Leviton ToS Change

possiblylinux127 , 3 months ago

The problem with all Home tech I've scene you control none of it. Only when you get a full copy of the source code which you are allowed to control and modify to your hearts content will I even consider one of these devices.

KairuByte , 3 months ago

While not quite “copy of source code” there are many, many zigbee/zwave devices that literally do not have the capability to phone home. They work fully within their respective networks and only talk to each other/the hub.

Now, the hub can phone home. But that’s when you use something like Home Assistant, which is open source.

possiblylinux127 , 3 months ago

The fact that they can't connect to the internet is no consequence to me and could even be considered a inconvenience. I want something that I can control the entire system. I should be able flash my own software based on the original code.

jkrtn , 3 months ago

That's the ideal, but it's difficult to do that with every single machine. Like even with a computer not every motherboard can be flashed with Coreboot. The closest you can get right now is probably building devices with the ESP32 chips.

possiblylinux127 , 3 months ago

You also can use ARM boards

Decronym Bot , 3 months ago (edited 3 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters	More Letters
Git	Popular version control system, primarily for code
HA	Home Assistant automation software
~	High Availability
IP	Internet Protocol

---

3 acronyms in this thread; the most compressed thread commented on today has 14 acronyms.

[Thread #599 for this sub, first seen 13th Mar 2024, 01:55]
[FAQ] [Full list] [Contact] [Source code]

phrogpilot73 , 3 months ago

I use some of their switches using Home Assistant's Homekit integration. Set them up on wifi in their app, add to HA, then block internet access in my router's firewall. Kind of the best of both worlds at that point.

avidamoeba , 3 months ago

It's why I only buy their ZigBee/Z-Wave devices. Safer than any WiFi-connected alternative.

BCsven , 3 months ago

This is why I buy TpLink Kasa switches and plugs and use the hs100 code on github to activate them only to local server, so they never phone home to tplink servers.

https://github.com/jkbenaim/hs100

wreckedcarzz , 3 months ago

Does that work for devices not listed? I've got 2 KP125 and a few other things. It works fine but would be nice to decouple.

BCsven , 3 months ago

It does work for many not listed, but no guarantees from the dev. And there are some sold where the firmware version blocks this path. But I have had success with six separate plugs and a dimmer. None were listed in the supported product numbers

wreckedcarzz , 3 months ago

This also looks promising https://github.com/python-kasa/python-kasa

altima_neo , 3 months ago

Oh interesting. I have a few kasa items

Unyieldingly , 3 months ago

I been using TP-Link Matter junk with Home Assistant.

BCsven , 3 months ago

Im using homeassistant also, just used the git code to change their built in server lookup, and associate them to wifi

BearOfaTime , 3 months ago

Did you really expect them to not collect your usage patterns?

I'm not defending them, I'm saying stop supporting these companies.

I have exactly zero of these automation devices in my house. Wait, that's a lie, I have one, a temp monitoring device for a freezer - and only because I needed it in a hurry.

I'm currently working on self-hosted solutions with no web-based account.

Simply don't use these automation devices, it's very clear they collect your data - why else would they host a web service for it for free, when it could just was easily be self-hosted today.

archomrade OP , 3 months ago

Couple things:

• Most people aren't aware of these terms when purchasing, installing, or acquiring a home with these products. Removing and replacing devices throughout a home is expensive and time consuming, and they assume (rightfully) that most people won't go to the trouble
• Even if you are aware of products that may require internet access or poll home to work, it's still difficult not to end up with them in your house anyway. Try buying a tv or bluetooth speaker without smart features today - it's not as easy as it should be. And there's no guarantee that even locally hosted products will stay air-gapped in the future. Why should we normalize the practice now?
• most of these products start out as cheap and noninvasive options when they hit the market, and switch their ToS and brick their products through firmware updates without internet connections (e.g. Hue bulbs)

That said: of course i advocate against these brands. I have several zigbee dimmer switches ready to swap out with leviton already. But that doesn't mean this information shouldn't be widely circulated when it surfaces, so that other people know the landscape better when they go to purchase.

sue_her_birds , 3 months ago

Hue Bulbs are zigbee. They weren’t bricked. You can use them with any zigbee adapter plugged into home assistant, hubitat, etc. I believe you are thinking of the hue hub that began requiring a hue account for “security reasons”

BCsven , 3 months ago

I found this on github to activate tplink kasa plugs and switches to a local IP and never phone home. It swaps the internal server lookup, and allows you to Activate to your wifi SSID with no app
https://github.com/jkbenaim/hs100

deegeese , 3 months ago

I use Lutron Caseta which has a local hub and no cloud control. It’s the same company and I didn’t get that notice.

Wonder what’s different about the Decora switches?

chiisana , 3 months ago (edited 3 months ago)

Are Lutron and Leviton the same company? I’ve always wondered but never found any definitive confirmation one way or another.

Edit: see, two replies, two answers… shrouded in mystery haha

solidgrue , 3 months ago

They're like the Lincoln & Ford (or Acura & Honda, if you prefer a less ambiguous simile) of the electrical components world

i_am_not_a_robot , 3 months ago

They're competitors.

chiisana , 3 months ago

Seems to be more on the web side of things for affiliate marketing, not necessarily light switch usage patterns? At least the pasted/quoted bit doesn’t suggest that it’d cover interactions with the devices.

archomrade OP , 3 months ago

It's any of their products that utilize their app or web servers to work. Here's their ToS, and below is a snippet:

Automated Processes and Artificial Intelligence
This mobile app may use automated processes and artificial intelligence (AI) to provide you with
personalized features and recommendations. We collect and process your data, such as your
preferences, behavior, and feedback, to improve our app and deliver better services to you. We
respect your privacy and we are committed to protecting your personal information. You can
review our full privacy policy here: https://my.leviton.com/home/privacy. By using this app, you
consent to our use of AI and data processing as described in our privacy policy.

And their privacy policy:

2. INFORMATION WE COLLECT AND HOW WE USE IT

Leviton collects information you provide as users who access the App, register for accounts, use the App, or request information as well as data from Leviton Product(s) once it is registered with a valid account on the App. Information is collected on an ongoing basis and when you access information using the App, which then accesses one or more Leviton or third-party servers. Leviton works with third party analytics companies (such as Adobe Analytics) to aid and improve the App’s functionality, and who may use technology to automatically collect the types of data listed below. Such data may be collected, analyzed and used for the following purposes: i) to enable you to access and use the App and connected Leviton Products and services,(i.e. account registration and management) ii) to operate and optimize the App and the user experience, iii) to send administrative information to you (i.e. updates to this policy), iv) to identify usage trends and to evaluate and create improved and more advanced features for the Apps and connected Leviton Products and services, v) to tailor marketing efforts and the like vi) to protect our App, Leviton Products, and Services, and/or vii) to comply with legal or regulatory requirements. Your information may be shared with third parties, such as service providers, in limited circumstances, as described below.

User Data. Set-up information you provide, including email address, name, address or coordinates (the location of your Leviton Products). Biometric data, such as images, may be collected if videos or images are provided to Leviton, i.e. as required for customer service support. Usernames, phone numbers, contact preferences and authentication data.
Usage Details. When you access and use the App, certain details of your access to and use of the App, including the resources that you access and use on or through the App may be automatically collected, including: direct adjustments to the Leviton products using the App, technical information from the Leviton products (to improve your experience over time and help troubleshoot issues), electricity usage, capacity, and power information (every time a Leviton Product is turned on or off, the App records the time and duration to offer features in usage history), current status of the Leviton Product, and usage schedules, among other related data necessary for the functionality of the device.
Mobile Device Information. We may collect information about the mobile device from which you access the App, including the device's unique device identifier, IP address, operating system, browser type, mobile network information, the device's telephone number, in addition to the internet connection. Additionally, as needed from time to time, we may request access to certain features from your mobile device, including the microphone, camera, etc.
Location Information. This App does not collect real-time information about the location of your mobile device, but it does collect environmental data (such as user location and Bluetooth-enabled device location) that supports certain Leviton Product features, e.g. Astronomical Clock) from the Leviton Products that are used with the App in real-time.
App Usage. We collect the frequency of the App usage, frequency of individual features of the Leviton Products usage, and how features of the App and the related Leviton Products are used.
Partner Data. Some of your information or data provided to third-party products and services that interface with the Leviton Products may also be provided to Leviton. We may also obtain information about you from joint partners, public databases and other third-parties.
Web Server Logs. When you visit our App, we may track information through web server logs to better administer the App and analyze its usage. Examples of information we may track include but is not limited to your Internet Protocol address, the type of browser or mobile device you use, the number of links you click within the App, the geographical location from which you accessed the App, the date and time of your visit, and the name of your Internet service provider.

and section 3:

Leviton may share data with third party vendors, service providers, contractors, or agents. These may include affiliate marketing programs, cloud computing services, data analytics services, data storage service providers, performance monitoring and testing tools, web hosting service providers, and product engineering and design tools.

chiisana , 3 months ago

Cool. So don’t use their app. I’d imagine HomeAssistant usage cannot be tracked as it wouldn’t go through their app.

FWIW, I’m all in on HomeKit, so I only control over Home app for my light switches from another vendor, and I’ve got no skin in the game with Leviton, but same idea applies. No vendor apps means their app based tracking are much less relevant.

archomrade OP , 3 months ago

These devices are home-polling, which means commands/info is managed through WAN and their home servers.

Even if you don't use their app, it still uses their servers.

FWIW, i also use home assistant. But some of the devices I have were not choices I made, so it's a slow trudge replacing them all with locally-managed devices.

chiisana , 3 months ago

Can’t wait for Matter and Thread become more mainstream. Local first (and device level egress blocked by VLAN) for the win.

sue_her_birds , 3 months ago

You can use these devices with HomeKit and firewall then off from the internet so they can no longer phone home. I have mine brought into home assistant with the HomeKit controller integration and it’s on a WiFi network with no connection to the outside world. The downside is that it can’t receive a firmware update.