“Two houses, both alike in dignity…” – “Romeo and Juliet,” prologue
It sucks working on a boring project. Let’s say that you’ve been working on the same product for a few years, but it hasn’t been selling well. Even so, you’re about to start on an update for it, even though that probably won’t sell well, either. You’ve got a boring few years of unremunerated drudgery ahead of you.
But at the last minute, your boss steps in and decides to reassign you to a new and exciting project. Hooray! The company is pulling the plug on the old gizmo and starting over with a clean-sheet design – and you get to lead the effort. Instead of facing another couple of years doing boring updates to a dead-end product, you’re finally able to work on something new and interesting!
You get home that night to tell your spouse the good news. “Hey, Honey, I’ve been reassigned to that cool new Project X we’ve heard rumors about!” Pop the champagne cork. This is why you became an engineer in the first place.
But your beloved life partner has a teensy bit of bad news for you. While you were at work today, the Maytag Repairman called and left a message on your answering machine. “We’ve decided to discontinue support for all Model 42 washing machines. This doesn’t mean Maytag has just decided to stop selling new ones – we’ve decided to stop acknowledging their existence in any way. In fact, we will disable your existing machine in 3… 2… 1…. Ping! Your Maytag washer is now deactivated. Thank you for being a Maytag customer, and have a nice day.” Click.
What the…? Can they do that? You run to the laundry room and discover that, yes, your washer has been bricked. It won’t turn on, respond to button presses, or even indicate that it’s plugged in. It’s a total loss, a big 120-pound cube of useless hardware. What are you supposed to do with it now? And how the heck does Maytag have the right to remotely disable a machine you’ve already bought? It was working just fine! You’re going to sue somebody!
If you haven’t figured it out already, these are two sides of the same story. You see, you’re a hardware/firmware developer for Maytag, and you’ve been working on that Model 42 for several years. For whatever reason, that model never sold very well, even though you (naturally) bought one for yourself, and encouraged your friends to do the same. But your employer made the business decision to pull the plug on it and to reassign you to the new and improved model. As for the customers? Screw ’em. There weren’t very many customers anyway (else why cancel the product), and they can always buy the new model that you’re developing. It’ll be better anyway.
Which side of this argument do you fall on? Is the company within its rights to discontinue an unsuccessful product? Or do existing customers have a valid expectation of continued support? Can a vendor remotely disable a device that’s already been sold? Or are service agreements inherently limited with no guarantee of future availability? And what if you, as a developer, are on both sides of the equation simultaneously?
This isn’t a hypothetical problem. It’s happening right now. As one example, Google recently discontinued service for its Revolv home-automation appliance. And in this case, “discontinue service” means, “remotely brick the device.” Understandably, some Revolv customers are up in arms about what they see as Google’s heavy-handed approach to end-of-life. The company didn’t just stop sending firmware updates or close the tech-support hotline; it actively disabled perfectly good devices in people’s homes. Such are the potential side effects of Internet-enabled devices.
On the flip side of the coin, other users have pointed out that high-tech products get killed off all the time. “Creative destruction!” they cry. Without a constant winnowing of the weak and the slow, our industry would never progress. Who can possibly afford to support every product they’ve ever made, for all time? Obsolescence is a way of life. That’s the price you pay for constant improvement.
Yet the Revolv case seems different. The device relied on an always-on connection to a centralized cloud server (as so many things do these days). The cloud connection allowed for occasional firmware updates, but it was also necessary for some of Revolv’s core functionality, such as remote access via cellphone app. But since Revolv wasn’t selling well (at least, not well enough to justify further support or development), Google decided to simply switch off the servers, simultaneously rendering each and every Revolv device in the field instantly useless. The company didn’t confiscate anybody’s hardware, but they might as well have. Without the cloud connection, even Revolv’s local features stopped operating. It is, in a word, bricked.
It’s one thing to jailbreak your smartphone, botch the firmware update, and brick your phone. It’s quite another for the vendor to remotely disable a fully legal, working, paid-for device that you haven’t tampered with. Or is it?
The question comes down to deciding whether what you bought was a physical device or a subscription to a software service. The device itself is unharmed; the electronics are undamaged. But without the service, the capabilities of that device have been vastly altered. You can’t even write your own replacement firmware for said device, because that might be illegal under the DMCA, rendering it truly useless.
Looking beyond this one product, could Microsoft remotely disable every Windows 10 PC around the world? Technically, it’s probably quite doable, given the average PC’s near-constant connection to Microsoft’s servers. Could Sony, Apple, General Motors, or Frigidaire do the same thing? Probably so, since PlayStations, iPhones, Cadillacs, and refrigerators are all also Web-connected. The EULA for each product probably contains fine print allowing this or similar “updates” while also absolving the vendor from liability for the consequences.
Is it legal? Hard to say. I’m certainly not qualified to render an expert legal opinion, and neither is hardly anyone else. Oh sure, we might all theorize and rant on Reddit, based on little more than personal hunches, anecdotes, and an innate sense of what’s right (not the same for everyone). But I suspect there’s no conclusive argument either way. Do you take the libertarian point of view, caveat emptor, you signed the small print when you bought the box? Or the opposite view that consumers should be protected against big, bad corporations? Or the more moderate view that bricking your customers’ gadgets might be technically possible and even legal, but it sure isn’t good for repeat business.
In the meantime, set aside a little extra time every morning before you go to work to say goodbye to all of your appliances, televisions, computers, and IoT gadgets. It may be the last time you see them alive.