Demanding device sustainability through long-term software support and transparency from manufacturers.
Out-of-date devices can bear privacy and security threats, as well as transform into tools of exclusion. To accompany the soaring demand for a right to repair, we're demanding device sustainability through long-term software support and transparency from manufacturers.
Every year new devices are released; more powerful, more capable, with fancier screens or the latest new shiny features. With these new products usually comes new software, whether it's the Operating System such as iOS or Windows, or new firmware and apps. The side-effect of such releases is that old devices are rapidely abandonned by manufacturers. This translates into perfectly working phones, TVs, routers, smartwatches, tablets, that won't receive the latest update.
These updates are important, they ensure the security of our devices and access to ciritical services. An out-of-date device can be a door to one’s bank account or the intimacy of one’s life. These risks are enabled by short support periods and an industry focused only on selling its future products.
With electronic waste (e-waste) a growing problem, more and more consumers having to buy new devices every year solely to access security and critical services is not acceptable.
What's the problem
Device manufacturers currently have no obligation to maintain devices for any period of time. This leads to a situation where off-the-shelves out-of-date devices can be purchased and where companies can offer short term software supports, encouraging regular replacement. The smartphone market for example usually offers 2 years of software updates (up to 6 for iOS devices), leaving consumers with the choice between an unsecure device or a new purchase after the expiration date.
This problem is not just limited to phones and laptos; softwares is embeded in a myriad of devices we use everyday such as routers, smart TVs, smart fridges, smartwatches, e-reader and doorbell camera. Every one of these device can become a security and privacy threat. Examples of mass scale hacks that rely on known vulnerabilities in out-of-date devices are often witnessed. Unfortunately, only a limited number of manufacturers will continue to care about these devices a few years after they've been sold.
What can be done
Along with the right to repair, device manufacturers must provide better and long-term software support, as well as be more transparent in order to keep our devices secure.
Privacy International has five demands for device manufacturers, which policy-makers should further promote:
- Devices should be designed in a sustainable manner that does not make them an environmental burden.
- Device manufacturers and software vendors should extend the lifespan of devices and software they produce and sell for as long as reasonably possible.
- Devices should explicitly announce their end of life date when sold (preferably on the packaging or in the product description, online).
- Device manufacturers and software vendors should design the software running on the devices they sell to be sustainable and maintainable
- Where possible, open-source practices should be encouraged to allow consumers to maintain devices, however not at the expense of commercial support
You can find a detailed overview of our positions and demands in our policy brief.