
CEO says iRobot will never sell your data - rbanffy
http://www.zdnet.com/article/exclusive-roomba-ceo-responds-to-spying-story/
======
Paul-ish
This really isn't up to iRobot Corporation or Colin if the company gets
acquired. They are publicly traded, hostile take overs are possible. The
promise is meaningless.

~~~
ChuckMcM
Exactly, unless there is some 'suicide' clause in the company bylaws that says
all data will be destroyed on change of ownership (which would be fiduciarily
[1] irresponsible anyway) then the statement of the CEO is constrained to
'during my tenure' at best. And 'during my tenure, while we are meeting our
numbers goals' at worst.

[1] I don't think that is a word but hopefully what I hope it would mean if it
were a word is clear :-)

~~~
ra1n85
I like that - but how would you enforce it? Wouldn't it actually just deter
companies interested in acquiring out of interest in the acquisition's
customer data?

~~~
ChuckMcM

       > Wouldn't it actually just deter companies interested in acquiring out of interest 
       > in the acquisition's customer data?
    

Yes, that is exactly it. So at some level the data is a company asset that has
'value' to a potential acquiring company. And if you decide to destroy the
value of that asset to an acquiring company (by having it self destruct on
acquisition) then you've intentionally reduced the value of the company. Your
fiduciary responsibility as a board member or executive is to maximize the
value of the company.

The long held theory here is that the share holder's elect board members to
represent their interest in the company, which is notionally the 'value' of
their shares, so for the board to be doing the shareholder's bidding they
would not allow the CEO to explicitly damage the value of the company by
impairing one of its assets with a destruct clause.

~~~
kbenson
I think it could be more nuanced than that. You could _trade_ that possible
future value for good PR and public image, especially if you are fighting a
lot of bad PR because of people's worries about that data. Putting a clause in
without letting anyone know about it would be destroying the value, but if you
attempt to capitalize the on public perception of the move I think it would be
really hard to make a case that it was irresponsible without some
corroborating evidence that nobody thought it would help.

------
acomjean
I'm thinking not really that big a deal.. Maybe I'm just jaded.

address-> house size mapping has been done. (I think towns keep that data for
tax purposes)

name -> address is a phone book away. (If you've ever bought a property you
probably got some welcome mail from companies looking to sell you things)

the address->email address/online presence might be where the new data comes
out.

I worked at a company that monitored peoples and businesses power use, on a
circuit by circuit basis. This can be really invasive. When my boss went on
vacation, his data clearly showed that (we used his house for testing). Our
CEO asked his wife why she came home early, she asked how he knew (the garage
door and kitchen power... He could keep his toys but not talk about it
again.). Another person was wondering if he should talk to his dog walker
because he noticed that one walk was really shorter than it should be...

Our sales guys would look at a company they had meeting with roof, to figure
out the size and number of AC units, before going to talk to a business.

We really have little privacy anymore.

~~~
shostack
What were the main uses of this data? There's actually a lot of interesting
uses here. Personally, I've been wanting some easy way to label certain
circuits and outlets in my home via an app, and then get a real-time read on
how much it is costing me to use them based on my area's energy rates.

I've long thought that simply making myself more aware of the actual dollar
costs of usage for various things (leaving lights and computers on, etc.)
could be a great way to nudge me towards better energy consumption habits
(ditto for water usage).

~~~
acomjean
Sorry for the late reply. The use of the energy data were to help figure were
the power in your power bill was going. For example my Boss's old refrigerator
was drawing a lot more power then expected. And giving hints on how to save.

We uploaded data from the box to the cloud once per minute, so you could see
your usage. We could give an estimate on daily/monthly/yearly cost. Electric
rates can be weird, so businesses we had logic that would try to calculate and
alert you when you were reaching a specific dollar figure (or peak period..
some utilities surcharge based on peak usage)

In general we had dashboards and alerts. Restaurants could see if the lights
were on after a certain hour (usually closing). A big early win was a place
that had electric heaters in the front windows that were on 24/7\. It was fun
watching the solar panels generate, and see when the clouds go by.

The company moved into hvac control with temperature sensors and monitoring
refrigerators and cooking temperatures. Now I think they're selling services
to oven companies and such.

Its AC so there is some work to pull the data out (we had a custom board to
deal with the 14 channels).

Current transformers are what makes it work. There are some open source
solutions are starting to show up that don't require uploading to the cloud.
There are "Kill a watt" for single plug monitoring, but they lack logging.

[http://www.p3international.com/products/p4400.html](http://www.p3international.com/products/p4400.html)

------
lettergram
It's actually interesting to me that they explain what they store:

"The Roomba 900 Series vacuuming robots capture mapping and navigation
information via vSLAM, which stays on the robot. On all WiFi-enabled Roombas,
usage data (e.g. how long did it clean, how far did it go, did it encounter
any error codes, is it functioning correctly) can be sent to the cloud so it
can be shown on the customer's mobile device. Images used for navigation are
NOT sent to the cloud."

Have to give them props for being so specific. That being said.. still don't
know if I trust them, and I am sitting with my Roomba 960 vacuuming under my
feet lol

~~~
freeflight
> "Images used for navigation are NOT sent to the cloud"

Maybe I'm just too pessimistic for my own good, but the wording on that still
leaves a lot of wiggle room in how it's "images" and "cloud". Not all file
formats are images and not all servers are a "cloud".

Could just as well used "data"/"upload" and covered all fronts. "Data used for
navigation is not uploaded anywhere".

~~~
TFortunato
Hey, w/o getting too specific, speaking as a former iRobot engineer when the
900s were developed / released (unofficial, not representing iRobot, blah blah
) - the privacy implications were thought of a lot when these products were
developed. There really aren't any images or data that could be reconstructed
/ assembled into images ever sent to the cloud, persisted on the device, or
available to send to the cloud.

I do understand the pessimism, especially with all the privacy horror stories
you hear out there, but I can say that Colin / iRobot arent playing games with
their words when it comes to this.

~~~
freshhawk
I do kinda believe you, but every company that has been caught doing this says
the same things and also has employees (or astroturfers posing as) posting
about how they are different. I wouldn't even call it pessimism, it's basic
common sense.

~~~
TFortunato
Totally understood - skepticism is always warranted when it comes to this sort
of thing!

From my end I always add a disclosure about any current and former employers
in when I post anything about them because I'd rather just be honest that I
may be biased on the subject!

FWIW, I no longer work there, nor do I own any stock - My only interest in
defending them is I have great memories of working there, and a lot of friends
who are still there! (Again, feel free to take with a grain of salt)

------
grizzles
I call bullshit. Here is Reuters correction:

(This July 24 story corrects paragraph 6 to read "share maps for free with
customer consent" instead of "sell maps")

"Angle told Reuters that iRobot, which made Roomba compatible with Amazon's
Alexa voice assistant in March, could reach a deal to share its maps for free
with customer consent to one or more of the Big Three in the next couple of
years. Angle added the company could extract value from those agreements by
connecting for free with as many companies as possible to make the device more
useful in the home."

Glad to see the backlash. When I read the original story I thought - this
seems like a good product to sell to a SWAT team. It's amusing that a company
named after the book/film "I, Robot" is the one involved in this controversy.

In my opinion, the market is ripe for a privacy sensitive electronics brand.
Personally, I looked into this with phones a few times but just couldn't find
the right mftg partner.

~~~
wmeredith
> a privacy sensitive electronics brand

We have one. They're called Apple and they're quite successful :D

~~~
jethro_tell
Uh, I, . . .. What?

------
squarefoot
"iRobot will never sell your data"

Well, then how about giving it for free because they're forced to or dutifully
happy to do so? iRobot until just over one year ago built military and
critical robots for the US government, police etc, then they sold the military
division to a different entity, but I wonder if they still have ties with the
govt.

[https://arstechnica.com/gadgets/2016/02/irobot-sells-off-
mil...](https://arstechnica.com/gadgets/2016/02/irobot-sells-off-military-
unit-will-stick-to-friendlier-consumer-robots/)

~~~
Moter8
When a Criminal gets arrested or charged through the data of an robot vacuum,
I'm going to eat my own hair.

~~~
squarefoot
Just wait for the new and shiny model using AI+cameras+cloud to recognize
dirty spots on the floor, go cleaning them,then report back to the owners
phone that either the job is done or they need a wiper replacement, or Billy's
giant teddy bear is in the way and it can't complete the task.

Adding malicious code to such a platform will be just too simple. ...And
tempting.

------
UnoriginalGuy
I was actually on the market for a 960 or 980 and was just waiting for a great
price.

After reading the original article where they casually suggested they'd sell
photos from within my home (in the form of maps), I've scrapped the entire
concept. I knew the 900 series had better mapping, but I never considered that
someone would use that to invade my privacy (and that of my family).

And this article doesn't change that. You cannot put this genie back in the
bottle. Now all I wonder is "when" that data would be sold, whereas before it
wasn't even something on my mind.

I currently own a 700 series "bump" Roomba. I think I'll stick to "bump"
navigation models without WiFi, since clearly the data will get abused.

PS - I am well aware that certain information about my home is public, such as
square footage, floor layout, and so on. This is taking that one step further,
by selling even the layout and type of furniture I own. Plus the Roomba uses
optical cameras, so who knows how far this could go. Particularly if they just
switch it on one day and make it "opt out."

------
slg
I can't help but feel that privacy controversies like this are going to turn
into a "boy who cried wolf" situation if we freak out anytime anyone collects
the least bit of data about us. Who really cares if this company collects
and/or sells mapping data of our floors? Why should I be worried if Amazon
knows the distance between my couch and coffee table? Isn't our outrage better
preserved for when our privacy is truly invaded?

~~~
__jal
> Who really cares if this company collects and/or sells mapping data of our
> floors?

Me. And not to put too fine a point on it, the people in the market for buying
and selling this data.

> Why should I be worried if Amazon knows the distance between my couch and
> coffee table?

I'm not going to presume to speak for you.

> Isn't our outrage better preserved for when our privacy is truly invaded?

...So don't speak for me when deciding what is an isn't an invasion of
privacy.

I find this to be a significant invasion, and so do many other folks, some of
whom are giving you possible answers to your question. In a lot of ways, this
is no different than people claiming the FB 'true name' policy doesn't
matter/is actually a positive. Maybe for them, but not for the former partner
of an abusive spouse, or the gay kid in Russia or Alabama.

Don't presume that your tolerance for data leakage is the same as everyone
else's.

More generally, the point is that information like this just should be
default-private. There is zero reason for me to want information like this to
be shared with random third-parties. If iRobot or whomever wants to "enhance
the value of their connected devices" with private data about me and/or my
possessions, let them approach me and convince me to share it, not just
blandly write some bullshit privacy policy and take it from a device I
purchased.

I love innovation, new toys, etc. But this rush to sneakily
inventory/quantify/spy on me, my home, possessions and relations is awful, and
will have creepy outcomes. It won't happen to me, because I won't install this
shit in my home or use social media, but it will happen.

Do what you like with your own sense of privacy, but don't presume to speak
for anyone else about what a "true invasion" might be.

~~~
slg
>In a lot of ways, this is no different than people claiming the FB 'true
name' policy doesn't matter/is actually a positive. Maybe for them, but not
for the former partner of an abusive spouse, or the gay kid in Russia or
Alabama.

This is exactly what I am talking about. Do you honestly see no hyperbole in
this? Roomba having a map of my floors is no different than a policy that
leads to gay kids in Russia being thrown in jail. Things aren't binary. We can
deal with them in nuance. Equating these two together weakens your argument
against both of them.

~~~
CamperBob2
_This is exactly what I am talking about. Do you honestly see no hyperbole in
this? Roomba having a map of my floors is no different than a policy that
leads to gay kids in Russia being thrown in jail. Things aren 't binary. We
can deal with them in nuance. Equating these two together weakens your
argument against both of them._

yourapostasy's post elsewhere in the thread (
[https://news.ycombinator.com/item?id=14876581](https://news.ycombinator.com/item?id=14876581)
) is worth considering before dismissing these concerns as "hyperbole."

When it comes to Big Data -- and Big Metadata, for that matter -- quantity has
a quality all its own. If this type of data weren't valuable, and hence worth
safeguarding, _there would be no market for it._

~~~
Karunamon
So where's the market for piecemeal vacuum-robot-collected floor plans?

~~~
IncRnd
> So where's the market for piecemeal vacuum-robot-collected floor plans?

When iRobot releases their commercial automatic floor cleaning robot, consider
your restricted floor-plans as mapped.

Even today, there's a market eerily similar to the market of videos from
hijacked xbox cameras in order to show room contents.

There are lots of other markets I can think of off the top of my head. Don't
discount what data can reveal.

------
lziest
rather "never sell directly", what about "share"? Form a new company that
gains shared access to data and ... profit.

~~~
i_am_nomad
Exactly. Roomba has left themselves a lot of latitude by simply saying they
they will never "sell" the data. What they should say is, they will never
transfer the unencrypted data to a third party, and will never enable a third
party with the encrypted data to decrypt it.

~~~
JoshTriplett
That's (sadly) entirely too specific and technical for general communication.
The more specific you get, the more someone will wonder if there's a loophole.

~~~
sliverstorm
Rightfully so! Why, already under the terms of your parent, we can imagine the
company transferring your data encrypted with rot13.

 _What, they broke the encryption and got your data!? Mercy me, how terrible,
we sure didn 't enable them to do that!_

------
pvaldes
Roomba is in a very special category of machines, one able to collect
indirectly samples of human tissue, drugs like cocain, etc... as part of their
normal work.

Therefore the bigger trouble is not in the data that iRobot could have about
your cleaning chores or the shape of your house; the real problem would be
anybody with enough motivation ringing your door bell with a fake iRobot
uniform and the generous offer to replace/upgrade your old roomba with a newer
machine for free. Old fashioned social hacking.

~~~
acomjean
That testing equipment is still pretty pricy...

but...

If a company offers to come in and vacuum my place for free I'm thinking I
should be suspicious (click this box to agree to our terms)...

------
jasonkostempski
You can't actually make that promise and you can't grantee the data won't
leak. Anyway, the real problem is I don't want iRobot to have the data either.

------
miheermunjal
Seems like we've seen this story before... 1) We don't sell your data 2)
unless you give us permission 3) but to be convenient we will default it on
for you 4) and sell it preemptively to "enhance" your experience 5) but don't
worry someone hacked us and took it for free anyways.

------
hsnewman
Empty promises. I don't believe anything anymore, especially from heads of
organizations. Perhaps if he were to back it with a contract that says if they
do release my data they will pay $x, I'd believe them.

------
ajarmst
For some values of "never", "sell" and "data".

------
IncRnd
The primary issue is that iRobot has your room data in the first place. iRobot
created a design that includes the ability for them to have your data, despite
any costs on their end. Since there is a cost on their end, they created this
system with the intention of benefiting iRobot.

------
zebraflask
Isn't the biggest question here along the lines of:

This is a little novelty device meant for neat freaks and gadgetphiles (no
offense intended) who like the idea of a home robot doing a simple chore like
keeping a floor clean.

Why would it need any kind of data collection at all, beyond - at most - a
minimal set of local (not cloud connected) diagnostics to keep it running?
Even that sounds suspect for a self-propelled vacuum cleaner.

In my opinion, which might seem quite opinionated, there are limits to the
amount of data that needs to be collected to develop a successful product.
Slapping some IoT features on products that don't need to have them just reeks
of excessively clever over-engineering, or, possibly, an ulterior motive.

------
manmal
On a different note, somebody has to traffic dump those Xiaomi Mi Robots. They
are very good at what they are supposed to do, but what if they have to comply
with Chinese agencies by sharing image or other meaningful data?

------
notjustanymike
Great they won't sell it, what about requests from the government?

------
verdverm
[https://www.socialcooling.com](https://www.socialcooling.com) They might not
sell the raw data, but what about derivatives?

------
bassman9000
The only way not to sell my data is not to acquire it in the first place.
Anything else are false promises.

------
Sir_Cmpwn
Why do they even have the data? Collecting it is fine but it has no reason to
leave the robot.

------
AdmiralAsshat
Radio Shack said they would never sell their customers' data, either.

------
randyrand
Id rather they say iRobot does not have the _right_ to sell my data. Why did
they give themselves that right in the first place if they don't plan to use
it ever??

------
jbverschoor
Here's a solution: 1) Promise me to pay $1 for every data point in case of a
data breach 2) Run you software on my hardware. I promise not to sell you
software.

------
ourmandave
How exactly do you agree to the Roomba Terms of Agreement?

------
Animats
How about "iRobot will never upload your data?"

------
mcnamaratw
Send ME your data! I promise I will never sell it!

------
egor598
Riiight, and bees are on strike against the HONEY!

------
ayh
Until Amazon, Google, Facebook, etc. buys them. :)

------
brightball
I'm still waiting for them to build a charging station that can empty the
waste bin while it's charging.

------
MichaelMoser123
Its good news that he regards privacy as an important factor. I wish all
companies would do that...

------
amelius
Meanwhile, an average Android phone stores much more data about the user in
the cloud ...

------
backtoyoujim
Until they hire the CEO from Nest

------
SpikeDad
"We take the privacy of our customers seriously".

------
erkose
Then stop collecting the data.

------
nvr219
what a great headline

------
Prizewinner
This is really reassuring. I can't think of how a company would take advantage
of my house layout, but they always find a way.

~~~
avian
If it's coupled with some Wi-Fi physical layer data (signal strength, etc.), a
big dataset might be useful in making a better model for in-door signal
propagation. Roombas are already quite popular in the research community as a
cheap platform for automatically moving around equipment.

------
mdns33
Data revolution is akin to the atom bomb for privacy.

------
christmm
wait, so me standing up peeing while my Roomba is working, is not a good idea?

