September 27, 2016
The Recycler first reported on the firmware update two weeks ago, and reported further complaints from the industry and consumers, with the OEM’s EU helpdesk claiming that it was “working on a solution” last week. The OEM told The Recycler at the start of last week that the printers affected “will continue to work with refilled or remanufactured cartridges with an Original HP security chip”.
Now, US firm Heninger Garrison Davis LLC has filed a lawsuit “alleging that HP printers had a preset failure date for non-HP ink cartridges”, and claiming that “HP intentionally sabotaged printers using non-HP ink”. The firm alleges that the OEM “violated consumer protection laws and US antitirust laws”, highlighting HP Inc’s statement that the firmware update was undertaken to “protect HP’s innovations and intellectual property”.
The firm also notes that “in addition to the harm to the end-user consumer, HP’s sabotage of non-HP ink cartridges is causing significant economic harm to companies that sell generic printer ink. Consumers are returning generic printer cartridge products designed for HP printers and all the generic product designed for HP on the shelves is worthless”. It concludes by offering affected consumers help with building a case against the OEM.
In turn, consumer activist group the Electronic Frontier Foundation (EFF) wrote an open letter to HP Inc CEO Dion Weisler, noting its alarm at the firmware update, the EFF’s Cory Doctorow noting that “you must be aware that this decision has shocked and angered your customers”. Doctorow then set concerns “and the steps HP must take to begin to repair the damage it has done to its reputation and the public’s trust”.
The first is that the OEM “deprived its customers of a useful, legitimate feature”, in that they “should be able to use the ink of their choosing”, or choose “HP ink because it is the best, not because their printer won’t work with a competitor’s brand”. Second is that it “abused its security update mechanism to trick its customers”, introducing “doubt into the patch process” and giving consumers a reason to “mistrust your updates”.
Third was that the feature was a “bait-and-switch”, not being activated until this month, and meaning HP Inc “knew, for at least six months, that some of its customers” would be affected. Finally, it highlighted a “keep out” sign for researchers amid its use of the Digital Millennium Copyright Act (DMCA), used before by Lexmark against Static Control, which could see “severe punishments” given to researchers that “test security vulnerabilities”.
The letter sets out five things the OEM should do, including: “apologise to your customers, and restore the original functionality of their printers”; “publicly commit that you will never again use your software update process to distribute anti-features that work against your customers’ interests”; and “publicly commit that the effects of any software updates will be fully disclosed”.
The last two points included that the OEM should “prominently disclose any capability or plan to remove features from devices in your sales literature, so customers know what they’re getting before they buy”, and “promise to never invoke” the DMCA “against security researchers or competitors who make legitimate aftermarket products”.
Aftermarket companies have already responded to the update by noting their products still work after the update, including Static Control, 3T Supplies’ Peach division, LD Products, Pelikan and Cartridge People.
Categories : Around the Industry