequate consideration."
Your valuation has all sorts of uncertainties. Is there actually a market for the data? Even if it is from old, proprietary sensors? How comparable are those privacy experiments to a situation in which the sensor package is literally roaming your house 24/7? Is customer interest in privacy increasing (particularly in iRobot's target demographics?) and are there sales/reputational benefits for being one of the first companies to adopt this policy first? Any one of these is enough to ruin your case.
It would have to be something really egregious, like a contract in which the data transfers to the CEO's brother-in-law, for it to be a breach of duty.
I think focusing on legal jeopardy misses the point.
Directors are Directors because they represent a big chunk of stock. Billy Bob's VC invests in your company, gets a big chunk of stock and a seat on the board. Even 'outside' directors are often compensated for their time in stock. As a result every board member tends to make their judgments based on whether or not their stock value will go up or down.
Karl Ichan doesn't buy a bunch of stock and get himself on the board just for grins and giggles. No, he expects to wield the managerial power the board has over the CEO to enact policies that will improve the value of the stock he went out and purchased so that he can then sell it for a profit and move on to another company.
As a result discussions at the boardroom level are around "is this good for the stock or not" and in that vein I would do the analysis.
There doesn't have to be any bylaw changes, there just needs to be a contract with the customer regarding the usage of their data. One of the old fashioned kinds of contracts that doesn't allow one party to make unilateral changes to it. Then if they eventually do sell the data, they invite a class action lawsuit for breach of contract.
I don't mean to heap on you, but do you know of any actual cases where it's happened? (Apologies, for not reading the whole thread, headed out the door...)
It seems quite interesting as a concept what a company is once it's bought and traded. What, exactly, is the precedence of interests? Is it state-first? Or owner-first? Or maybe a combination of the two?
"its" ? I'm not sure what the "its" in your first sentence refers to.
I am not an expert, I've played a part in no more than 10 companies being sold or purchased. In all the cases that I participated it the process involved creating a 'third' company that was essentially wholly owned by the acquiring company, and then that third company 'bought' some or all of the assets (physical or intellectual) of the company being bought. And then the purchased company was typically dissolved after a period of time that would allow for things like contracts or other actions to transpire while the entity existed. At a future point the intermediary company gets absorbed into its parent with a full transfer of all assets and that triggers its own dissolution clause.
The bylaws have always been the controlling documents for who could approve the sale, and how that process would complete. California adds a 'fairness' hearing sometimes[1] which I was told provides some protection against future lawsuits.
Bottom line a company is its employees, contracts, customers, physical property, intellectual property, cash accounts, and financial obligations. The entity or body authorized to sell the company can sell any or all of those pieces.
I like that - but how would you enforce it? Wouldn't it actually just deter companies interested in acquiring out of interest in the acquisition's customer data?
> Wouldn't it actually just deter companies interested in acquiring out of interest
> in the acquisition's customer data?
Yes, that is exactly it. So at some level the data is a company asset that has 'value' to a potential acquiring company. And if you decide to destroy the value of that asset to an acquiring company (by having it self destruct on acquisition) then you've intentionally reduced the value of the company. Your fiduciary responsibility as a board member or executive is to maximize the value of the company.
The long held theory here is that the share holder's elect board members to represent their interest in the company, which is notionally the 'value' of their shares, so for the board to be doing the shareholder's bidding they would not allow the CEO to explicitly damage the value of the company by impairing one of its assets with a destruct clause.
I think it could be more nuanced than that. You could trade that possible future value for good PR and public image, especially if you are fighting a lot of bad PR because of people's worries about that data. Putting a clause in without letting anyone know about it would be destroying the value, but if you attempt to capitalize the on public perception of the move I think it would be really hard to make a case that it was irresponsible without some corroborating evidence that nobody thought it would help.
At an implementation level, you could make it optional for customers to delete their data (preferably opt-out of deletion).
A purchaser looking to woo your clients (and continue to provide your service) rather than exploit your goodwill shouldn't have trouble retaining the majority of the data.
There's no reason to force data deletion, but leaving the choice to customers if they want to trust the purchasing company the way they trusted you prevents a lot of conflicts of interest and abusive behaviors.
The spread of personal information across myriad services is, I think, becoming a huge problem.
I recently had a case with one such services. They store personal information that could be very damaging if it got out. SSN, driver's license, name, address, phone, credit card info, etc.
I decided I no-longer needed the service and so I asked to close the account and clear all of my data from their servers and backups. I was particularly interested in the information that could be used for nefarious purposes given a data breach or a sale of the business.
They refused and gave me some bullshit reason.
I moved immediately to arbitration per their own TOS. Within a couple of days they became very responsive and have, in theory, cleared all my info from their service.
And that's the issue. How do you know? They could have lied to me just to get me to drop arbitration. Hard to know how far to pursue something like this. No company should keep information on you that you do not authorize them to keep. A consumer ought to have the right to have any and all traces of their personal data erased from databases with absolute certainty. Privacy ought to supersede everything else.
What if you want Facebook to clear all data related to your account? I don't think that's possible in the US, is it?
The reason given for collecting such data is often, "for your protection" or a variant of, "to verify who you are."
And invariably, I hear about that exact data becoming exposed a few months later. It's extraordinarily frustrating that even when you articulate this viscous cycle to them, they still blindly push forward with the same efforts.
Once Facebook has data, it ends up in their database backups and potentially in their logs, and also potentially in CDN caches, so even if they deleted it from their production database it wouldn't really be gone.
This is one of those cases where it is impossible to prove a negative -- one can never prove that the data you gave to Facebook doesn't still exist somewhere, even if they look for it everywhere they can think of. Similarly, the company you entered into arbitration with might have made a good-faith effort to delete your data, but they might not have fully succeeded.
Therefore, one must assume that any data given to any company might somehow survive even if the company attempts to delete it.
They're Facebook, I'm sure if they actually bothered they would be able to design things so that deleted data could also be removed from backups and expired out of CDN's.
I mean hell, at my company we are putting in tools and methods that will allow us to very easily remove data with a single command from our systems should a customer/partner request their data deleted.
23andme tried to give me the runaround when I wanted my data destroyed, when I replied pointing out the exact clause in the TOS I was referencing (that was very hard to find) they were immediately condescending assholes, when I politely replied that I just wanted them to do what the TOS said, and I asked using the exact phrasing they requested they went right to hostile and insulting.
There is no way in hell they actually destroyed my sample or my data. They quite rightly knew that they didn't need to convince me of anything or try to hide the fact they were lying.
Not selling data enables not having it in the first place, which eliminates the entire failure class of "getting hacked".
NB, and not specific to you, but I'm increasingly cognizant of the general inability (or unwillingness) of people to follow chains of reasoning forward, or in this case and more readily, backwards, to identify likely consequences and/or causal / contributory mechanisms, in even only modestly complex cases.
It gives me a great deal of concern over the creation of an even only modestly complex information infrastructure.
I'm thinking not really that big a deal.. Maybe I'm just jaded.
address-> house size mapping has been done. (I think towns keep that data for tax purposes)
name -> address is a phone book away. (If you've ever bought a property you probably got some welcome mail from companies looking to sell you things)
the address->email address/online presence might be where the new data comes out.
I worked at a company that monitored peoples and businesses power use, on a circuit by circuit basis. This can be really invasive. When my boss went on vacation, his data clearly showed that (we used his house for testing). Our CEO asked his wife why she came home early, she asked how he knew (the garage door and kitchen power... He could keep his toys but not talk about it again.). Another person was wondering if he should talk to his dog walker because he noticed that one walk was really shorter than it should be...
Our sales guys would look at a company they had meeting with roof, to figure out the size and number of AC units, before going to talk to a business.
What were the main uses of this data? There's actually a lot of interesting uses here. Personally, I've been wanting some easy way to label certain circuits and outlets in my home via an app, and then get a real-time read on how much it is costing me to use them based on my area's energy rates.
I've long thought that simply making myself more aware of the actual dollar costs of usage for various things (leaving lights and computers on, etc.) could be a great way to nudge me towards better energy consumption habits (ditto for water usage).
Sorry for the late reply. The use of the energy data were to help figure were the power in your power bill was going. For example my Boss's old refrigerator was drawing a lot more power then expected. And giving hints on how to save.
We uploaded data from the box to the cloud once per minute, so you could see your usage.
We could give an estimate on daily/monthly/yearly cost. Electric rates can be weird, so businesses we had logic that would try to calculate and alert you when you were reaching a specific dollar figure (or peak period.. some utilities surcharge based on peak usage)
In general we had dashboards and alerts. Restaurants could see if the lights were on after a certain hour (usually closing). A big early win was a place that had electric heaters in the front windows that were on 24/7. It was fun watching the solar panels generate, and see when the clouds go by.
The company moved into hvac control with temperature sensors and monitoring refrigerators and cooking temperatures. Now I think they're selling services to oven companies and such.
Its AC so there is some work to pull the data out (we had a custom board to deal with the 14 channels).
Current transformers are what makes it work. There are some open source solutions are starting to show up that don't require uploading to the cloud. There are "Kill a watt" for single plug monitoring, but they lack logging.
I found a company that took those public property records and made them searchable online on 1 website. There's a huge difference between finding a phone book in the right area and manually searching by name (you need to have a rough idea of where I live), vs going to the correct county website and searching my name (you still need a rough idea of where I live, but it will be easier since you don't need physical access), vs being able to go to a single website and find out where anyone in the US lives (all I need to know is you're in the US).
Another way to look at it is that the gov could always monitor you via wiretapping, but doing it through centralized data services is easier and cheaper.
One use for this data would be for the IRS, to help determine square footage to see if it's inline with what's reported for home offices
Yes the gov also has this data which is probably one way Zillow gets it. What they don't have is the actual size of your house's various rooms which as I've already mentioned is useful for some agencies
It's actually interesting to me that they explain what they store:
"The Roomba 900 Series vacuuming robots capture mapping and navigation information via vSLAM, which stays on the robot. On all WiFi-enabled Roombas, usage data (e.g. how long did it clean, how far did it go, did it encounter any error codes, is it functioning correctly) can be sent to the cloud so it can be shown on the customer's mobile device. Images used for navigation are NOT sent to the cloud."
Have to give them props for being so specific. That being said.. still don't know if I trust them, and I am sitting with my Roomba 960 vacuuming under my feet lol
> "Images used for navigation are NOT sent to the cloud"
Maybe I'm just too pessimistic for my own good, but the wording on that still leaves a lot of wiggle room in how it's "images" and "cloud".
Not all file formats are images and not all servers are a "cloud".
Could just as well used "data"/"upload" and covered all fronts.
"Data used for navigation is not uploaded anywhere".
Hey, w/o getting too specific, speaking as a former iRobot engineer when the 900s were developed / released (unofficial, not representing iRobot, blah blah ) - the privacy implications were thought of a lot when these products were developed. There really aren't any images or data that could be reconstructed / assembled into images ever sent to the cloud, persisted on the device, or available to send to the cloud.
I do understand the pessimism, especially with all the privacy horror stories you hear out there, but I can say that Colin / iRobot arent playing games with their words when it comes to this.
I do kinda believe you, but every company that has been caught doing this says the same things and also has employees (or astroturfers posing as) posting about how they are different. I wouldn't even call it pessimism, it's basic common sense.
Totally understood - skepticism is always warranted when it comes to this sort of thing!
From my end I always add a disclosure about any current and former employers in when I post anything about them because I'd rather just be honest that I may be biased on the subject!
FWIW, I no longer work there, nor do I own any stock - My only interest in defending them is I have great memories of working there, and a lot of friends who are still there! (Again, feel free to take with a grain of salt)
In your opinion, given the skepticism you observe here, is there something more that iRobot/Colin could do or say that could better alleviate concerns based on your insider knowledge?
To be honest I'm not sure, PR, marketing and such is not my strong suit. (Also, just wanted to add that any insider knowledge I share is solely on iRobot culture, and I cant divulge any insider info on technology, only whats publicly available. Sorry for the disclaimer, but this account is tied to my real name, haha!)
If anything I would say that there is some good information on the webpage they need to make sure gets out there. I'd also say that they should get out there and talk about their vision for the future more. Colin has talked a lot about his vision of a smart home, and how iRobot can bring a lot to the table by providing users a map of their home that is updated fairly often. As such I think they could get people more excited by not just saying "no we arent selling your data", but by showing the potential. Imagine being able to say "OK google, vacuum all the bedrooms and mop the bathroom", and having it dispatch your roomba and braava. Or saying "Alexa, have you seen the tv remote?" and having it respond "the roomba spotted it inder the couch when cleaning earlier".
(Not necessarily saying this is what is being worked on, again just my impressions I got that Colin / the leadership there is more interested in making cool bots and working to make a true smart home a reality, and willing to let users have access and share the kind of data a mapping robot can bring, and less about becoming a data/ad broker.)
But data is uploaded, if you opt-in to that. If you choose to allow it, the map that the Roomba generates is uploaded to the "cloud", where it's cleaned up and made available in the iRobot HOME app. This was explained in the very next paragraph. They simply cannot say "data is never uploaded" because it's not true, but they can say "images are never uploaded" because it is.
And I wouldn't quibble about the usage of "cloud". It's generally understood that if the data is sent to a server outside of the customer's control then that's the "cloud".
That seems at best misleading at worst outright untrue...
Their own cloud connected app shows a detailed layout of your home's floor plan[0]. The implication of "navigation information via vSLAM, which stays on the robot" suggests that such a floor plan could never be sent to the Roomba App, since it is, that statement is suspect.
Plus the Roomba is updatable over WiFi without user intervention. So even if the above statement is true TODAY, there's no specific reason to believe it will remain true forever. They could push an update tomorrow, start collecting data, and then let you "opt out" if you don't want your intimate personal life shared with anyone who can pay.
Did you read the article? The very next paragraph explains that:
> If a user agrees to having their map data viewable on their mobile device, then the map that the Roomba creates during a cleaning job is sent to the cloud where it is processed and simplified to produce a user-friendly map that ultimately appears in the iRobot HOME App.
(This July 24 story corrects paragraph 6 to read "share maps for free with customer consent" instead of "sell maps")
"Angle told Reuters that iRobot, which made Roomba compatible with Amazon's Alexa voice assistant in March, could reach a deal to share its maps for free with customer consent to one or more of the Big Three in the next couple of years. Angle added the company could extract value from those agreements by connecting for free with as many companies as possible to make the device more useful in the home."
Glad to see the backlash. When I read the original story I thought - this seems like a good product to sell to a SWAT team. It's amusing that a company named after the book/film "I, Robot" is the one involved in this controversy.
In my opinion, the market is ripe for a privacy sensitive electronics brand. Personally, I looked into this with phones a few times but just couldn't find the right mftg partner.
> It's amusing that a company named after the book/film "I, Robot"
The book and film or so un-related it is almost an insult to mention them as if they are the same. While a few character names and the three laws come from Asimov the plot of the movie is mostly original work adapted from a screenplay Hardwired by Jeff Vintar completely unlinked to Asimov's stories.
Well, then how about giving it for free because they're forced to or dutifully happy to do so?
iRobot until just over one year ago built military and critical robots for the US government, police etc, then they sold the military division to a different entity, but I wonder if they still have ties with the govt.
Just wait for the new and shiny model using AI+cameras+cloud to recognize dirty spots on the floor, go cleaning them,then report back to the owners phone that either the job is done or they need a wiper replacement, or Billy's giant teddy bear is in the way and it can't complete the task.
Adding malicious code to such a platform will be just too simple. ...And tempting.
I was actually on the market for a 960 or 980 and was just waiting for a great price.
After reading the original article where they casually suggested they'd sell photos from within my home (in the form of maps), I've scrapped the entire concept. I knew the 900 series had better mapping, but I never considered that someone would use that to invade my privacy (and that of my family).
And this article doesn't change that. You cannot put this genie back in the bottle. Now all I wonder is "when" that data would be sold, whereas before it wasn't even something on my mind.
I currently own a 700 series "bump" Roomba. I think I'll stick to "bump" navigation models without WiFi, since clearly the data will get abused.
PS - I am well aware that certain information about my home is public, such as square footage, floor layout, and so on. This is taking that one step further, by selling even the layout and type of furniture I own. Plus the Roomba uses optical cameras, so who knows how far this could go. Particularly if they just switch it on one day and make it "opt out."
I can't help but feel that privacy controversies like this are going to turn into a "boy who cried wolf" situation if we freak out anytime anyone collects the least bit of data about us. Who really cares if this company collects and/or sells mapping data of our floors? Why should I be worried if Amazon knows the distance between my couch and coffee table? Isn't our outrage better preserved for when our privacy is truly invaded?
> Who really cares if this company collects and/or sells mapping data of our floors?
Me. And not to put too fine a point on it, the people in the market for buying and selling this data.
> Why should I be worried if Amazon knows the distance between my couch and coffee table?
I'm not going to presume to speak for you.
> Isn't our outrage better preserved for when our privacy is truly invaded?
...So don't speak for me when deciding what is an isn't an invasion of privacy.
I find this to be a significant invasion, and so do many other folks, some of whom are giving you possible answers to your question. In a lot of ways, this is no different than people claiming the FB 'true name' policy doesn't matter/is actually a positive. Maybe for them, but not for the former partner of an abusive spouse, or the gay kid in Russia or Alabama.
Don't presume that your tolerance for data leakage is the same as everyone else's.
More generally, the point is that information like this just should be default-private. There is zero reason for me to want information like this to be shared with random third-parties. If iRobot or whomever wants to "enhance the value of their connected devices" with private data about me and/or my possessions, let them approach me and convince me to share it, not just blandly write some bullshit privacy policy and take it from a device I purchased.
I love innovation, new toys, etc. But this rush to sneakily inventory/quantify/spy on me, my home, possessions and relations is awful, and will have creepy outcomes. It won't happen to me, because I won't install this shit in my home or use social media, but it will happen.
Do what you like with your own sense of privacy, but don't presume to speak for anyone else about what a "true invasion" might be.
Hey jal, just to let you know the iRobot privacy policy and device data collection and retention policy does state that data will not be shared, divulged or sold to any third party without your express informed consent on a case by case basis, and that data is not even collected by them unless you opt-in and register your robot with them. The bots are fully functional as a standalone device without internet connectivity. Additionally you can contact them at any time to have your private data removed from their servers which they are happy to do.
Full disclosure: I am a former iRobot engineer, and also a big privacy proponent. I also had some feelings about a camera enabled mapping robot when I first learned about the project, but I can tell you that the people there take privacy and data security VERY seriously, and really are trying to respect their customers as much as possible. Unfortunatley the message that iRobot wanted to allow you to share your mapping data if you wanted to for enabling smart home applications got spun pretty quickly into "iRobot wants to sell your data!")
>In a lot of ways, this is no different than people claiming the FB 'true name' policy doesn't matter/is actually a positive. Maybe for them, but not for the former partner of an abusive spouse, or the gay kid in Russia or Alabama.
This is exactly what I am talking about. Do you honestly see no hyperbole in this? Roomba having a map of my floors is no different than a policy that leads to gay kids in Russia being thrown in jail. Things aren't binary. We can deal with them in nuance. Equating these two together weakens your argument against both of them.
This is exactly what I am talking about. Do you honestly see no hyperbole in this? Roomba having a map of my floors is no different than a policy that leads to gay kids in Russia being thrown in jail. Things aren't binary. We can deal with them in nuance. Equating these two together weakens your argument against both of them.
When it comes to Big Data -- and Big Metadata, for that matter -- quantity has a quality all its own. If this type of data weren't valuable, and hence worth safeguarding, there would be no market for it.
I'd like to agree with you, but I'm becoming less sure of that with every day.
For instance, you breezed right past my point (that privacy risks are different for different people) to hammer more on your presumptuous assertion that floor maps don't (or maybe you mean shouldn't) matter to anyone.
Sure, and as someone who owns an older model, this feature (as I'm learning about it today) actually sounds compelling for my particular use case. But I also put covers/tape over my webcams. So sure, privacy concerns are all relative.
However, in this case, I still cannot understand all the negativity still being directed toward iRobot. We know data they're collecting, we know why they're collecting it, and uploading mapping data is opt-in. If any of these things concerns you, can you just not buy it and move on?
If my ranting concerns you, can you just not ignore it and move on? I just can't understand the negativity...
More seriously, I see value in iRobot and others hearing loud noise about how stuff like this is not OK to many of us.
- "We" may know this, but I doubt there's a "we also sell your data" sticker on the box, and lots of other people don't.
- If people don't push back, manufacturers will hear that this is acceptable. I'd like this to not be acceptable.
- iRobot may have floated this in order to find out what people thought, but many other companies are much less scrupulous. They need to hear loud and clear that this is not acceptable.
- If loud outcries happen each time some company tries to normalize data grabs like this, they won't be normalized. That's a world I'd like to live in, so I'll keep being loud, thanks.
That's the great thing about having a market and the ability to share this information. You go ahead and buy the Roomba, and I'll just avoid them all together. It's fine. But I'm glad to know that this was on the cards, and plan to vote with my pocket and not buy products that intend to do something like this.
I hate to sound alarmist, but as our world grows increasingly connected, I tend to be a bit cautious as to why I'm giving up this data and for what benefit. I see stories like this (https://carpeaqua.com/2017/07/07/hack-the-planet/) and wouldn't have thought before that my PayPal accounts or other financial information could be at risk because of an AT&T issue, but some criminal was smart and exploited the weak link here.
I don't have any idea as to how criminals in the future will exploit my personal house data in order to steal from me, but just in case they find a way, I'd rather not offer up that data because "who cares".
Which is likely already available publicly along with many of the other things people are pointing out like square footage of a home.
And maybe you live in a much bigger place than I do, but a burglar isn't going to be planning to rob me like they are planning to steal the Mona Lisa from the Louvre. My house isn't that complicated, you don't need to spend much time planning when you can deduce a floor plan pretty quickly. It also isn't like a Roomba created floor plan would have any idea on where in my house the valuables are stored.
It seems like you could get a basic idea of what rooms are where just by looking the exterior of the house using satellite images, street view, or driving by a house. Also if your house has ever been listed for sale, there's likely pictures of the interior out on the web as well. Would the robot-generated maps provide much additional information to thieves?
Outrage is absolutely appropriate for cases like this. This isn't "boy who cried wolf". The fact that cases like this generate outrage serves as a reminder to everybody that privacy is important and as a strong signal to companies that they can't do stuff like this without customer backlash.
If we just sat quietly and did nothing when iRobot seems to be selling our data, then that just opens the door to worse privacy violations.
Don't assume they'll be so uncreative with your data. For example, if there are time stamps on the collected data it could tell someone when the Roomba tends to run and that might indicate when you are gone from your home.
Suppose I'm an insurance company. If I know how far a robot had to travel to clean your floor, I know your house's square footage which means I can make estimates about your income and lifestyle based on data from millions of other people. Maybe I decide (doesn't matter that it's wrongly as long as I decide it's pertinent) from your probable lifestyle based on this data that you may be at risk for developing a health condition and so I charge you more for health insurance.
If I'm a burglar, it's convenient to map out your house before I burgle you.
There's just no reason pertaining to cleaning floors that the floor plan needs to get saved anywhere. Companies collect data for the purpose of extracting value from it. If they just wanted to make smart devices better, they could have the devices communicate on a closed network without sending data anywhere outside the network.
> Why should I be worried if Amazon knows the distance between my couch and coffee table? Isn't our outrage better preserved for when our privacy is truly invaded?
This isn't thinking like a corporation, nor a hacker. This as an APT, information security-wise.
These kinds of grants of access to private data by consumers for monetization purposes are never, ever constrained to one highly-specific type of data. They want you to grant access to a data gathering CHANNEL. Once that channel is opened, any additional data they figure out how to gather falls under the same agreement you consented to before.
Today, it is room data. Tomorrow, it is dust and pollen collection data.
"So what, who cares, they can have measurements of how much dust and pollen is in my home, lol."
Yeah?
Exactly how much have you worked with the data brokering business? If you've been around the block in that part of the industry for any length of time, you quickly realize that it isn't single individual databases where the real bucks are made. It is novel combinations of datasets giving you a plausible explanation to draw inferences from the data.
Go back to the hypothetical dust and pollen measurement. Suppose the GOP loosens the restrictions on risk-pricing medical insurance plans; as long as an insurer can point to a plausible explanation of pricing factors, they can price it however they want above a baseline, but they don't have to make it easy for you to figure that out. Health insurer uses a study [1] to explain how certain levels of dust and pollen are correlated to X% increases in stress-related costs. They purchase the dataset from iRobot. Slap an X% increase onto your premiums, but you are none the wiser on exactly why, and especially where the substantiating data came from, "because it's a trade secret".
The practically non-existent privacy protections for American consumers is essentially a license to steal from them. The best part is you never have to be told who gave what information about you, and when. All this data gathering started out as a sales exercise only because that is the low-hanging fruit. The real prize is absolute control over all the decisions you will make that matter to the owners.
Just because you can't think of abuses to your couch-to-coffee table distance or your floor layout doesn't mean that they could potentially be privacy-invading, especially when they are fed into massive AI databases.
You could call me paranoid, but I prefer all data I generate in private to be limited to whom I want to share it with.
A world in which people overreact to privacy violations (whether perceived or real) isn't one I envision happening any time soon.
Sure, there'll be periodic and pointless indignation, but then the vast majority of those complaining will go back to trading their personal information for free stuff.
How many rugs does the average person have in their home? Is it in any relation to the amount and shape of furniture? If we shape our tables a certain way, are people more likely to buy our rugs to go with them? What's the average size of a rug in a person's home? etc
Interestingly enough, this isn't possible at the moment, but probably possible in the future. I own a (edit: 980) and they do actually detect when they're on a carpet/rug (they turn on a carpet mode that is basically just sucking twice as hard). However, there is no indication they're saving this data (the maps don't give any information of where Roomba thinks there's carpet, and there's always a delay in the carpet mode when it enters the carpet so its not learning that).
Its these kinds of things that lead me to sort of trust the CEO here with current products. Even after 2 months the map isn't very accurate and the user can manipulate the data (the map gives no indication between walls, the blockers it comes with, and closed doors).
Probably will keep close attention to see if they ever make any upgrades though.
How much free space is there in the user's home? Can we target them with furniture ads? If they have a lot of furniture, can we target them with reupholstery or furniture polish or other such maintenance ads?
Do they have a big home? Do they have a small home? I'm sure this is valuable for advertising reasons as well.
How often do they clean their home? If they're cleaning all the time, maybe we should target them with ads for professional cleaners. If they rarely clean their home, there's probably something of value that can be learned from that too.
Exactly. Roomba has left themselves a lot of latitude by simply saying they they will never "sell" the data. What they should say is, they will never transfer the unencrypted data to a third party, and will never enable a third party with the encrypted data to decrypt it.
That's (sadly) entirely too specific and technical for general communication. The more specific you get, the more someone will wonder if there's a loophole.
> What they should say is, they will never transfer the unencrypted data to a third party, and will never enable a third party with the encrypted data to decrypt it.
Doesn't really work... they can send the encrypted data to Y and the encryption key to Z so that Y and Z can make their own agreements.
Fair enough, though I do think calling it put as a lie is a bit strong, in the context of the FAQ linked since I read it as third-parties meaning other private companies, not government agencies in response to a legal request. (That may be my bias since I worked there, know the culture, and still have plebty of friends there).
I can absolutely see your point, and would say that they do have actual legal pages on their privacy policy and data security measure, which mentions that they will respond to a legal subpoena, and that you can at any time request that your personal data be deleted, which theu will do.
Again, look you can think I'm full of it amd take this with a huge grain of salt, since I did worm there. All I can tell you is that the people who worked there and started that company are there to make cool robots, not to be personal data brokers or an advertising company, and any conversations we had when I was there were about how we could make things work with other services and do neat smart home stuff, while keeping peoples information safe and privacy intact, not about how we can make money off of peoples data.
(apologies for the typos, small phone screen and fat fingers!)
Replied to a child post of this already, but in case you missed, they specifically said they won't share data either without first obtaining informed consent. (Full disclosure - former iRobot engineer)
Roomba is in a very special category of machines, one able to collect indirectly samples of human tissue, drugs like cocain, etc... as part of their normal work.
Therefore the bigger trouble is not in the data that iRobot could have about your cleaning chores or the shape of your house; the real problem would be anybody with enough motivation ringing your door bell with a fake iRobot uniform and the generous offer to replace/upgrade your old roomba with a newer machine for free. Old fashioned social hacking.
You can't actually make that promise and you can't grantee the data won't leak. Anyway, the real problem is I don't want iRobot to have the data either.
Seems like we've seen this story before...
1) We don't sell your data
2) unless you give us permission
3) but to be convenient we will default it on for you
4) and sell it preemptively to "enhance" your experience
5) but don't worry someone hacked us and took it for free anyways.
Empty promises. I don't believe anything anymore, especially from heads of organizations. Perhaps if he were to back it with a contract that says if they do release my data they will pay $x, I'd believe them.
The primary issue is that iRobot has your room data in the first place. iRobot created a design that includes the ability for them to have your data, despite any costs on their end. Since there is a cost on their end, they created this system with the intention of benefiting iRobot.
Isn't the biggest question here along the lines of:
This is a little novelty device meant for neat freaks and gadgetphiles (no offense intended) who like the idea of a home robot doing a simple chore like keeping a floor clean.
Why would it need any kind of data collection at all, beyond - at most - a minimal set of local (not cloud connected) diagnostics to keep it running? Even that sounds suspect for a self-propelled vacuum cleaner.
In my opinion, which might seem quite opinionated, there are limits to the amount of data that needs to be collected to develop a successful product. Slapping some IoT features on products that don't need to have them just reeks of excessively clever over-engineering, or, possibly, an ulterior motive.
On a different note, somebody has to traffic dump those Xiaomi Mi Robots. They are very good at what they are supposed to do, but what if they have to comply with Chinese agencies by sharing image or other meaningful data?
Id rather they say iRobot does not have the right to sell my data. Why did they give themselves that right in the first place if they don't plan to use it ever??
Here's a solution:
1) Promise me to pay $1 for every data point in case of a data breach
2) Run you software on my hardware. I promise not to sell you software.
If it's coupled with some Wi-Fi physical layer data (signal strength, etc.), a big dataset might be useful in making a better model for in-door signal propagation. Roombas are already quite popular in the research community as a cheap platform for automatically moving around equipment.
