Our environment is increasingly populated by devices connected to the Internet, from computers and mobile phones to sound systems and TVs to fridges, kettles, toys, or domestic alarms. There has been research into the negative safety and privacy impacts of inadequate security provided by the software in such devices (such as the creation of large scale botnets). This is also the case with outdated security, a risk enabled by software support periods that are shorter than a product’s usable life cycle and an industry focused on selling its future products. Additionally, this common practice contributes to the growing pile of global electronic waste and damages our environment.
Introduction and problem
The global generation of electrical and electronic waste (e-waste) is growing exponentially. Every year more and more consumers buy new devices, or replace their malfunctioning, broken or out-of-date phones, computers, TVs and other electronics, generating e-waste at a huge scale – an increase of 2.5 million metric tons (Mt) on average every year globally.
Around the world, people generated some 53 million tons of e-waste in 2019, projected to grow to a staggering 74.7 million tons by 2030. Recycling cannot keep up, even where infrastructures are developed: only 17.4% of 2019’s global e-waste was collected and recycled formally. In fact, much of e-waste is exported illegally from high income to lower income countries or is mixed up with other waste. It ends up improperly disposed of in landfills where toxins common in electronics like lead, mercury and cadmium can leach out and contaminate surrounding soils and groundwater.
Although it has the highest collection and recycling rate in the world, at 42.5% of total waste, Europe ranks first worldwide in terms of e-waste generation per capita (16.2 kg), so its mandated recycling schemes, however efficient, simply cannot keep up with the rate of new e-waste generation which is fuelled not just by increased consumption, but also by in-built short life cycles of devices (so called ‘planned obsolescence’) and few repair options.
In the face of this problem, consumers and environmental organisations, and movements such as the Right to Repair, demand that manufacturers are mandated to improve device sustainability and to tackle this acute environmental threat. And there is increased realisation amongst policy makers and legislators, that such measures cannot be left to producer initiatives and voluntary codes or guidelines alone, but must be tackled by adopting legally binding measures, developed holistically and cooperatively, given that this is a global problem.
What is Hardware and Software
Modern electronic devices require two main parts to function: the hardware and the software. The hardware usually refers to physical electronic pieces inside a device (usually a collection of microchips, logic gates and specialised processing chips, such as those to process radio waves for communication, or process audio for sound) while the software is the set of instructions that tells the device what to do. Hardware without software don’t do anything (a computer without an Operating System such as Windows or MacOS can’t run anything) and software without hardware have nothing to send instructions to (a copy of windows or MacOS is useless without a computer to run it on).
Motherboards, graphic cards, monitors, and hard disk drives are all examples of hardware contained in a computer that are useless without software. On the other hand, Microsoft Windows (or any other operating system like macOS or Linux), internet browsers (like Mozilla Firefox or Safari), applications like Instagram or Spotify, and drivers for sound or graphic cards are all examples of software.
Software – key to device sustainability
While initiatives to extend the useful life of the hardware are crucial in addressing this problem, our devices aren’t only made of hardware. Software, from the operating system (such as Android, iOS, Windows etc.) to the microchip firmware (low-level software for specific hardware, such as a smartphone camera), is what keeps our devices secure, functional, compatible with the latest apps and protected against known security vulnerabilities.
Out-of-date software on devices leave people vulnerable to hackers and cyber-attacks, often depriving them of critical services and resulting in significant financial losses and emotional distress. Consumers’ digital data is also at risk.
An out-of-date software on an otherwise functioning device can be a door to one’s bank account or the intimacy of one’s life, render a device unusable, or worst still endanger safety and life even. Such a risk is enabled by software support periods that are shorter than the product’s usable life cycle, and an industry focused only on selling its latest products rather than supporting earlier models. In other words, current market economics merely encourage the replacement of perfectly functioning devices. This does not only create extra e-waste, but it also puts people at risk. Both can be avoided.
When purchasing devices and services, it is often unclear until when these will be supported with software updates. We found reported examples of only a few companies being upfront and disclosing how many years a device will receive software and security updates for (see Principles, below), including Apple and Google.
Even when this information is public, it is not easily accessible to the consumer. An investigation by Which?, the UK consumer organisation, into how long major smart home appliance manufacturers will provide updates for the connected products, revealed that none published their update policies for consumers to see. And even if disclosed, this information can still be vague or confusing, allowing manufacturers to sell devices with “out-of-date” software, often at a discount, at the expense of consumers’ rights.
What is an Operating System (OS)?
An operating system is a core programme that manages the interactions between other programmes and the hardware. It usually consists of a core (also known as kernel) which enumerates the available hardware. It provides a scheduler which tries to balance the contention of multiple tasks (applications) being run simultaneously around the ability of the processor (the brain of the device) usually only being able to run one task at a time. For example, the Operating System will make sure that launching an app such as the web browser won’t interrupt the sound being played by another application. Modern operating systems like Windows, Android, iOS or Linux also usually bundle a number of ancillary services such as the user interface and basic utilities for the device. This includes for example a sound managing interface to set the volume of applications playing on the device or a network interface to easily connect to WIFI networks.
The concerns around the impact of software updates on electronics’ sustainability is increasingly on the radar of campaigners and policymakers. A few point out to the important distinction between security and functionality updates, and the need to differentiate between the two when mandating policy measures related to the lifetime of devices. Security updates are always essential and subject to cybersecurity guidelines or legislative measures, whereas functionality updates are not necessarily essential to the functioning of an ‘older’ device; they may in fact slow it down and therefore actively encourage users to replace it. Apple, for example, was famously subject to multiple class actions in the US and litigation and fines in the EU for its slowing down of older iPhone 6 and 7 via software functionality updates.