Millions of people have benefited from Amazon’s single-minded quest to create frictionless commerce. Pretty much everything it might occur to us to want—from a book to laundry detergent to a snow blower—arrives, if not overnight, well before we’ve forgotten ordering it. Customer reviews, price comparisons, and Q&As guide our choices and let us weigh in with praise or complaints.
Behind that wall of customer-facing information is a lot of other information. About us. Information we have trusted the company with. Yet it seems Amazon has done a remarkably poor job minding that particular store. In the current issue of Wired, Will Evans writes about “Amazon’s Dark Secret”—one that’s been obscured by Amazon’s disingenuous assertions that privacy is “sewn into” everything the company does. (Read the full eye-popping article from Reveal and Wired here.)
Too many of the company’s 575,000 employees worldwide have access to customer data. This has allowed low-level employees to snoop on purchases made by celebs, to use customer data to help third-party sellers sabotage their competitors, to mess with Amazon’s product review system, and to enable sale of low-quality knock-off products.
Our data were so readily available that, for years, Amazon didn’t even know where the relevant databases—including credit card numbers—were. Funny, hackers could find them. If a design team wanted a database, it was readily available to them. If they made a copy, no one in the company security apparatus knew. In short, “Amazon had thieves in its house and sensitive data streaming out beyond its walls.”
Management for years turned a blind eye to these problems. Raising a red flag was a good way for an employee, including members of the too-small security staff, to get shut down or shut out. The whole edifice became shakier when the EU established its General Data Protection Regulation, and Amazon, like every other company dealing with EU members’ citizens, had to comply by the May 2018 deadline.
Amazon spokespeople deny the general tenor of the article and emphasize progress that’s been made, but you might want to read the whole electrifying saga. Bits and pieces of this story have been coming out for several years, but like Gerald Posner’s excellent God’s Bankers, pulling all these stories together in a coherent narrative, as here, makes for a compelling indictment.