As the software running the internet of things gets more and more complex, it won’t even require hardware failure to render our future cars, refrigerators or toasters obsolete.
It doesn’t have to be about deliberately bricking your device by software after the warranty is over. On the hardware side, if engineers are told to make something last three years of normal use, they’ll do just that and just use enough material to wear down over that period.
Software, however, can’t really “wear down”. It’ll just be the same software after five years.
But that’s the problem. The requirements change. The environment changes. Hackers will learn about the software’s weaknesses. Systems can only be kept safe, when they’re continuously updated, filling security holes. This way, devices that don’t get security updates anymore can be considered obsolete. For a premium smartphone these days, this can be as low as five years. For an entry-level one, even less than a year.
Also, compatibility with current infrastructure is a problem. If you bought a Telephone in the 70s, it worked for decades. If you buy a Skype phone now, it’ll be unusable after a few years. Not because it physically breaks and not because someone deliberately programmed it to stop working, but simply because it’s not compatible anymore and doesn’t get any more updates.
What’s the solution if the manufacturer doesn’t want to support your product anymore? On the hardware side, there are already movements to grant consumers a “right to repair”, forcing manufacturers of electronic devices to sell replacement parts and provide repair manuals to the public. But in the future, hardware issues won’t be the primary reason something stops working.
Customers need to have a right to fix the software on their devices. It’s paradox that, on one side, manufacturers try to prevent people from “hacking” their devices, trying to outlaw custom firmware, but on the other side, don’t help them when there’s a compatibility problem with the software.
There are many cars on the road that were built 20 years ago. But will a car you buy now get software updates for the next 20 years?
The market only self-regulates within boundaries that directly affect the market in the foreseeable future.
One could argue that regulations are not required, as consumers are free to choose products that come with long-term support. The problem is, however, that the offers on the consumer device market get updated faster than one could examine the actual longevity of these products. Before anyone could test if a device is still functional after three years, it’ll be replaced. In addition, there’s no way to assure that the company will still exist, even if they pledged to provide support.
So here’s a radical approach: to get approval to sell any electronic device requiring a custom software, the manufacturer should “deposit” the full source code and documentation with the government. The source code will stay undisclosed to the public.
However, once the manufacturer doesn’t publish critical updates necessary to ensure the functionality of the device (security, compatibility updates or bugfixes) for a period of, say, three months after notice, the source code will automatically be released to the public.
I’m not trying to take away the intellectual property rights of companies for their source code.
However, here’s my premise: if the software is no longer updated, it can be considered obsolete. If it’s obsolete, where’s the harm in publishing the source code?
One concern of corporate lawyers might be that their company wouldn’t even be allowed to publish the source code if they wanted to, for legal/licensing reasons. But here’s the thing: the law can override that and terms not allowing the publishing of source code could be outlawed.
You might say, it will harm the competitive power of the market. But if the proposed procedure becomes standard, it might even increase product quality through competition, because if companies don’t want their code to become public, they’ll have to support it longer. Companies that already provide better and longer support than the competition would also benefit from this change, as they don’t have to adapt their business model too much.
The whole thing would work similar to trademark law where trademarks expire if they’re not used or renewed for a given time or copyright law where things become public domain after a certain time.