At the beginning of the current year, home appliance manufacturer Kohler introduced a smart camera, named Dekoda, designed to connect to a toilet. This device captures images of the toilet’s contents and then performs an analysis of those images to offer insights into the user’s digestive health.

Recognizing potential concerns regarding user privacy, Kohler stated on its official website that the Dekoda’s sensors are directed solely downward into the toilet bowl. The company also asserted that all collected data is protected through what they describe as “end-to-end encryption.”

However, security expert Simon Fondrie-Teitler identified an inaccuracy in Kohler’s use of this term in a blog post published on Tuesday.

A review of Kohler’s privacy documentation reveals that the company is actually referencing the encryption method used to safeguard data while it is being transmitted across the internet – commonly known as TLS encryption, and the same technology that secures HTTPS websites.

Employing precise terminology is crucial, particularly when addressing user privacy. Misusing the phrase “end-to-end encryption” – a standard feature in messaging applications like iMessage, Signal, and WhatsApp – to represent TLS encryption is inaccurate and could mislead users into believing Kohler is unable to view the images captured by the camera.

A Kohler representative did not provide a response to inquiries from TechCrunch. However, a company “privacy contact” informed Fondrie-Teitler that user data is “encrypted when stored on the user’s mobile phone, the toilet attachment itself, and on our servers.” The company further explained that “data during transmission is also encrypted end-to-end, as it moves between the user’s devices and our systems, where it is then decrypted and processed to deliver our service.”

The security researcher also noted that, because Kohler has access to customer data on its servers, it is conceivable that the company is utilizing customers’ toilet images to develop artificial intelligence. According to a response from the company representative, Kohler’s “algorithms are trained using only data that has been anonymized.”

The Dekoda is priced at $599, in addition to a required subscription fee of at least $6.99 each month.

Sponsored: Experience AWS re:Invent 2025 in Real-Time

Discover the newest advancements across areas like innovative AI agents, foundational cloud technologies, data protection strategies, and a wide range of other topics at Amazon Web Services’ premier annual conference held in Las Vegas. This broadcast is presented with support from AWS.