If you've ever bought an inkjet printer, you know just how much the manufacturers charge for ink (more than vintage Champagne!) and you may also know that you can avoid those sky-high prices by buying third-party inks, or refilled cartridges, or kits to refill your own cartridges.

The major printer manufacturers have never liked this very much, and they've invented a whole playbook to force you to arrange your affairs to suit their shareholders rather than your own needs, from copyright and patent lawsuits to technological countermeasures that try to imbue printers with the ability to reject ink unless it comes straight from the manufacturer.

But in the age of the Internet, it's possible for savvy users to search for printers that will accept cheaper ink. A little bit of research before you buy can save you a lot of money later on.

Printer companies know that openly warring with their customers is a bad look, which is why they've invented a new, even sleazier tactic for locking their customers into pricey ink: they trick their customers.

Back in 2016, printing giant HP sent a deceitful, malicious update to millions of OfficeJet and OfficeJet Pro printers that disguised itself as a "security update." Users who trusted HP and applied the update discovered to their chagrin that the update didn't improve their printers' security: rather, the updated printers had acquired the ability to reject cheaper ink, forcing the printer owners to throw away their third-party and refilled ink cartridges and buy new ones.

Now, Epson has followed suit: in late 2016 or early 2017, Epson started sending deceptive updates to many of its printers. Just like HP, Epson disguised these updates as routine software improvements, when really they were poison pills, designed to downgrade printers so they could only work with Epson's expensive ink systems.

EFF found out about this thanks to an eagle-eyed supporter in Texas, and we've taken the step of alerting the Texas Attorney General's office about the many Texas statutes Epson's behavior may violate. If you're in another state and had a similar experience with your Epson printer, please get in touch.

With these shenanigans, Epson and HP aren't just engaged in a garden-variety ripoff. Teaching Internet users to mistrust software updates is a dangerous business. In recent years, some of the Internet's most important services have been brought to their knees by malicious software running on compromised home devices. Compromises to your home devices don't just endanger the public Internet, either: once your printer is infected, it can be turned against you, used to steal data from the documents you print, to probe the devices on your local network, and to attack those devices and send the data stolen from them to a criminal's computer.

It's bad enough that Epson and HP have pursued their profits through these deceptive and illegitimate means, but what's even worse is that in so doing, they have actively poisoned the cybersecurity well. That's why their misconduct is all of our concern.

We'll keep you updated on our dealings with the Texas AG, and don't forget, we want to hear from Epson customers in other states so we can get AGs across America on the case.

Related Issues