New York City Apartment Residents Sue Landlord Over New Smart Locks [Updated]
from the cutting-your-night-short-because-your-apartment-key-is-dying dept
UPDATE: A spokesperson for Latch sends the following message, clarifying that the locks at the center of this lawsuit do not require a smartphone to open (emphasis in the original):
The residents of the building in question were given keycards to access the locations where Latch was installed to specifically negate any resident needing to have a smartphone app to unlock the building’s doors. (As you likely know, keycards and key fobs have been a common method of entry for decades.) Latch is sensitive to the different preferences and routines of its users, which is why it offers users three methods of entry—residents can use the smartphone app, a doorcode, and a physical keycard. Latch is the only smart access system that provides all three of these methods.
Nothing like rushing home to put your phone on the charger only to realize you can’t get into your own apartment without a charged phone. Getting into locked out of your own place: there’s an app for that. Maybe the app — and the smart lock it engages with — works fine 99% of the time. The other 1%, however, will see you locked out, even after performing an interpretive dance with your emotionless partner.
If your Latch App is unlocking from too far away
1. Navigate to ‘My Profile’ in the left menu
2. Change the ‘Unlock distance’ to ‘Near’
The Latch device is not unlocking when I hold my phone close to it
1. Navigate to ‘My Profile’ in the left menu
2. Ensure ‘Hold-Near to Unlock’ is on
3. If problem persists, change the ‘Unlock distance’ to ‘Nearest’
The numeric LEDs are not lighting up when I touch the Latch Lens
1. Ensure you are tapping the center of the Latch Lens to wake it up
2. Tap with the pad of your finger to ensure the Latch Lens registers your finger. Sometimes small fingers or the tip of your fingers do not register on the Latch Lens
3. Power reset the Latch device by removing the batteries or in the case of Latch R, resetting the power to the Latch R
YOUR PARTNER STARES IMPASSIVELY
The Latch Smart Lock — pictured and detailed above — is at the center of a recent lawsuit filed in New York. Residents of an apartment complex whose main entrance lock has been replaced with the unblinking Latch eye are suing their management for making their lives more difficult.
A group of tenants in a Hell’s Kitchen apartment complex say they are being locked out — by technology.
And now they are suing their landlord for the return of their low-tech keys to the front lobby.
“It’s ridiculous that everyone is spending all this money to go to court just to get a key,” said Mary Beth McKenzie, 72, an artist who has lived in the West 45th St. building for nearly five decades. “For 45 years I’ve had a key. And now, we can’t get keys.”
One longtime resident — a 93-year-old man — has decided to become a shut-in, rather than wrangle with the tech. There’s still a standard lock guarding another entrance to the building, but it does not provide access to the elevator. Three flights of stairs isn’t really an option, so he’s chosen to forgo venturing out of the building.
In addition to limiting access to those with compatible smartphones, the new locks require tenants to sign an 84-page agreement with the manufacturer. The smart locks also notify landlords of tenants’ entrances by default. This “feature” can be turned off by end users (renters), but it really seems like something that should be opt in for renters, rather than opt out.
While building owners are given plenty of leeway when it comes to security, replacing physical locks with a smartphone-dependent product isn’t really the way to go. As ubiquitous as smartphones are, there are still renters who don’t own one. The thing about this case is that there’s still a regular lock in place. It’s just that the landlord won’t give tenants that prefer the old school approach keys for the lock.
The city’s Department of Housing Preservation and Development had previously slapped the owners of the building with two violations for capping the keyhole on the lock to the lobby door when they introduced the technology. The violations were removed last week following a second HPD inspection. The owners removed the cap from the lobby lock, but still did not issue mechanical keys to those tenants who asked for them…
Yeah, that’s not going to look good in court. The management company had a chance to make everyone happy. Instead, it chose to piss off a few tenants repeatedly.
Filed Under: apartment, keys, mary beth mckenzie, new york city, smart locks
Comments on “New York City Apartment Residents Sue Landlord Over New Smart Locks [Updated]”
This could be an attempt to nudge out some rent-regulated tenants. Whether or not such apartments exist in the building would be public record if someone wants to dig.
Re: Re:
See the NYT article linked in a comment below: "Charlotte Pfahl, a resident of the West 45th Street building and a plaintiff in the lawsuit, […] said she thinks the landlord is using it as a tactic to push longtime tenants out to make way for higher rents."
Re: Re: Re:
NYC housing court is the busiest municipal court in the world.
Remember, if it ain’t broke, don’t fix it.
Re: Re:
Engineer’s motto: If it ain’t broke, then fix it ’till it is!
Re: Re: Re:
No need for the apostrophe. It’s not a contraction.
Re: Re: Re: Re:
It would be without the additional ‘l’ on the end.
Re: Re: Re:
That is management motto.
Unblinking Eye
Open the pod bay doors Hal.
"It is now safe to switch off your computer." — HAL 9000
Tim, you forgot to link the original story. It adds some detail you didn’t mention: the hypothesis that this is a way to drive out rent-controlled tenants, some of whom are elderly and don’t have or want smartphones. That means it’s not ridiculous—it’s logical, though offensive.
A related problem is that landlords cannot generally modify lease agreements. Forcing existing tenants to enter into a contract with a third-party is probably not legal.
Re: Re:
"Forcing existing tenants to enter into a contract with a third-party is probably not legal."
Unless that was specified in the original agreement, it is definitely not legal.
Just wait until someone breaks in via the smart lock
I think I will have popcorn ready for the first smart-lock-abetted burglary. And no, it does not take 1337 h4x0r skills, or even script kiddie skills, to defeat most of the smart-lock products out there. Most of them are made in a consumer-electronics-y fashion that disregards the well over a century of accumulated physical security wisdom that today’s mechanical locks have available to benefit from, and as a result, can be broken into with basic hand tools and a trifle of knowledge and/or ingenuity. (Wouldn’t surprise me if most of them were easier to break than a stock Kwikset-clone…you at least need a rake and tensioner for the Kwikset!)
There are two rays of hope here, though:
The Latch appears to be at least somewhat better made than consumer grade smart locks, although the R-series being in a card-reader position raises questions, as certain door fitment vulnerabilities are endemic to card-reader secured doors. (Ask Deviant Ollam about how often he’s able to latchslip card-reader doors sometime, or just watch his talk on The Perfect Door where he discusses this issue in some detail.)
Re: Just wait until someone breaks in via the smart lock
The NYT article said the owner gave people such cards after being forced by the city. But is that really a ray of hope? Wikipedia says most access control systems switched from MiFare Classic to DESfire because that’s more secure, and DESfire was broken in 2011. "The attack… recovers the secret key in about 40 ms on a laptop. This attack requires just one (partial) authentication attempt with a legitimate reader."
It’s not even that. As you say, at least a person needs tools to break physical systems. When a "smart" lock is broken, one could instantly publish an app worldwide that allows every similar lock in the world to be broken. Maybe a self-deleting app, so as to leave no evidence leading back to the criminals.
Re: Re: Just wait until someone breaks in via the smart lock
Of course, all of this is only as good as the door installer…
Re: Re: Re: Just wait until someone breaks in via the smart lock
Think of the next generation of criminals. Buy an exploit on a shady market (it happens now) and walk in like you live there. People are boosting cars and looting hotel rooms through electronic means.
If someone sees you sticking tools under the door you may get some trouble. (Admittedly, Deviant is already good at making physical attacks look innocuous, but he’d still have a bag of physical evidence if caught.)
Technology
Not what you think..
Im old/new hat…and watched this happen allot.
Someone thinks "THIS IS NEW IT MUST BE BETTER", is REALLY stupid.
Tech can be better, but 90% of the time it isnt.
Its like a DEAD BOLT LOCK, Digital password, but also has Keyway to unlock…WHO needs the passcode if you can get thru the Cheap Key way..
Then there is the Total digital that needs a code, Manually input, and it uses POWER to unlock the deadbolt..And wastes Power and never works if you didnt recharge the batteries..
Then there are good ones, that have Dont turn the deadbolt, last for over 1 year on battery, and Battery recovery, IF it fails..
There is the security system that requires Access to your router, BECAUSE nothing is saved to your System…WHICH if you are smart is a Small NAS, hidden someplace in the house..and costs you nothing.
Tech is simple if you have abit of knowledge, but companies Like to make products that Make THEM money for ever..
What the hell is in the 84 page document for a Smart Lock that you are forced to sign? Who the hell is going to sit there and read that? I for one would refuse to sign it. Make them give me a key. If need be, gather everyone else and as a group, take them to court.
Re: Re:
You would get awful cold waiting outside for several months until that worked it’s way thru the courts. "Sigh here or no entry for you."
Re: Re:
Nobody, but it’s not like you’ll see it on paper. You’ll see a textbox with an "Agree" button, and almost everybody clicks "Agree". I saw an automated bicycle rental kiosk with an agreement longer than that (the "pages" were only 5-10 lines long due to a cheap display… the "page 1 of 125" or whatever was comically absurd, but lots of people were putting their credit cards in).
What’s in it? I’d guess some privacy policy incorporated by reference, which says you have no privacy, and a statement that you’ll pay the company’s legal fees (i.e. indemnify them) if your insurer sues them for incompetence after a burglar steals all your shit.
Yeah @hacks4pankcakes on teh twitters had something similar to this happen.
It seems some startup got a large corporate landlord to switch all the buildings over to their super duper system.
You have to plug their special router into your internet…
You have to be okay with your landlord & the startup knowing when you are home, what temp your HACV is at, when people come and go…
Oh and the lock they are using has really bad reviews online…
Oh did we mention that there isn’t a mechanical part on the inside so you can end up locked in your apartment?
Oh and if the battery didn’t alert you, you can run out and buy a 9volt battery to connect to the external power connectors so you can get inside your home… & lets hope you have the right batteries inside to replace the dead ones otherwise… you’re not getting out.
Internet Infosec well known person took a meeting with ownership, laid out the issues… they are still rolling it out.
I wonder what their insurance costs are going to be once someone managed to hack this series of Internet of Shit devices mashed together gets breeched & entire buildings end up unlocked randomly.
Re: Re:
A report to the local fire department will get that fixed fast.
How long before the system gets hacked?
To be fair if your area of residence literally has the word ‘Hell’ in the title you should expect some…. inconveniences?
Re: Re:
Not new inconveniences forced upon you under the guise of making things better, no.
What happens during a black-out?
So what happens if there’s a neighborhood black-out? Does the Latch have a battery backup? If so, how long does it last? And if the power goes out and the Latch battery dies, will everyone be locked out? So how is this better than physical keys that have been in use for hundreds of years?
Okay, sure, I haven’t read the specs on the Latch, but this would be an interesting point to bring up.
Re: What happens during a black-out?
If management is any good, it will last as long as the building’s emergency supply for stairwell lights, fire alarms, emergency elevators, etc.—there are likely regulations about the required time. If they made the mistake of using a battery instead of a generator, UPS-style batteries can often run electronic entry systems for about a day, and then you’ll be propping the door open if there’s no doorman. (In this story, the electronic system is for the building entrance, and the individual units still use keys.)
Re: What happens during a black-out?
The Latch runs on AAs, not mains (as it’s a rather major fiddle to get AC power to something mounted on a door compared to slapping a battery compartment in it and calling it good.)