Consumer Reports recommends manufacturers take the following steps to design long-lived connected devices.
Do you own a Roomba vacuum? Millions of consumers who do are wondering what will happen to their adorable robots as iRobot, the beleaguered company behind the device, runs out of money. Absent a buyer willing to support the application and cloud that helps keep these robots on track, consumers may see their robots become far more dumb or stop working altogether.
Roomba owners are not alone. It doesn’t take a business failure to turn a connected device into a pile of e-waste. In the last few months consumers have said goodbye to some of the first generation of smart home products with Wemo telling users that it will shut down its older smart devices in January, and Google ending support for the first and second generation Nest thermostats in the last week of October. Both of those devices were launched in 2011, and by the standards of smart home connected devices, both sets of products have lasted a long time.
But in the internet of things, long-lived products are outliers. There are hundreds of connected products that have stopped working within a few years of consumers buying them because the companies behind them shut down or stopped supporting them. And when those companies stop supporting these devices, consumers are left with a product that no longer functions as advertised and might even become a security risk. If they stop working altogether these devices simply become another product added to the pile of e-waste.
But it doesn’t have to be this way. Device manufacturers, chip makers, standards groups, and regulatory bodies can take a series of actions that would allow for connected products to retain their usefulness even after the device loses its connection to the cloud. Because we believe that consumers deserve to buy products that will last as long as possible, we’re publishing a list of recommendations that would help connected products retain their utility for as long as possible. In some cases, these products could even retain their cloud connections after a manufacturer has decided to walk away from supporting them.
We built these recommendations after spending hours interviewing security experts, product designers, academics, advocates and software engineers who have experience in building, designing and supporting connected products. We even talked to accountants. The result is a list of ideas covering business model challenges, hardware and software design decisions, and recommendations for government agencies and standards bodies.
Creating long-lived, secure connected consumer devices is essential for protecting consumer rights, our national security, and the environment. Following these recommendations will benefit manufacturers, which will gain a clear understanding of what it means to build and deploy a connected product responsibly. It benefits consumers who purchase products without understanding that those devices might fail on the digital front before ever physically breaking down.
We’ve tackled this issue before when Spotify announced that it was killing its $90 Car Thing after a few years or in our 2024 letter to the Federal Trade Commission asking for clearer guidance around the issue of “software tethering.” Software tethering is where manufacturers use software to control and limit how devices function after a consumer has purchased it. In our letter, CR called the loss of functionality from connected devices a “death by a thousand cuts” for consumers who have invested in connected products that range from light bulbs to large appliances.
We proposed the concept of a Longevity by Design program modeled after the Cybersecurity Infrastructure and Security Agency’s (CISA) Secure by Design program in our letter to the FTC. We’d love to see manufacturers voluntarily adopt some of these principles and hope the FTC formally adopts some of these as best practices for companies making connected devices. The effort could be modeled on the agency’s 2017 Stick with Security guidance and Start with Security publication that was designed to inform companies about how to safeguard sensitive consumer data.
Connectivity has become an important feature in many of today’s consumer products, but it has become clear that the industry, consumers and regulations do not recognize how these connected products fail, and how to extend their lives. This is not a new challenge. When plastics were introduced in the 1960s product engineers had to learn how to adapt their designs for the new material. As electricity was added throughout the home, engineers had to figure out how to keep consumers and their homes safe.
This list of recommendations is our attempt to meet the moment. Connectivity changes what it means to operate and support a product, and we need to figure out how to ensure that adding connectivity doesn’t create cybersecurity risks and piles of e-waste. With AI, the pace of change will only accelerate as the connection to the cloud and continued investment in software and security becomes even more essential to the product experience.
It’s time that manufacturers, regulators and other stakeholders start talking about how connectivity changes what it means to build and maintain a long-lived product. We hope that this series of recommendations starts that conversation.
