This article is more than 1 year old

HP printer small print says kit phones home data on whatever you print – and then some

Security engineer actually reads privacy policy to his horror

Hewlett-Packard Inc's printers don't just slurp the contents of your wallet at a frightening rate. They also guzzle a surprising amount of data on you and whatever you're printing.

Security engineer Rob Heaton discovered exactly how much slurpage HP is engaging in after his in-laws asked him to set up their new home printer. Instead of doing what the rest of us would do and clicking past everything until it started working, Heaton read each and every step along the way.

"After I had finished removing pieces of cardboard and blue tape from the various drawers of the machine, I noticed that the final step required the downloading of an app of some sort onto a phone or computer. This set off my crapware detector," he blogged.

"Of course, in reality it was a way to try and get people to sign up for expensive ink subscriptions and/or hand over their email addresses," he sniffed, pointedly adding that this was "a shame, but not unexpected."

Most unexpected of all, however, was the sheer volume of data slurped by one's home printer. Pointing to HP's own privacy policy (as archived here lest they change it in future), Heaton said that by agreeing to HP's "automatic data collection" settings, you allow the company to acquire:

... product usage data such as pages printed, print mode, media used, ink or toner brand, file type printed (.pdf, .jpg, etc.), application used for printing (Word, Excel, Adobe Photoshop, etc.), file size, time stamp, and usage and status of other printer supplies...

... information about your computer, printer and/or device such as operating system, firmware, amount of memory, region, language, time zone, model number, first start date, age of device, device manufacture date, browser version, device manufacturer, connection port, warranty status, unique device identifiers, advertising identifiers and additional technical information that varies by product...

The privacy policy does state: "We do not scan or collect the content of any file or information that might be displayed by an application." However, multi-function corporate printers store copies of printed documents on internal storage media, as was brought to public attention nearly a decade ago.

Although all of the data slurpage is laid out in the legal agreements presented to consumers, Heaton told The Register he hadn't sniffed what his in-laws' printer was beaming back to base.

A few years ago, HP deployed a software update that prevented its printers from functioning with cheaper third-party ink cartridges, something that would end up costing it a few million dollars in legal settlements. More recently, the company has split with its EMEA president as its sales in the region continue their relentless slip downwards – causing its share rating to be downgraded by a Wall Street analyst firm.

HP has been asked to comment and we will update this article if we hear back from them. ®

More about

More about

More about


Send us news

Other stories you might like