FTC Suggests That Might Just Be A Breach Of The Law
In the US there is something called the Magnuson-Moss Warranty Act, which requires written warranties and other disclosures for products costing $15 or more. This is supposed to be enforced by the FTC, but by their own admission 163 out of 184 IoT device manufacturers they looked at don’t provide an EoL date for software updates to their devices. That would seem to definitely be part of a warranty. As we’ve discovered time and time again when a security breach or flaw is discovered on an IoT device, many manufacturers have discontinued any support for those products without notice. The only thing you can do to secure your privacy is to toss the IoT device in the garbage and hope the next one you buy is better.
This isn’t clear cut unfortunately, generally the act applies only to products and not services, which an IoT device manufacture could claim defines their software updates. As well you are required to provide proof of harm over $50,000 or get at least 100 customers together for a class action suite to file a legal claim. However the FTC is allowed to “take injunctive action against a supplier or warrantor who fails to meet the requirements of the act.” on behalf of consumers. It will be interesting to see if anything comes of this, and reduces the amount of Macquarie Dictionary’s word of the year IoT devices bring to our lives.
