Lawmaker dissatisfied with Amazon's answers on Kindle Fire's data harvesting
Markey wants a straight answer from Amazon about how the company will use the data collected by the tablet's Silk browser
Computerworld - Amazon told a Massachusetts congressman that the Silk browser in its Kindle Fire tablet doesn't pose a privacy threat to consumers, but the lawmaker wasn't ready to give the online retailer a pass.
Rep. Ed Markey (D-Mass.), the co-chairman of a congressional caucus on consumer privacy, on Tuesday released the retailer's responses to questions he had put to Amazon CEO Jeff Bezos in October about Silk and the data it collected.
Markey wasn't happy with Amazon's answers.
"Amazon's responses to my inquiries do not provide enough detail about how the company intends to use customer information, beyond acknowledging that the company uses this valuable information," said Markey in a statement.
"Amazon states 'Customer information is an important part of our business,' but it is also important for customers to know how the company uses their personal information," Markey continued. "Amazon is collecting a massive amount of information about Kindle Fire users, and it has a responsibility to be transparent with its customers. I plan to follow up with the company for additional answers on this issue."
Amazon answered Markey's questions in a Nov. 3 letter (download PDF) to the congressman. The letter was signed by Paul Misener, the retailer's vice president for global public policy. Misener has appeared as Amazon's representative before numerous congressional hearings on privacy and other matters.
As Markey said, Misener did not explicitly answer the congressman's question about what Amazon planned to do with the information Silk collects. Instead, Misener said, "Customer information is an important part of our business and an important driver of customer experience and future invention."
Misener maintained in his letter that, "respect for customer privacy is embedded in the design of ... Silk."
Misener's answers to those queries were in line with statements Silk's director of development made six weeks ago to the Electronic Freedom Foundation (EFF), which said at the time that Amazon had assuaged some of its concerns.
Amazon told Markey, as it had the EFF, that it would not put its servers between Kindle Fire users and encrypted websites, and that IP (Internet protocol) and MAC (Media Access Control) addresses, which conceivably could identify individuals, would be collected only after a Silk crash "for purposes of technical troubleshooting."
But Misener said Silk users would not be offered a data collection opt-in choice; instead, they were free to switch off Silk's cloud-based mode.
Silk, which is based on the open-source WebKit engine, connects to Amazon's cloud service and servers by default. The service will handle much of the work of composing Web pages, pre-rendering and pre-fetching content, and squeezing the size of page components -- a process that, according to Amazon, speeds up browsing on low-powered devices like the Kindle Fire.
The data sent from and received by Silk, in other words, passes through Amazon's systems, giving the retailer an opportunity to extensively monitor the traffic in general -- Amazon has sworn it does not associate data with specific Fire users -- and mine that for browsing behavior. For instance, Silk logs each website URL and by necessity transmits that to Amazon, which retains that data for 30 days.
Markey did not say when he would ask Amazon for more answers about Silk.
Amazon has been coy about Kindle Fire sales. On Monday, it said only that the tablet is its best-selling product but didn't release sales figures for last week's Black Friday.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is email@example.com.
Read more about Desktop Apps in Computerworld's Desktop Apps Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Desktop Apps White Papers | Webcasts