How The DMCA And The CFAA Are Preventing People From Saving Their Soon-To-Be-Broken Pebble Watches

from the bad-laws dept

I've made no secret of the fact that I think smartwatches are really wonderful, even as lots of people scoff at the concept (and sales have been disappointing across the board). The first device that clued me in to the possible power of the smartwatch was the original Pebble smartwatch, which I (and many, many others) backed on Kickstarter. I ended up backing their second Kickstarter campaign as well -- but was disappointed in the end product and ended up moving on to another smartwatch instead (the Moto 360, though now it looks like Motorola is dumping that business as well). I didn't end up backing Pebble's latest Kickstarter campaign, which turned out to be a good thing, because as you may have heard, the company announced last week that it had sold its assets to Fitbit, and no more work would be done on Pebble watches (and people who backed the latest project would eventually get refunds, but no watches).

But, things are even worse for those who already do have (and still use) Pebble watches. In the announcement, the company admits that since Pebble watches rely on Pebble servers for certain features, the functionality of the watches may be reduced in the future:
Active Pebble watches will work normally for now. Functionality or service quality may be reduced down the road. We don’t expect to release regular software updates or new Pebble features. Our new mission will focus on bringing Pebble’s unique wearables expertise to future Fitbit products. We’re also working to reduce Pebble's reliance on cloud services, letting all Pebble models stay active long into the future.
Of course, as Cory Doctorow rightly notes, the real problem here is that thanks to stupid laws like the DMCA Section 1201 (barring circumvention of technological protection measures) and the CFAA (barring certain forms of "hacking"), users will have trouble fixing or saving their own watches. It's yet another case of not really owning what you thought you bought... thanks to DRM and bad laws.
The watches are among the many cloud-based Internet-of-Things products that are reliant on the ongoing maintenance of server infrastructure for normal functionality. This problem is exacerbated by the widespread IoT deployment of DRM to lock devices into manufacturer-controlled infrastructure -- thanks to laws like section 1201 of the Digital Millennium Copyright Act, developers who create software to replace cloud functions with alternative/self-hosted servers, or with local computing, face potential jail sentences and millions in fines. Add to that the Computer Fraud and Abuse Act, which has been used to threaten and even jail researchers who improved services but violated their terms of service to do so, and the IoT space is the land of the contingent, soon-to-be-bricked devices
As Cory notes, Pebble should allow their own users to hack their stuff, by releasing source code, schematics and more. Unfortunately, this is unlikely to happen. But it's yet another case of the law getting in the way of something you thought you owned.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cfaa, dmca, hacking, ownership, pebble watches, smartwatches
Companies: fitbit, pebble


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 16 Dec 2016 @ 4:45pm

    Despite the challenges mentioned above, there is a newly formed community for open source pebble development.

    http://rebble.io

    Those that want to tinker should support open source.

    There's an entire OS for smartwatches, AsteroidOS. https://florentrevest.github.io/2016/12/07/asteroidos-alpha

    link to this | view in chronology ]

    • icon
      Machin Shin (profile), 16 Dec 2016 @ 7:14pm

      Re:

      The closed nature of the watches was large part of why I didn't have one. Upon recently finding the AsteroidOS project I ordered a watch to install it on.

      I kind of hope this kind of thing happening more and more often will wake people up and make them realized how bad closed systems are.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 17 Dec 2016 @ 8:43am

        Re: Re:

        "The closed nature of the watches was large part of why I didn't have one."

        That pretty much describes my attitude
        towards all of the "smart" aka "spying"
        devices produced in the last decade.

        For some reason, Silicon Valley VC's hate
        government spying on their users, but
        their own spying is OK. They seem not
        to have heard of the "Third Party
        Doctrine", which gives governments
        any and all information that they have
        collected for their own spying.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 17 Dec 2016 @ 2:19pm

          Re: Re: Re:

          Consumers choose spy devices. They don't have a choice of government.

          link to this | view in chronology ]

          • identicon
            Anonymous Coward, 18 Dec 2016 @ 6:50am

            Re: Re: Re: Re:

            Regarding the choice of owning a device or not ... they might not have that choice to make in the future. Newer vehicles today have black boxes, some of which are supposedly transmitting data. It is not yet illegal (I think) to remove these, how long will that last? I think the car manufacturers should have to inform potential customers about the use of this interface, because it could be compromised and whomever can then possibly cause your car to crash while you are in it. afaik, there is no customer available method to turn off the bluetooth and or wifi.

            link to this | view in chronology ]

            • identicon
              Anonymous Coward, 20 Dec 2016 @ 7:26am

              Re: Re: Re: Re: Re:

              Hmmm... What are the legal ramifications of driving a networked/transmitting car into the National Radio Quiet Zone (NRQZ)?

              link to this | view in chronology ]

        • identicon
          Anonymous Coward, 19 Dec 2016 @ 6:25am

          What about the word "watch" don't you understand?

          "The closed nature of the watches was large part of why I didn't have one."

          "Watch", as in "we're watching you"

          link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2016 @ 5:56pm

    Ken White

    Off topic, but important:
    ”Ken "Popehat" White -- who as a former Assistant US Attorney and current criminal lawyer"
    Many people will agree that most lawyers are criminals. But in this case, Ken is a criminal defense attorney. Steele and friends are criminal attorneys.

    As a criminal defense attorney, people should know that not all of us are criminals.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2016 @ 6:18pm

    Nope, I'm not buying them

    As one who makes a living promoting technology, I would normally be in favor of all these kinds of products, but I won't be buying them until I can have some semblance of control over how, and if, they function. Sadly, I am becoming a bit of a luddite as more and more technology products depend upon the good graces of [somebody] to keep functioning. I don't buy games that rely on some proprietary server somewhere, I don't pay money to subscribe to services that may suddenly fold (Netflix and Prime excludes), and it's apparent that I won't be buying any clever watches either. I'm no technophobe; I am, at heart, a programmer who also spends some time in systems administration and teaches college-level programming classes on occasion. But I won't be 100% dependent on somebody else's goodwill to continue to provide some sort of service that my purchased product requires.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 16 Dec 2016 @ 6:42pm

      Re: Nope, I'm not buying them

      You're probably on the right track. If their products quit selling, they'll look to change their business models.

      link to this | view in chronology ]

      • icon
        orbitalinsertion (profile), 16 Dec 2016 @ 6:55pm

        Re: Re: Nope, I'm not buying them

        It's not even that. Plenty of this sold -as-a-service, when they hardly need to be dependent on the service part in the first place, are built and sold that way with control and planned obsolescence in mind in the first place. Others simply move on to "improved" products or sell out without a care for the fans and customers who made them possible in the first place. Too much runs over the internet and on remote servers for absolutely no reason at all other than this kind of control, and sheer laziness.

        Failures are more understandable, but surely one could maintain the remote support necessary rather cheaply, move all functionality to the devices or local servers, and more directly relevant to the claims of the article title: Remove any restrictions on user self-support that never should have been there in the first place. The DMCA and CFAA are completely irrelevant if the vendor isn't a dick.

        link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Dec 2016 @ 6:18am

      Re: Nope, I'm not buying them

      "I am becoming a bit of a luddite"

      I do not consider good consumer practices to be anything near "luddite".

      Just because some new shiny gadget is on the market and I'm not buying it does not make me a luddite. There are plenty of good reasons to avoid any product(s) out there and certainly do not feel the need to justify decisions.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 16 Dec 2016 @ 9:20pm

    However, the DMCA only applies if you do for financial gain. So creating your own workaround, for your own personal use, is not a crime, because you have not done it for financial gain.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 17 Dec 2016 @ 1:00am

      Re:

      The same can be said about filesharing but that is the original reason the DMCA was created!

      link to this | view in chronology ]

    • icon
      orbitalinsertion (profile), 17 Dec 2016 @ 11:05am

      Re:

      No, rooting iPhones, for example, is "illegal" unless the LoC happens to say it is ok at the moment. The same for pen and bug testing various things, including cars, where the intent wasn't even to patch vulns or add free code. These activities can and have been attacked using the DMCA, even when there is zero commercial purpose or even an offering of free to use and modify alternate code. Hell, even if there wasn't a public disclosure yet.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Dec 2016 @ 4:49am

        Re: Re:

        But the felony criminal penalties only apply if you do it for financial gain. Civil penalties may apply to such tinkerers, but you cannot be put in jail until you done it for financial gain.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 19 Dec 2016 @ 8:43am

          Re: Re: Re:

          Due to the difficulty of even finding someone who jailbroke their device, if they catch you, they will want to make an example of you and throw the whole book at you. You would be guilty till proven innocent. You would be forced to either take a plea bargain or spend years fighting it while putting your deeper in debt until they locked you up.

          link to this | view in chronology ]

      • identicon
        Anonymous Coward, 19 Dec 2016 @ 4:49am

        Re: Re:

        But the felony criminal penalties only apply if you do it for financial gain. Civil penalties may apply to such tinkerers, but you cannot be put in jail until you done it for financial gain.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Dec 2016 @ 9:56am

    Does 1201 apply?

    The article suggests 1201 may apply but doesn't give enough detail to justify it. Do these watches have any "technical protection mechanisms" that prevent OS replacement?

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.