Donald_Trump_by_Gage_Skidmore_3.jpgThe Beloved had an interesting question for me.

If Donald Trump were elected president, what would life be like for e-book-readers in the U.S. and elsewhere?

We’re Canadians. Under Trump would the American government care much more about people’s private reading habits no matter where they lived? At first glance that’s a daily small potatoes sort of question, given the other feet The Donald is putting in his mouth these days. We’re not talking about the most probable future occupant of the Oval Office.

Still, who’d have thought Trump would have gotten this far? What’s more, the Beloved tells me that a co-worker of his is of the paranoid sort and has given these matters some thought. The co-worker has been nervous about getting into e-books because he doesn’t want Amazon having all of this information on him.

And you know, I think it might in some cases be a valid concern, Trump or no Trump. I recall a story I read years ago about a woman whose pregnancy was outed to her family before she told them because Walmart sent her a packet of ‘so, you are going to be a mother…’ coupons. It turned out that they compiled a list, based on aggregated purchase histories, of what were the most common products newly pregnancy women bought. When you bought a certain percentage of the items on that list, Walmart made the connection that you were expecting, and sent you the coupons.

Now, imagine if Amazon had a list of every book that the last, say, 30 perpetrators of mass shootings or terrorist events had purchased. Now, say they could aggregate that data and generate a list of 100 books. What could a security-focused individual such as Trump do with such data? How many books from that list would a person have to buy before Trump’s feds flagged them?

Granted, Amazon does not seem inclined to compile such information. Their privacy policy states that they will only share your personal information under the following circumstances:

  • With ‘affiliated businesses’ such as Marketplace sellers, to fulfill your order
  • With ‘third-party service providers,’ for the same reason
  • For promotional offers, which you can opt out of
  • To transfer your customer record if a part of their company is bought to sold
  • To comply with law enforcement officials, e.g. fraud, credit risk protection

I think Amazon is profoundly uninterested in compiling the data into sets of information. They have set up their privacy policy under pretty narrow terms. Companies often do so on purpose, to precisely require law enforcement officials to follow due process. They are not interested in aggregating their data to make inferences precisely because that would violate privacy. If they had that data, someone could ask them for it.

SHARE
Previous articleAmazon shares its bestsellers of 2015, and human nature comes bottom
Next articleBiztegra highlights importance of mobile for publishers
"I’m a journalist, a teacher and an e-book fiend. I work as a French teacher at a K-3 private school. I use drama, music, puppets, props and all manner of tech in my job, and I love it. I enjoy moving between all the classes and having a relationship with each child in the school. Kids are hilarious, and I enjoy watching them grow and learn. My current device of choice for reading is my Amazon Kindle Touch, but I have owned or used devices by Sony, Kobo, Aluratek and others. I also read on my tablet devices using the Kindle app, and I enjoy synching between them, so that I’m always up to date no matter where I am or what I have with me."

12 COMMENTS

  1. If I were to indulge in paranoia, I’d also be concerned about books checked out from the library – they keep records too. What about credit card purchases? I suppose books should be bought with cash from various different bookstores. Is that safe?

    Why limit concern to books? Most people prefer TV and movies, so you rent or stream from Netflix, Hulu, or Comcast is fair game.

    Trump is beyond a joke now, but for the moment marketing actions like the Walmart episode described is far more disconcerting then the maybe privacy violations he and his ilk may employ. Even if my Amazon account could out me as left of left and a non-believer.

  2. You’re confusing Target with Walmart. Your summary of the privacy notice at the link you provide is incomplete and, I believe, strongly misleading. Just for starters, “to fulfill your order” is not actually in that document, whereas “customer information related to those transactions” is. How is “related” defined? I imagine it depends entirely on what Amazon chooses to do at any given moment.

    To suggest that Amazon is in any way uninterested in collecting and manipulating data is…bizarre. To my mind.

    The definition of “personally identifiable information” seems to be a moving target. It often turns out that individuals can be (and are) uniquely identified by supposedly anonymous data. It might be useful to investigate such things as remarketing/retargeting, unique identification of Netflix users via supposedly scrubbed data, and much else. It’s an interesting field, and full of surprises for most.

    I believe you mean well. But I suspect we’re coming at this from such radically different mindsets, and datasets, that communication won’t actually work.

    Perhaps that’s wrong, or perhaps it isn’t. You might try showing that privacy notice to an attorney, and asking the question: “what sort of sharing is Amazon actually promising not to do in this document, and what recourse do I have if I don’t like it?”

    You might find the answer you get quite surprising.

  3. @David Haywood Young: Many thanks for the feedback. I’ve asked Joanna to catch up with a civil liberties attorney for his or her take on this. Legal language can be tricky. One book of interest to both you and Joanna might be Dragnet Nation. I’m buying her a gift copy. That said, you’re being unfair to Joanna. If she thinks she was wrong, she’ll say so. David R

    http://www.amazon.com/Dragnet-Nation-Security-Relentless-Surveillance/dp/0805098070

  4. @David Hayward Young: Morning, David. I’ve asked Joanna to reply separately. Meanwhile, using “Amazon” as a search term in the Angwin book, I came up with the following passage, which is not proof of anything but which does suggest that at least in the past Amazon has resisted government snooping:

    “In 2007, Amazon successfully fought a government subpoena that sought the identities of people who bought books from a used bookseller on its site. The government sought to interview the book buyers as part of its tax fraud investigation into an Amazon third-party bookseller, but Amazon refused to hand over the names. The court agreed that ‘it is an unsettling and un-American scenario to envision federal agents nosing through the reading lists of law-abiding citizens while hunting for evidence against somebody else.'”

    With such history in mind, would Amazon go out of its way not to gather certain kinds of information to reduce fodder for the government if subpoenaed (given that the laws are friendlier to snoops than they should be)? Who knows? But in fairness to Amazon, I do think this is relevant to our discussion.

    In the next day or so, I’ll catch up with an EFF lawyer and see if the attorney would care to comment on both Amazon’s privacy-legalized legalities and on the risk of the government finding out one’s purchases.

    Thanks,
    David R

    Addendum: More on Amazon and federal efforts to get user data: http://www.ecommercetimes.com/story/82207.html

  5. @David

    Certainly sounds promising! And I don’t want to argue, ever, that a company or an individual can’t mean well. However, well-intentioned people don’t always understand the implications of their decisions (see above links about the surprising ease of de-anonymizing supposedly scrubbed data), and different decisions get made at different times.

    It’s worse than just that, though–there are always (in my experience, having been a coder since 1981 and having worked for quite a few companies) workarounds in place, that violate both the spirit and the letter of a company’s stated policies. There will be a noble intention at some level, and then someone will need a question answered. Or someone will want to get access to information that’s…you know…important and urgent. IT departments develop a sort of conspiracy of silence about what they’re actually doing–modifying the policies to match reality involves hitting a moving target, and comes with risks. What if something goes wrong? It’s often (perceived to be) better to leave the high-level stuff as it lies, and proceed to do whatever seems to be necessary to get through the day. There’s a very interesting paper on this topic: http://repository.usfca.edu/cgi/viewcontent.cgi?article=1039&context=at

    I think it’s fairly clear that a company’s policies have only limited ability to affect reality. I’m speaking from the perspective of a guy who had access to hundreds of millions of dollars of credit card purchase data, for months, and in total violation of a company policy. More on that in my book, and it’s not the only example. The thing is? That situation made sense at the time. Sort of. Enough, anyway, that it’s what happened.

    At any rate, I do hope Amazon does indeed mean well, and that their posted privacy notice will turn out, according to an attorney, to meaningfully limit their ability to share information. From my point of view, it seems like a combination of (1) feel-good words that are in place to reassure people, and (2) sufficiently vague terms that the company is covered in case they (accidentally or otherwise) end up violating what customers may think the policy actually states. In fact, I’ve come to believe that these are the two primary goals behind any privacy policy (though I haven’t run into many “notices”).

    Again, I don’t mean to imply evil intent on anyone’s part.

  6. @David Hayward Young: Meanwhile, as promised, I have pointed an EFF attorney to this discussion – someone who specializes in the rise of the surveillance state, among other topics. I can’t guarantee a reply to my email, but I have reached out to see how he might feel about Amazon from a privacy perspective. David

  7. What an interesting, and I think important discussion 🙂 I posted the link directly to Amazon’s policy as part of the story precisely so everyone could see it and reach their own conclusions. We both have the same information. It is valid to make any number of inferences based upon that same data.

    The question, then, is not ‘what does Amazon’s policy say?’ (that is there in the link I provided) but rather ‘what does one infer about what that means?’ I opted for a more optimistic interpretation based on precedent cases here in Canada about internet service providers being compelled to turn over data. The standard in those cases seems to be that they will of course turn over specific data if requested to do so. But law enforcement officials do not have the right to troll and monitor ‘just in case’ someone does something wrong, any more than they could wire tap or some other such thing without a court order and reasonable cause.

    It has not of course been tested in court specifically regarding Amazon. But my inference based on what they said about disclosure in that privacy policy was that they plan to follow the same rules: disclose specific data if ordered to do so (or required to fulfill a function, such as sharing your address with a marketplace seller who is shipping to you) and that’s that.

    Is it possible Amazon could abuse their customer data? Yes, of course it is. If data exists, it can be abused. But if it is abused, and they are caught, there can be consequences. When our then-mayor had cancer treatment at a local hospital, for instance, several workers improperly accessed her medical data–and when they were caught, they were disciplined, and in some cases, lost their jobs.

    So—I accept your assertion that there is a possibility for abuse here. But I personally do not think Amazon has any interest in doing that. I may be wrong, of course. And I may be failing to protect myself properly because I am less paranoid than I should be. But of course, you may be wrong, and you may be TOO paranoid. It is a matter of opinion, nothing more.

The TeleRead community values your civil and thoughtful comments. We use a cache, so expect a delay. Problems? E-mail newteleread@gmail.com.