Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Privacy

America's Favorite Door-Locking App Has a Data Privacy Problem (medium.com) 87

An anonymous reader shares a report: Latch is on a mission to digitize the front door, offering apartment entry systems that forgo traditional keys in favor of being able to unlock entries with a smartphone. The company touts convenience -- who wants to fiddle with a metal key? -- and has a partnership with UPS, so you can get packages delivered inside your lobby without a doorman. But while it may keep homes private and secure, the same can't be said about tenants' personal data.

Latch -- which has raised $96 million in venture capital funding since launching in 2014, including $70 million in its Series B last year -- offers three products. Two are entry systems for specific units, and one is for lobbies and other common areas like elevators and garages. The company claims one in 10 new apartment buildings in the U.S. is being built with its products, with leading real estate developers like Brookfield and Alliance Residential now installing them across the country.

Experts say they're concerned about the app's privacy policy, which allows Latch to collect, store, and share sensitive personally identifiable information (PII) with its partners and, in some cases, landlords. And while Latch is far from the only tech company with questionable data practices, it's harder for a tenant to decouple from their building's door than, say, Instagram: If your landlord installs a product like the keyhole-free Latch R, you're stuck. The issue of tenant consent is currently coming to a head in New York City, where residents of a Manhattan building are suing their landlord in part over privacy concerns related to the app.

This discussion has been archived. No new comments can be posted.

America's Favorite Door-Locking App Has a Data Privacy Problem

Comments Filter:
  • Here's a video by a locksmith demonstrate it

    https://www.youtube.com/watch?... [youtube.com]

    • by Anonymous Coward

      I'm sorry, but Kwikset =/= Latch. Thanks for playing though. Call in again soon!

  • Oh hell no (Score:5, Interesting)

    by cmdr_klarg ( 629569 ) on Thursday May 02, 2019 @04:14PM (#58529958)

    How is fiddling with a cell phone to unlock my house more convenient than the old fashioned way? To let a delivery person into my house? Nope.

    I'll keep fiddling with my keys, thank you.

    • If there is some kind of blue tooth device in the door lock, the phone could connect to it before you reach the door and you would just enter. Be like the keyfobs for cars that you leave in your pocket the whole time. You just walk up and open the door, press start and go. When you walk away the car locks. It's about 5 feet.

      You still have your metal key for backup but it's pretty nice never fishing for keys. I'm tempted to do some research and build this myself for my own front door. Definitely putting it i

    • by AmiMoJo ( 196126 )

      The idea is that it unlocks the door when you get near it with your phone. The phone notices it has connected to your home wifi or uses location services.

      Just make sure that if someone steals your phone they don't know where you live, or they won't even have to break in...

    • How is fiddling with a cell phone to unlock my house more convenient than the old fashioned way?

      You haven't noticed that most people have their phone out all the time?

      • by skids ( 119237 )

        I'm sure this will drive up phone sales, in that many more phones will be dropped while simultaneously manhandling a bag of groceries.

        Not that metal keys are awesome, but if you want to make a NFC or proximity lock, give me a separate fob which I can drop on the floor and step on with no worries.

    • ... a partnership with UPS, so you can get packages delivered inside your lobby without a doorman.

      But while it may keep homes private and secure

      I don't think those two statements can be equally true in this universe.

  • by Nkwe ( 604125 ) on Thursday May 02, 2019 @04:22PM (#58530022)
    Mechanical locks need no power or network. If power or network is not available I still want to be able to get in (and be able to lock the door so no one else can get in.) Mechanical locks need physical access to change the key, so they are not likely to get changed on accident. One data glitch or administrative mistake by someone in some other city, and I can't get in. I strongly prefer a mechanical lock with a physical key over an electronic one.
    • by Anonymous Coward

      Not to mention that time you're running back home to use the toilet but you have to update the lock firmware before you can open the door.

    • by Anonymous Coward

      Given everything else that's wrong and stupid with these products, I'm willing to bet that they fail open after a power/network loss. ;)

      • by Anonymous Coward

        Well you wouldn't want to be locked in the home. What if you lost power because there is a fire and you need to get out of dodge fast? Fail to open is definitely safer then fail to lock.

        Sure, I get it. If a thief disables the power, the door is wide open. Clearly not good, but then the common thug isn't even capable of disabling the power to your structure. Someone with more knowledge of power and electricity could very likely bypass the door lock anyway.

        • Who would buy a product that you can't unlock physically from the inside? The national fire code council and every fire department would publicly denounce such a product that failed to let you unlock (from within) a residential door during a fire or power outage.
    • by AHuxley ( 892839 )
      Mechanical locks dont show a random person who was trying to get into a home.
      What they look like, the time they attempted to get in and what method they tried to use.
      • Why in the world would you want your door lock to do that? That's what security cameras are for.

    • by AmiMoJo ( 196126 )

      It's like keyless entry for your car. You are supposed to keep a physical key available in case it doesn't work... Of course with the car the key is built in to the fob, with these things you have to carry both your phone and a separate key to be sure of being able to get back in.

      The bigger issue is that it can be unlocked over the internet. Historically that has not been very secure.

  • hiding a spare key under a doormat or in a fake rock.

    I can see the interest in door cams, considering delivery thefts, and people knocking on your door in the middle of the night, but door locks?

    Sounds like another solution waiting for a problem to solve.

    And even better, when the new version comes out, and your old lock is "no longer supported, or the app gets rejected from the app store, where are you then?

    • In the old days, people would have a designated box outside (or even next to the door of) their house, one that would require a key to open (but not get entry inside). It worked fine. For centuries.

      You give the delivery service one of the keys.

      This was used for: ice delivery, milk delivery, newspaper delivery.

      Some versions had a one-time-only settting. After you emptied it, the action of resetting the key would allow one use to deposit something inside, automatically locking it after. The best part was fin

  • If they go bankrupt (Score:5, Interesting)

    by WillAffleckUW ( 858324 ) on Thursday May 02, 2019 @04:32PM (#58530100) Homepage Journal

    The privacy information will be sold to a third party, in the event the firm goes bankrupt. Who can then do anything they want with it.

    Source: multiple court decisions over the last two decades.

  • Yet again.
    We do not need this nor do we want this! Dumb idea.
    If anything I'd want more secure mechanical locks, locks that can't be picked easily or at all, not adding extra attack vectors.
    That's not even touching on the privacy concerns: now we'll have some shitty corporation logging when we enter and leave our own homes, too? Fuck that!
    STOP SURVEILLING US IN OUR HOMES, DAMNIT!
    • Speak for yourself. In larger buildings like offices or rental properties, key management can be a pain in the rear. It’s nice to be able to revoke keys instead of having to replace locks (and issue new keys to everyone) if a tenant loses their key to the front door.

      With that said, you’ll definitely want a system that doesn’t gather data and works offline.
  • I'm willing to bet the people that would use this are the same fucking morons that went out to buy a "smart" speaker. Go ahead and connect your door lock to the internet, you get what you deserve if you're that fucking dumb
    • If you're paranoid about a "smart" speaker, I've got some bad news for you involving an always on, networked, portable, listening device that's been installed in your pocket for years
  • People all over the USA will see and understand more about who is trying to enter their homes?
    A company will have data sets on who attempts to enter a home to do crime?
    Do the new stats track with what the FBI has found for decades and decades about who does crime and in what parts of the USA?
    Thats not a privacy problem. Thats selling product the will secure a home from criminals and allowing people to better understand who is doing crime.

    People trying to get into a home to do crime should be detected
  • There are already several paid apps that will open these locks. They are not secure in any form. The data issue is just the icing on the cake.
  • by fluke11 ( 1160111 ) on Friday May 03, 2019 @12:40AM (#58531740)
    It looks like previous versions of the Android app from Latch makes use of Mixpanel [mixpanel.com], Fabric [fabric.io] and Branch [branch.io] to do such things as:
    • Analyze user behavior across your sites and apps.
    • Deeply analyze behavior
    • Uncover behaviors that correlate with healthy and unhealthy users
    • Capture every customer touchpoint across any channel, platform, and OS

    I see now why Latch CEO Luke Schoenfelder declined to be interviewed. This seems really creepy things to be doing in an app that should simply unlock a door. I am almost 100% confident that Latch will never open source their Android application to increase transparency for security and privacy despite that being key features you would want out of this type of application.

Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Working...