Should it be legal to switch privacy policies after purchase?

I think we are at a point where legislation will be needed and there should be a clear list of what kind of data will be collected by the device throughout this lifespan akin to nutrition facts for food. That list should not be possible to alter at all (because otherwise they would lock the app lest you approve the new requirements).

Something like:

This device will share:

- Age

- Gender

- Voice commands

- Wifi name

- Location

If a manufacturer wants more data they have to change the tag at the store and only the newer device will have the additional data collection. If the manufacturer pushes an update to get more data on users that have the older tag they get a $X fine per affected user, where X is ideally a real cost-prohibiting amount like 25-50% of the price of the device.

Is there any reason why we can't have something like that?

Thanks for the warning, I just bought a pair of these last week. I had planned to never in a million years pair it with a phone or connect it to wireless, and this just makes it obvious what the repercussions would have been.

Paying ~$2k for appliances that then try to extract extra money out of you with targeted advertising (for what! you already bought the equipment!).

Bookmark history! Dear god.

I don't regret sticking to dumb appliances. I hate Smart TVs with a passion, but they are all you can get nowadays. But I can just throw the TV out the window if it stops working when I unplug it and continue living just fine. Not so much with my washer, dryer, stove, car and fridge/freezer.

I do not look forward to the day you CAN'T buy a non-smart appliance like a fridge or water heater.

I think the real issue here is not whether it should be legal to switch privacy policy after purchase. LG shouldn't be allowed to collect more info than it requires. It seems absurd to me that a washer-dryer needs to access bookmark history etc. to function.

I would contact my local data protection authority and alert them of this practice. I guess LG would get in some trouble :). My initial instinct is that this collecting this info from a washer-dryer is wildly illegal.

Wow.

I do not believe changes to terms after purchase should be allowed unless required by law. We need a lemon-like law for consumer electronics.

Also, I believe it is important to not buy connected devices and appliances that are not entertainment purposes only.

I’d rather pay $200 extra for a dumb tv that will last be 10 years and guaranteed to not start showing me ads in the menu screen someday.

They are not legal in Spain, and probably neither in most of the civilized world (YMMV!). Over here a contract change needs to be approved by both parties at the time and with the specifics of the change, so a blanket "we might change this at any time" prior to it would also not be valid.

I'm pretty sure (again in Spain) you could sue them and win, but you'd have to carry the cost of suing them AND the benefit would probably be small so not many individuals do. Some nice consumer defense groups do sue these companies and win again and again, which is amazing IMHO. Specially with the last ~10 years new data protection laws these shady practices are more and more illegal.

> And I can't use the app unless I accept the new terms and services.

For example Whatsapp keeps asking me to accept the new terms and I keep closing the popup, and still can use the app. We'll see how things end up, but for now they do not "force you" to accept them (though I'd say asking for it N times/day everyday might be considered harassment).

1GB of data per day? That's incredible. Have you tried to inspect the data? I'm curious to know what a washer and dryer could possibly send home per day to total that. If what you're saying is true, it smells like you're getting spied on.

If you live in California, use the CCPA to figure out what they have on you and then submit a deletion request.

I don't think it should be legal, but Congress unfortunately doesn't give me a whole lot of say in what becomes law.

Your best bet is probably to just not use the app from now on. Go ahead and accept the new terms, then disenroll in however you need to. I have an LG dryer/washer pair, but never downloaded the app, didn't register the equipment, and it's not on my network but still works fine. You can't remotely trigger a wash, but you can set a delayed start from the onboard control panel, and as long as you're reasonably accurate in your prediction of when you'll be coming home, it'll have the same effect as what you're doing with a remote trigger.

I don't have the answer to your legal question, but if your router supports it, you might consider putting rate limits on the machines IP so they are slowed to a crawl. Maybe 10kb/s. Enough to make it think it is working but not enough to upload all the things. This assumes your appliance will still work as designed when their spooler/buffer is full. Or another trick is to drop any packets above 600 bytes. Most API calls will work but data transfers won't unless their device is clever.

1GB of data does not pass a reality check for me. What on Earth can they be collecting about your washing and drying that is so much data? Can you tell us what it comprises?

Most policies/contracts for B2C products (and employer to employee) are next to worthless for the consumer. Most have some sort of language saying they alone make the rules and they can change them at any time with or without notice.

As a consumer and employee, I feel it would be great to get rid of that language. I doubt congress will do anything about it since that would require a massive change to contract law.

I think it should not be allowed to change after purchase because it is open for any changes and once you don't accept you will not be able to use the product. Forcing you to accept any change

No.

I was recently incredibly annoyed with my TV "threatening" me that if I didn't accept the regular new privacy policies, I would lose functionality (of course, with the 50 pages of on-screen legalese that you're supposed to read before accepting).

LG ... I'm looking at you and your mafia tactics. Good topic to bring up, it's getting ridiculous.

Signed: A previous LG fan

There are just enough edge cases that they need that ability. Laws change, and they need to update to account for that. Sometimes the previous policy was wrong and they can't work at all without adding something that should have been there all along.

Of course most of the time changes are not needed at all to get the job done, just to violate your privacy.

...and this is a perfect example of why I don't buy anything "smart" besides my phone.

Yes. Serious: connected devices should be legally forced to use owner-controllable open protocols. I see no other way to guarantee that the costumer can't be abused.

I think that the solution moving on forward would be purchasing dumb devices and doing automation yourself and connecting them to your own smart home network.

My bigger thing is: will my hardware stop working if i dont agree to the latest changes?

So... Why did you give permission for a washer/dryer to talk online?

And, since you did the bad thing, have you revoked/changed passwords/locked this piece of shit hardware out from the internet?

Rather than begging HN or yelling at a cloud (LG), what have YOU done to remedy this on your side?

Not sure about the US but in Europe and UK, GDPR would not permit them to collect anything that is not strictly needed without explicit consent.

The Data Minimisation principle says you should only collect what you need.

They can soft-opt you in to certain things if you have a business relationship (news letter) but this should be opt-outable, I think even at purchase time.

It would also not permit the extension of data collection without consent (or another acceptable basis, but that would be unlikely). In the case of a service online, I guess you could potentially say if you don't like it, don't use the service but with hardware, I don't think this would fly.