That's a clickbait headline. It is clearly a support person that sees a list of addresses that could include the address of the user and uses their macro to tell the user to delete the tweet. Just like they would do if someone posts their password, date of birth or credit card information.
However, the support person should have been more explicit that the OT (original tweeterer ?) is sharing addresses and may want to hide that. The way support person's tweet was phrased is what gave the pitchfork people an opportunity. A perfect example of how not to communicate.
Unfortunately that also distracts from the intent of the OT's post.
I used to work at Amazon, but even then it's pretty clear the support person is erring on the side of caution here. in isolation two grocery store addresses and orders isn't particularly illuminating, but tying it with their real name it suddenly provides information on where they've been in past few years that might not otherwise have. and what if their order history accidentally contained something embarassing?
i think its a good thing for support to (be told to) err on the side of caution with account information, though some nuance that you could "remove/blur/blackbar information" would be nice.
Exactly. In this case, it's meant to showcase how much data Amazon has on people, but I imagine their support handle (@amazonhelp) gets hundreds of requests a day that have things like full home addresses in the screenshot, and their support wants to inform people about the risks of having that be publicly tied to their online identity.
Probably most HN users know that, of course, if someone buys an Alexa and keeps it in their home, it is going to have a bunch of audio recordings of them. And all of the Whole Foods transactions will be logged as well. And even a silly amount info about how they use the Kindle.
Next I wonder if Amazon will badger Twitter to take down the tweet on the basis it has some PII (which I'm not even sure it does, but if it does, it is the users own information. And afaik you can't dox yourself.)
So I hate my data being collected like this, and try to reduce when it happens whenever I can. But, buying an Alexa and then complaining they store the audio? When they confirmed they kept it about two years ago?
Imagine I found out the library kept a list of titles I borrowed! Or my bank account storing my transactions.
Honestly, what I find most offensive is that Amazon tracks all of this data and yet their recommendations are still awful. I just bought a vacuum cleaner. Why are you trying to sell me another one? How many vacuum cleaners do you think a person goes through in a month!
I absolutely hear your point, and understand where you are coming from. If this where a regular person, I would agree that they would have no idea that Amazon would store their data.
However, this lady seems incredibly smart, hosts a podcast (and newsletter) about many topics (inc. tech). I would personally have the opinion that she would be fully aware of how Alexa works and that Amazon would most likely be storing her data.
I know I shouldn't be blaming her in this instance, and I'm not, I'd just expect her to know better.
I understand from this that we are forced to share PII with Amazon with every interaction, but we are not supposed to share it with Twitter followers. US citizens can get their dossiers and delete their accounts. https://www.reuters.com/investigates/special-report/amazon-p... I received 88 zip files and subsequently deleted my account.
This is madness. How is the 'average user' supposed to go through and understand this data? The files inside are also probably a bunch of CSV or XML files as well.
It seems like a completely disingenuous (even nefarious) offer to the 'average user' to have a change to look at all the data these big companies have on them.
If you log into a loyalty account for a Kroger store (QFC, Fred Meyer, others)... you see similar transaction lists. This is extremely normal for retailers.
Also, machine learning can create shadow profiles for people, even those who don't have a loyalty account. (E.g., a purchase occurs every Friday around 5:30 and buys a specific beer and specific brats...).
This is all obvious stuff to me, but, also, people might not be aware that every interaction - touchpoint - on a big enterprise is recorded.
Not entirely. Think stores are still free to use any signals available at their own premises, like camera footage, license plate numbers in their parking lot, Wifi Mac addresses, or even gait analysis if they feel like it :-/
This is why I use <local-area-code>-867-5309 for every "loyalty" chain. I'd rather get the discount but also mix my data with as many other people as possible to make it worthless.
as I mentioned, they can observe purchase patterns and derive that a given individual is making those purchases if its unique enough.
gently, my take on privacy is that, we will never be able to turn the clock back to 1970; we have to instead reconceptualize privacy in the age of pervasive sousviellance & surveillance.
Still provides a good faith reason why an Amazon employee might see this and think "I need to apply the company policy on PII here" rather than a nefarious "you are making us look bad"
I think that's obviously what is going on. This is a boots-on-the-ground employee tasked mostly with responding with pre-determined answers to people angry about their orders. Of which, a number undoubtably treat their posts like PMs. This isn't someone who is tasked with any sort of decision making regarding data privacy.
Title is misleading. They didn't really suggest to delete the tweet because of the fact it shows their data collection, but because it contains some PII like the user's address.
I don't want to side with Amazon on this, but I genuinely believe there is nothing strange here: Amazon collects all that data, and under GDPR they have to provide all the data they have on your profile. Seems pretty standard. Google provides the same amount of data (or more) if you ask :)
Yeah, this is pretty obviously something that their support team copy-pastes everytime they see someone posting potentially revealing information with the keyword "amazon" or "alexa" or something like that.
This is like when someone tweets "drank 6 oz of cold medication feeling lit" and the pharmaceutical corporate account responds with a generic pharmacovigilance statement that they're mandated by law to say and then someone screenshots it and it becomes a meme.
Sure, Amazon's response was probably just a standard text the support team has to use. But it can also be interpreted like "here's an arbitrary reason you should delete this tweet about our data collection, and look how easy it is!".
That's what you get when an anti-competitive megacorporation collecting data about everything including how many seconds users looked at a picture wants to look trustworthy.
Whole Foods store locations are neither PII nor juicy information—especially not sufficient to justify Amazon responding unprompted, encouraging the poster to delete these tweets.
