Amazon's Decision to Reduce Tablet Security Comes at a Bad Timeby
Consumers sensitive about personal data amid Apple-FBI spat
Web retailer faces risk of being seen as weak on security
Amazon.com Inc. is dialing back on the security built into its tablets. Bad timing.
The Web retailer decided late last year to remove the ability to encrypt data stored on its Fire tablets, a few months before a battle erupted between Apple Inc. and the FBI over the decryption of information locked in a terrorist’s iPhone.
As a result, technology providers are telling customers that protection of private data is the industry’s top concern, making consumers acutely aware of the security of their private information. Most companies -- including Amazon -- have publicly backed Apple in its fight with the U.S. government.
The debate coincides with the debut of more Amazon devices designed to put the Web retailer at the center of people’s digital lives. That includes newly introduced versions of voice-enabled digital assistants similar to the Echo, which can hear what people are saying in their living rooms. While the products aren’t related and are meant to be used in different ways, they are part of a bigger strategy to keep consumers tied to Amazon.
“This could be a huge misstep,” said John Kindervag, an analyst at Forrester Research Inc. “I wouldn’t be surprised if they have to back off this announcement.”
Amazon said it decided to make the changes to Fire OS, the software running on the tablets, because customers weren’t using some of the enterprise features, which have to be turned on in order to work. Customer data is still protected, the Seattle-based company said, especially on the Web where it is stored and vulnerable to hacking.
“All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security including appropriate use of encryption,” said Robin Handaly, an Amazon spokeswoman.
Encryption requires more computing power, which means more expensive components are needed in a tablet or smartphone. Amazon, however, sells the Fire tablets for very little profit or even a loss, because they’re seen as a way to get people to access books, movies and games and keep consumers within shopping distance of its online store.
“While Amazon is trying to shrink their costs, adding extra encryption makes it impossible to use a cheaper, smaller processor,” said Brian Geisel, who runs his own software company in Boston. “Ultimately, that keeps them from reducing the price of their products.”
Also, the devices are mainly designed to deliver digital entertainment, instead of being used as communication tools. That suggests there’s less of a chance users will have any sensitive personal information stored on their Fire tablets. The bigger risk for Amazon is that consumers will perceive a lack of data protection in the company’s other products.
“Amazon has a huge hit in Echo, its home intelligence and automation platform,” said John Koetsier, an analyst at mobile-marketing firm TUNE. “Now that Amazon is removing encryption from some of its devices, I worry about bringing Echo into my home. It is, after all, an always-on, always-listening device. If I can’t trust Amazon to care about my privacy and security in its tablets, why should I when it comes to Echo?”
For users like David Scovetta, who works in computer security and compliance, that may be a deal killer. He was updating the software on his Amazon Kindle last month and received a notice that the newer operating system no longer included encryption. Now he said he’s worried about the security of other Amazon products he owns, including Amazon Echo, one of the company’s best-selling products.
“It doesn’t give me a warm and fuzzy feeling to think this is a company running on razor thin margins looking to save a buck here and there,” Scovetta said. “It doesn’t paint a good picture for them.”