Overview
- Technologist Simon Fondrie-Teitler analyzed the Kohler Health app and traffic and reported no indication of true end‑to‑end encryption being established.
- In a statement to PCWorld, Kohler said it encrypts data in transit between users and Kohler Health and then decrypts it on its systems to process and improve the service, with sensitive data also encrypted at rest.
- Kohler’s marketing and privacy pages describe user information as “end‑to‑end encrypted,” a usage critics say conflicts with the common meaning of E2EE in which a provider cannot access plaintext data.
- Kohler says users can optionally consent to have de‑identified data used to train the AI behind the product, and the company says this consent box in the app is not pre‑checked.
- The $600 Dekoda device, which requires a monthly subscription starting at $6.99, continues to face scrutiny from outlets including 404 Media and Daring Fireball, with calls for technical documentation to substantiate security claims.