Overview
- Independent analysis published today and subsequent reporting conclude that Kohler’s Dekoda data is encrypted in transit and at rest but is decrypted and processed on company servers.
- Kohler confirmed to the researcher that it can access user data because decryption occurs on its systems to provide the service.
- Kohler’s privacy policy permits creation and sharing of aggregated or de-identified data and includes using such data to train AI and machine-learning models.
- The company says it has technical safeguards and governance controls designed to prevent Kohler Health employees from accessing identifiable images.
- Dekoda, launched in October, attaches to a toilet to capture bowl images for health insights and costs $599 plus a monthly subscription, with the policy noting users can decline certain data uses but some services may not be provided.