Consumer electronic devices are designed to offer functions that rely on network communications between the device and a remote service. For example, a consumer's printer may have a feature in which it is capable of automatically ordering more toner as its toner level reaches a specified level. To do so, the device sends an electronic message to a remote service responsible for causing toner to be delivered to the consumer.
Allowing a device to automatically send information to a remote service hosted on the public Internet raises privacy concerns. In light of those concerns, an authorized user of the device may be asked to opt in and enable the device's communication features. In this manner the user is or should be aware that the device is communicating with the remote service. The user can also be made aware of the nature of that communication and the type if information being exchanged.
Current solutions for obtaining such authorization include embedding a privacy disclosure in the consumer electronic device. The consumer then accesses the device, reads the disclosure, and then decides whether or not to enable the device's communication features. This solution is limiting because the content of the privacy disclosure is determined before the device is shipped from the manufacturer and cannot be changed. This approach has significant pitfalls. For example, laws regarding privacy disclosure are evolving both in the United States and abroad and the information that a device sends to a remote service on the public Internet may change from time to time.