
Don’t build apps that encrypt customer data - balladeer
https://developer.amazon.com/public/apis/experience/cloud-drive/content/developer-guide
======
buro9
They're going for user experience, not security.

They want users to pour data into Amazon Drive and for that to be useful to
any and all applications that connect to Amazon Drive.

If one app encrypts that data, then no other app can make sense of it.

~~~
dexterdog
Unless it's convergent encryption or if the user has a way to share the key
across apps.

~~~
kesenwang
Cryptomator solves that problem fine, and incorporates into major storage
providers anyways.

------
madjam002
I'm pretty sure this means that you shouldn't encrypt users data without their
consent, or encrypt existing data. There are plenty of 3rd party apps which
have been approved by Amazon which encrypt your data client side. e.g Arq
Backup

I know Stablebit Clouddrive (which does client side encryption) have been
struggling to get approval from Amazon, but this is due to excessive API
requests, not client side encryption.

~~~
marcosdumay
That's probably correct. But it is still an interpretation of a very ambiguous
statement. Too often, when lawyers write ambiguous statements it is because
they want to exploit the ambiguity.

------
Quarrelsome
from the dev forum:

> What if the customer choses to encrypt their data?

>> Brian@Amazon · Feb 02 at 06:28 PM 0 >> They can do that, and that is fine.

[https://forums.developer.amazon.com/questions/54909/impact-o...](https://forums.developer.amazon.com/questions/54909/impact-
of-dont-encrypt-customer-data-part-of-drive.html)

~~~
ashark
... so the EncFS-backup-your-6TB-media-drive trick isn't threatened yet?
That's good.

------
vorpalhex
That's a wee bit troubling. There might be an argument for some kind of user
experience, but, uh, that's not how it's actually phrased.

Obviously client side encryption is an important part of using any kind of
cloud storage, so disallowing it pretty much removes any potential use of
Amazon drive for me. I have some photos I don't mind being stored unencrypted,
but I have plenty I'd rather _not_ allow any and every app to have access to.

------
_jal
Unless they clarify their intent and guidance, I read this as "Don't use
Amazon drive".

------
digikata
Perhaps it interferes with deduplication/compression of the storage, which
would throw off some level of storage efficiency and increase costs for Drive.
That said, I don't think I would really want to use a cloud drive service that
discouraged client side encryption.

------
huhtenberg
> _Don’t build apps that support commercial use_

Doesn't make much sense either.

~~~
lloydde
That makes sense given that Amazon Drive itself is for non-commercial use:
"You may use the Services only to store, retrieve, manage, organize, and
access Your Files for personal, non-commercial purposes using the features and
functionality we make available." from Amazon Drive and Prime Photos Terms of
Use
[https://www.amazon.com/gp/help/customer/display.html/?nodeId...](https://www.amazon.com/gp/help/customer/display.html/?nodeId=201376540&ref_=cd_tou_fp&?ref_=cd_unlimited_tou)

------
ryanbertrand
> (e.g., do not copy the look and feel of Amazo Drive branded apps)

Amazo!

------
calvinbhai
At first glance, based on the headline, I thought ARQ backup is screwed.

But, this is only for Amazon Drive storage. Which makes sense.

If you want to store encrypted personal stuff, dont use Amazon Drive. Clients
like ARQ are definitely made for such cases (and are probably cheaper in the
long run).

------
deepsun
Well, Facebook definitely knows what I was searching recently on Amazon, as it
shows me ads with the same (rare!) products that I browsed (didn't buy) on
Amazon.

Clearly, they sell my data to Facebook. Can they sell some aggregates over
your Amazon Drive?

------
daliwali
Don't encrypt your user's data that is stored hardware you do not own. If you
have nothing to hide, you have nothing to fear. This is all in order to
improve the user experience of course.

------
woliveirajr
> We want to give you some guidelines (...) save you time in building
> something that will not be approved during the App Review process. While
> this isn’t an all-inclusive list (...) don’t violate our Terms of Use, Brand
> Guidelines and the App Distribution and Services Agreement.

So encrypting data from the customer side could make some app be blocked in
the future, making me lose all my customers and perhaps their data? That
doesn't sound good, why would I take a chance by using Amazon ?

~~~
pmiller2
You take that risk, anyway. Amazon can always change their TOS unilaterally,
or duplicate the functionality of your app with their own app, and there's
nothing you can do to stop it.

------
relics443
This is only for Amazon Drive. As others have said, 3rd party apps won't be
able to make use of the data, but there's probably another reason.

I'm assuming Amazon uses fingerprinting to store only one copy of a file
across their system, and just link to it if you upload the same file. If the
files are encrypted they can't do this.

------
eeeeeeeeeeeee
What a clickbait headline. It seems pretty obvious that it is about the user
experience. For example, if someone dumps 20GB of encrypted photos on Drive,
no other app would be able to use that. Maybe that's what you want. But Photos
are the kind of thing that multiple different applications should be able to
read/write.

~~~
tyingq
Could also be an additional defense against _" Don't build apps that promote
illegal peer-to-peer file sharing"_

Unlimited cheap storage is probably a magnet for pirated videos. Encrypting
(or just obfuscating) them would be an obvious step to avoid detection.

------
mzzter
Only applies to Amazon Drive? So I'm assuming that they don't want ransomware-
type third-party apps.

------
alphabettsy
They have Arq backup in the gallery, which uses data encryption so maybe they
just mean don't encrypt where it's not necessary?

Is this for de-duplication or just to avoid people not being able to access
files across other apps on the platform? Or both I guess.

------
meesterdude
It's not in amazons best interests for you to encrypt your customers data -
but it's likely in your customers best interests from a privacy perspective.

------
realusername
Maybe it's in the context of a malware?

~~~
informatimago
No, it's in the context of Amazon Drive applications:

"With our updated RESTful API and SDKs for Android and iOS, Amazon Drive is
moving to an invite-only developer offering to ensure we can provide a
consistently viable service available for supported use-cases."

Clearly, they want to be able to spy user data.

You can easily summary this list of restrictions to:

    
    
          DO NOT WRITE Amazon Drive APPLICATIONS!
    

(At least if you care for your customer).

Personnaly, I would never write an application that would not encrypt user
data, including user credentials. Basically, most services don't even need to
know who their users are (unless you implement dumb password recovery scheme
that requires you to send an email to the user, you just don't need ever to
know anything more than a hash instead of an email in the clear!).

~~~
rileytg
what's a not dumb scheme?

------
toadkicker
The client/server model is great for capitalism but no good for liberty.

------
c8g
what is the limit of "Unlimited Storage" in drive? 100gb? 100pb? or even more?

~~~
dublinben
Several folks on /r/datahoarder have 100+ TB stored there without issue. You'd
have to try pretty hard to run into any soft limits they've set.

------
eveningcoffee
Do not encrypt it because then we can steal it.

------
dickbasedregex
Don't use AWS. There, fixed that for you.

------
molecule
_> Don’t build apps that encrypt customer data_

Sarcastically interpreting this directive as non-generously as it is worded:
don't use SSL?

------
tejasmanohar
This title is click bait

~~~
ldiracdelta
Yeah the title is highlighting one part of the text 70% down the page, but it
does seem to be a disconcerting part of the text.

~~~
theprotocol
Indeed - in fact, the previous paragraph states your app risks not being
approved if you don't follow the guidelines!

 _> We want to give you some guidelines for apps not to build on the Amazon
Drive platform to save you time in building something that will not be
approved during the App Review process_

------
PersistantTreat
These are very vague - could mean anything from "don't build ransomware",
through "no Amazo Drive encryption apps, we'll offer that as an option" to
"leave your cust data in clear so we can play with it"

