An engineer got curious about how his iLife A11 smart vacuum worked and monitored the network traffic coming from the device. That’s when he noticed it was constantly sending logs and telemetry data to the manufacturer — something he hadn’t consented to. The user, Harishankar, decided to block the telemetry servers’ IP addresses on his network, while keeping the firmware and OTA servers open. While his smart gadget worked for a while, it just refused to turn on soon after. After a lengthy investigation, he discovered that a remote kill command had been issued to his device.
Most services today have user accounts so they can store your information, that way if you get a new phone for example, you can just sign into a new device and your content is there. So the maps, your configurations etc, are all sent to a remote server so it just works.
Having to manually connect to the robot each time, when you might not even be in the same country when you want to connect, doesn’t work if it’s all done locally.
Companies that want to offer connected services like this but are privacy centric could let you encrypt it before sending it so they can’t see what the contents are, but then you need to manage the idiot populace and their inability to properly secure this kind of information. Then, you start getting all sorts of support calls like I lost the encryption key and now I can’t access my map! What kind of stupid service makes me remap things when I change phones and forget something!?
So there’s no really getting around sending some data back to the server, but even IF they have it unencrypted, there’s no reason other than corporate profit taking to also be using that data. They don’t have to, but they will and do.