nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Rejecting Sonos' private data slurp basically bricks bloke's boombox

El Reg comes to the rescue of reader unable to control gear from smartphone

By Thomas Claburn, 11 Oct 2017

In August, when wireless speaker maker Sonos decided to update its privacy policy to allow it to gather more data on its customers from their devices, it characterized the consequences of refusing to accept the change as being left out of future feature upgrades.

Sonos' policy change, outlined by chief legal officer Craig Shelburne, allows the gizmo manufacturer to slurp personal information about each owner, such as email addresses and locations, and system telemetry – collectively referred to as functional data – in order to implement third-party services, specifically voice control through Amazon's Alexa software, and for its own internal use.

"If you choose not to provide the functional data, you won't be able to receive software updates," a Sonos spokesperson explained at the time. "It's not like if you don't accept it, we'd be shutting down your device or intentionally bricking it."

A handful of customers, however, have managed to brick their Sonos speakers by refusing to accept the data harvesting terms accompanying version 7.4+ of the firmware and then subsequently updating their Sonos mobile app to a version out of sync with their legacy firmware.

Sonos_Amazon_Echo_

Sonos will deny updates to those who snub rewritten privacy terms

READ MORE

In an email to The Register, a reader by the name of Dave wrote: "You should know that in the latest update it is now impossible to use the player without updating, effectively bricking my three devices. Numerous attempts to contact Sonos have met with silence on the issue, and the phone number in the app for support is no longer valid."

The Register prodded a Sonos spokesperson, who reiterated that Sonos is not bricking the devices of privacy policy refuseniks.

However, the spinner acknowledged that a few people who have updated their apps, manually or through automatic updates, have ended up with software on their handsets that isn't compatible with their firmware – which did not update because they would not accept the privacy policy change.

"On the Sonos system when the firmware and the app software get out of sync, the system goes into limited compatibility mode," a company spokesperson said in an emailed statement. "A handful of owners who have chosen to not acknowledge the new privacy statement but who have nevertheless updated their apps are experiencing this condition. We did not intend for these owners to get in this state, and Sonos has a solution for this problem. We recommend anyone affected by this particular situation reach out to Sonos customer care."

The biz is aware of three customers who have been affected thus, Sonos' spokesperson said.

Refund

After The Register put Dave in touch with Sonos, we learned that the gizmo maker intends to offer him a full refund if he remains intent on rejecting the privacy change. Sonos' spokesperson clarified that the company isn't offering a refund to all privacy policy holdouts. Rather the audio gear biz intends to work with affected customers on a case-by-case basis.

We've also been told that an app update is planned by the end of the week that will prevent firmware and software versions from getting out of sync and creating this situation in the first place.

Despite the improved outcome, Dave remained dissatisfied with Sonos' handling of the situation.

"I'm deeply disappointed at their arrogance that they feel free to cut support for those of us who won't blindly accept new contract terms whenever they see fit," he said. "Whether I'm happy with the new terms or not is irrelevant to this issue. I might have considered accepting them had they not been forced in this way."

Dave also expressed concern that Sonos feels it's acceptable to keep personal data unnecessarily.

"Most of all, as a fairly senior technical person, I cannot fathom their requirement to keep my IP address on file for a device which offers no push functionality whatsoever. This is pure Big Brother at its best and needs to either be justified or stopped," our reader said. "I'd suggest that Sonos users monitor and firewall these devices in future. I'm probably going back to a traditional setup with buttons, stereo speakers, and wires. The sound was better, control better, and it still works after 20 years, without ever even needing any kind of agreement in place." ®

The Register - Independent news and views for the tech community. Part of Situation Publishing