Print this page
Published in IoT

Kohler’s toilet tech fumbles its privacy pitch

by on05 December 2025
Kohler’s toilet tech fumbles its privacy pitch


Dekota’s “end-to-end encryption” turns out to be flash in the pan

Kohler has built a gadget that stares into your toilet bowl, yet somehow decided the smartest move was to flush the meaning of end-to-end encryption straight down the U-bend.

Dekota arrived in October as a $600 rim-mounted loo spy with a monthly subscription. It snaps pictures, collects data on gut health and hydration, and promises users that their most delicate moments are kept safe with “end-to-end encryption”.

The company splashes that phrase across its Health homepage, app page, and support pages while media outlets repeated it as if it were gospel rather than a load of poo.

The problem is that the claim crumbles the moment you ask how a toilet attachment with no user-to-user communication could support genuine E2EE. End-to-end encryption typically means only the sender and the chosen recipient can see the data, keeping even the developer locked out. Messaging tools like WhatsApp, iMessage and Signal do it properly, so no one can peek while you are otherwise occupied.

Kohler’s version is more of a privacy skid mark. Emails to its privacy contact confirmed that the mysterious second “end” in its end-to-end setup is simply Kohler itself.

The company said: “User data is encrypted at rest, when it’s stored on the user's mobile phone, toilet attachment, and on our systems. Data in transit is also encrypted end to end, as it travels between the user's devices and our systems, where it is decrypted and processed to provide our service.”

The firm added: “We have designed our systems and processes to protect identifiable images from access by Kohler Health employees through a combination of data encryption, technical safeguards, and governance controls,” it said.

Writing in his blog, security expert Simon Fondrie-Teitler said that what Kohler calls E2EE is basic HTTPS between the app and its servers, plus encryption at rest, something every half-competent developer has used for about two decades. It is not client-side encryption, which would at least stop Kohler rummaging through your data like a plumber checking a blockage.

Once you know Kohler can decrypt everything, the next question is how it plans to use it. The hints are not subtle. The company said, “Our algorithms are trained on de-identified data only.” New users are asked to allow Kohler to “research, develop, and improve its products and technology, and to de-identify [the user’s] data for lawful purposes.”

The privacy policy goes further. It says data may be used “To create aggregated, de-identified and/or anonymised data, which we may use and share with third parties for our lawful business purposes, including to analyse and improve the Kohler Health Platform and our other products and services, to promote our business, and to train our AI and machine learning models.”

The upshot is a toilet attachment pitched as a privacy fortress yet still capable of letting the manufacturer sift through your bowl data for AI training. Anyone hoping for airtight protection may find the company’s promise is less watertight and more like a leaky cistern.

Last modified on 05 December 2025
Rate this item
(0 votes)
Tagged under