Amazon told a Massachusetts congressman that the Silk browser in its Kindle Fire tablet doesn't pose a privacy threat to consumers, but the lawmaker wasn't ready to give the online retailer a pass.
Rep. Ed Markey (D-Mass.), the co-chairman of a congressional caucus on consumer privacy, on Tuesday released the retailer's responses to questions he had put to Amazon CEO Jeff Bezos in October about Silk and the data it collected.
Markey wasn't happy with Amazon's answers.
"Amazon's responses to my inquiries do not provide enough detail about how the company intends to use customer information, beyond acknowledging that the company uses this valuable information," said Markey in a statement.
"Amazon states 'Customer information is an important part of our business,' but it is also important for customers to know how the company uses their personal information," Markey continued. "Amazon is collecting a massive amount of information about Kindle Fire users, and it has a responsibility to be transparent with its customers. I plan to follow up with the company for additional answers on this issue."
Amazon answered Markey's questions in a Nov. 3 letter (download PDF) to the congressman. The letter was signed by Paul Misener, the retailer's vice president for global public policy. Misener has appeared as Amazon's representative before numerous congressional hearings on privacy and other matters.
As Markey said, Misener did not explicitly answer the congressman's question about what Amazon planned to do with the information Silk collects. Instead, Misener said, "Customer information is an important part of our business and an important driver of customer experience and future invention."
Misener maintained in his letter that, "respect for customer privacy is embedded in the design of ... Silk."
Misener's answers to those queries were in line with statements Silk's director of development made six weeks ago to the Electronic Freedom Foundation (EFF), which said at the time that Amazon had assuaged some of its concerns.
Amazon told Markey, as it had the EFF, that it would not put its servers between Kindle Fire users and encrypted websites, and that IP (Internet protocol) and MAC (Media Access Control) addresses, which conceivably could identify individuals, would be collected only after a Silk crash "for purposes of technical troubleshooting."
But Misener said Silk users would not be offered a data collection opt-in choice; instead, they were free to switch off Silk's cloud-based mode.
Silk, which is based on the open-source WebKit engine, connects to Amazon's cloud service and servers by default. The service will handle much of the work of composing Web pages, pre-rendering and pre-fetching content, and squeezing the size of page components -- a process that, according to Amazon, speeds up browsing on low-powered devices like the Kindle Fire.
The data sent from and received by Silk, in other words, passes through Amazon's systems, giving the retailer an opportunity to extensively monitor the traffic in general -- Amazon has sworn it does not associate data with specific Fire users -- and mine that for browsing behavior. For instance, Silk logs each website URL and by necessity transmits that to Amazon, which retains that data for 30 days.
Markey did not say when he would ask Amazon for more answers about Silk.
Amazon has been coy about Kindle Fire sales. On Monday, it said only that the tablet is its best-selling product but didn't release sales figures for last week's Black Friday.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.