Despite standing firm alongside Apple in the ongoing encryption controversy, Amazon is facing mounting criticism after stealthily removing a privacy feature in its Fire tablets, media-streaming devices and Kindle ranges that allowed users to encrypt sensitive data.
The feature was discarded during the last major software update Fire OS 5 and fears are growing that the move could leave unencrypted data, such as documents, financial information and sensitive personal data at risk of attack or interception.
Previous versions of the operating system, which is a fork of Google Android, gave users wider encryption options, including the ability to protect the entire storage of the device. But now, privacy-conscious customers are being forced to make the awkward decision of choosing between the latest version of the operating system or staying with the old OS to carry on encrypting their personal data.
Owners of Amazon devices first noticed the option had been removed last month. However, the news only garnered widespread attention after spreading rapidly on Twitter on 3 March.
On the Amazon forums, customers have been vocal about their concerns. “Phones and tablets contain a lot of personal information. Since devices can get lost or stolen, and easily get into the hands of criminals, not encrypting a device can put you at risk of identity theft. Online accounts can, after all, be reset with access to your email credentials. Enterprise users, such as businesses and organisations, who hold sensitive information are at even more risk,” one post noted.
For its part, Amazon has denied that any data is at risk of attack and claimed the feature was removed because internal statistics indicated people were not using the encryption option. “In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using. All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security, including appropriate use of encryption,” an Amazon spokesperson said in a statement.
“Encryption plays a very, very important role”
In its public-facing statements, Amazon has continued to voice support for Apple in the ongoing encryption-based confrontation with US law enforcement and is among the slew of firms filing or joining amicus briefs in the case. Additionally, Werner Vogels, Amazon’s chief technology officer (CTO) has previously voiced the belief that encryption is a vital feature for customers – despite the removal of the same option in his own software.
“We believe that you cannot have a connected business, or an internet-connected business and not make security and protection of your customers your number-one priority. Encryption plays a very, very important role in that… It is one of the few really strong tools we have so customers know that only they have access to their data and nobody else,” he said during this year’s Mobile World Congress in Barcelona.
Meanwhile, Jeremy Gillula, staff technologist at the Electronic Frontier Foundation (EFF) told The Guardian that when it comes to offering privacy features, “actions speak louder than words”.
“Removing encryption says a lot more to me than releasing statements in support of Apple, especially when you’re a manufacturer of devices that can also support encryption. When you’re a device manufacturer that’s also in control of the software, there’s really no good reason not to make sure that you can support default encryption. It definitely seems like there is quite a bit of hypocrisy there,” he said.
- Apple encryption row: Twitter, Google and Microsoft send legal brief supporting tech giant against FBI
- Unhackable iPhone: Apple brings ex-Signal developer on board as it doubles down on security
- Theresa May echoes FBI and GCHQ stance on strong encryption
- Amazon: Encryption support discarded for tablets and Kindles in latest Fire OS 5 update