Court Rules Samsung Doesn’t Have To Update Old Phones

Court Rules Samsung Doesn’t Have To Update Old Phones

A court in the Netherlands has made an interesting ruling that pontentially affects all smartphone users. Consumer rights group Consumentenbond said Samsung was creating a security problem for users by not promising to release patches for handsets beyond the two years the company already commits to. The group says this leaves users exposed to previously unknown vulnerabilities.

Consumentenbond wanted updates delivered for four years. And while Google does patch Android for more than two years, it’s up to device makers like Samsung to deploy these patches more broadly. Samsung noted to the court that testing the patches released by Google takes some time as the company needs to ensure it works with their custom software.

Part of the court’s ruling was a disagreement with Consumentenbond’s contention that users needed to bear protected against future risks. But it ruled that those risks weren’t quantifiable. It also ruled that Samsung was letting users know about the two year window for updates.

It’s interesting that the courts ruled that Samsung was acting reasonably. I’m not saying Samsung is doing the wrong thing. But we know handset sales have been stagnant over the last year and that people are holding onto their smartphones for a little longer. So, extending the policy to ensure users don’t suffer a breach or some other security issue makes sense. The reputational damage to Samsung for not patching a known vulnerability could be significant.


  • I suspect Samsung probably argued that new sales were where they make money, and patching older devices is where they lose it. Hence not being in their interests to support old devices and thereby encourage users to hold onto them.

    Indirectly, that’s also in the collective consumer base’s interests. The more money spent on supporting legacy hardware = less to put into R&D for the incremental feature creep that base demands.

    There’s also the reasonable argument that Android is (by default) reasonably well locked down. Most vulnerabilities still depend on user action or granting of permissions. This especially so on Samsung devices which have Knox and other mechanisms to protect critical areas like the bootloader.

    • I think the argument should be more about the number of people actually still using the hardware compared to the cost to update it. I couldn’t find any good info about the breakup of samsung device usage ie: what % are using s5/6/7/8/9 and so on. But if a two year old phone has say 5% usage compared to 70% on the current model or two then I think it’s fair to just focus on the new models.

  • “Ford refuses to keep my Model T running! Im suing ford for putting me in danger!”

    Devices have a lifetime. All companies do what samsung does.

Show more comments

Log in to comment on this story!