I'm not sure that Amazon would be able to pierce the veil of the hypervisor like that, but his instincts were in the correct direction.
If they say they won't read your data, better trust them. If you don't, stay away from their datacenters.
EDIT: fix typo.
This is 100% true. To do any useful computation on your data (read, what you're using all AWS for) they have to have 100% visibility into your data.
> If they say they won't read your data, better trust them. If you don't, stay away from their datacenters.
That's it, right there. All of this is based on Trust in Amazon, not some technology that provides any assurances, much less proof, they're not looking at your data.
They can pull the curtain off anything you're running in their cloud, at any time they feel like it. It has to work this way for AWS to be of any use, and by using AWS you're implicitly trusting Amazon with your data.
It's the difference between breaking into a Walmart with a ski mask and assault rifle and stealing a bunch of blu rays vs recording the HDMI out from whatever device you stream Netflix from. They're not the same thing at all, either in terms of harm done, applicable criminal law, or ability to build a compelling civil lawsuit.
For a thought exercise, let's play this out.
Amazon copies data running through VMs (or grabs it from storage).
Let's assume it isn't on hardware certified for capital-letter processing , most of which require regular third party audits.
So they have your illegally-obtained data , which presumably they want to use to make money.
Except they can't leave any record of its source, in any documented form. This includes server logs, data transfers, emails about data, meeting minutes about data.
So they create some isolated network, run by a third party contractor, that transfers encrypted data from the taps to a store, then decrypts. All of which brings us to the most difficult part.
Who does... what with it?
The source data itself is radioactive. Who knows when "pricing strategy for company X" or obvious equivalent might pop up in the stream?
So you... what? Exclusively touch it via algorithm that outputs only aggregate information? How do you possibly code and maintain that pipeline, sight unseen?
All while risking an incredibly profitable business.
Or, you know, you just operate as an honest IaaS provider and make $10B in revenue / quarter with a 25% growth rate...
 https://www.law.cornell.edu/uscode/text/18/2511 (?)
The unit could be the "open sales modeling unit" that just supplies one data feed among thousands.
They can certainly take the risk. If crimes only happened when there was a 0% change of getting caught there would be no crime.
> If amazon copied all your proprietary data, you would almost certainly never notice, no criminal law would apply, and you'd have a hell of a time proving it in a civil suit.
If Amazon were doing this and profiting from it, that would essentially be a criminal conspiracy that reaches to the leadership of the company. Is it possible? Sure. Is it likely? I tend to think conspiracy theories are rarely true. Would it be caught? I believe it would likely be caught.
Companies get things done by having meetings, informing their hierarchy, and following executive decisions. In what meeting do you imagine this being discussed? Who floats this idea, and who signs off on it? I just don't see it happening. And if it does, I expect whistleblowers to put a stop to it.
Actually, they are quite uncommon, which is why they make headlines when discovered.
I'm not taking a side here, just pointing out a fallacy.
Bezos is making the most money of everyone living. Many of the scandals happen when the founder is retired or dead.
See 737 MAX, other 737 boondoggle like the vertical stabilizer reversal back in 94'ish.
Monsanto, hell, what chemical hasn't hid information they damn well shouldn't:
Dicamba, roundup.. Take your pick. The stellar behavior of this corporate citizen taints cements the stereotype of an entire industry.
Special mention goes to a certain German pharma company who brought you Thalidomide:
The lovely folks at Insys:
Believe there was a fraudulent implant thing a bit ago... Where'd I put that?
Someone beat me to Dieselgate.
Arthur Anderson LLP.
PG&E deliberately skimped on maintenance, leading to fires in California, and if I recall natural gas lines overpressuring in Massachusets?
Excuse me, the natural gas one was Columbia Gas.
Nestle I think getting caught using child labor in their supply chain at one point.
Oh what else can I think of off the top of my head? Uhhh...
That's all I can think of for right now. I mean we can hit the history books or case law to get a solid count I suppose, but to be frank, once a company hits a certain revenue point, it is pretty much guaranteed they've had to do something to get dirty/avoid getting outed as dirty.
So it really isn't that unusual. Throw in stuff that happened back before the rise of the Unions of the last century, and since their decline, and you also end up with so.e decent stories of workforce abuse. Though admittedly there's slant depending on who is telling it.
Like the Pinkertons as a matter of fact.
Or the original incarnation of Equifax, who were tasked with vetting prospective executive promotees.
Just because it'sorganized doesn't mean it's doing anyone any favors.
I stand by my statement -- it is rare.
I know of a case of fraud in oil well lease payouts, someone was stealing a small from a large number of leases and had been doing so for years.
A company auditor caught it. Did they go to the police? No. They paid the guy to leave the company and never talk about it again. The guy might have stolen hundreds of thousands in the process, but the company knew they'd lose millions, just from clients demanding audits going decades back. It was easier and cheaper to cover up and never mention again.
The very least we can say is that company malpractice is more common than it appears, unless 100% of it is reported on.
As has been mentioned as well is that governmental/regulatory apparata are typically starved of funding, so must limit their investigation/scrutiny to likely the most obvious cases.
Furthermore, if you've just entered into white collar circles these last few years, you may have been surprised at a tendency to not write things down. This isn't just people not realizing it is a good idea to do so, but a conscious decision in many cases due to eDiscovery, and the effects it has on provability in a court of law.
Pay attention on HN, and you'll get little snippets of other cases of "tribal skeletons" every now and again.
Anyway, by all means, I'm not necessarily arguing against your point; merely stating that given the sample size, and keeping in mind that regulators/the media can only dig up so much muck given limited manpower; it is not prudent to assume there isn't wrongdoing where no one has looked yet. I used to hold the same view you espouse; then I started A)cataloging things and B) noticed how often settlements seem to be applied with no admission of wrong doing.
Absence of evidence does not imply evidence of the non-existence thereof. You just haven't found it yet.
Can't believe I forgot about Wells Fargo, btw. That whole mess.
ISP's have been known to falsify their Form 477 data fabricating coverage stats, and overcharging customers:
There's plenty more where that came from with every ISP to be honest.
FTC keeps stats on all enforcement actions apparently. Might be a decent place to start looking to get some solid numbers.
Mind that that's only the ones. I assume CFPB and other commissions have similar, but do keep in mind they can't be everywhere or investigate everyone. So without stats on how many actions are dropped by prosecutorial/investigator's discretion, it is actually difficult to make really solid claims as to the actual frequency of malfeasance. Further, from my social circle's anecdata, it seems to be a safe bet that just about every organization at least has something in the the way of "muck they've cleaned up after" without getting authorities involved.
Anyway... I've rambled enough.
main thing here is that in big corps you can divide big (evil) task into smaller steps which could be defined as non-evil in isolation, and nobody in actual implementation people crowd would understand big picture.
I'm ready to watch that movie
For one, banks are far more regulated than Amazon is. If governments funded departments with 10s or 100s of thousands of employees monitoring and regulating cloud computing services, then it might be similar.
But the most significant difference is that if the bank seizes my money, I'll know about it pretty quickly and can respond. If Amazon sniffs through my commercial data, I'm unlikely to ever know. Most people are far more tempted to do wrong if they know if the chances of getting caught are miniscule.
How else do you think "closed-loop" measurement of marketing effectiveness, and retargeting based on purchase behavior are done? How else do you think suppliers can pull a D&B report on your company showing your bank account balances?
A valuable if painful lesson to learn. I still do all my personal banking with a credit union and consider my relationship with banks to be adversarial. They only own my debt, never my cash.
Is that an exaggeration? It amounts to $100 or $50 a month in "low balance fee"!
All the banks I've looked at had a fee under $10.
Similarly, if you're presenting externally, it's a good idea to close open applications that are not relevant to prevent info leaks from Alt-Tabbing.
Actually having a competitor pay someone to come into your office to pick locks etc. is rare, comes with criminal liability and is easily detectable on security cameras.
That's not true. I surely don't trust banks, but at least they're regulated to the point that they have to come up with some legal pretense for seizing my funds. A bodyguard is ostensibly a person who I've incentivized more than the competition to not harm me, and who I probably form a relationship with over time. None of these things are true of Amazon.
> Stealing data from a customer paying for hosting would be _very_ different, and much more scandalous, than identifying trends on a competitive marketplace and taking advantage of them by launching competing products.
What part of using data that you have on your competitors but they don't have on you, to sell competing products on a platform where you don't have to pay fees but they do, sounds like a competitive marketplace?
Then again, compared to the average bear, maybe I'm unusually circumspect when it comes to all of those things.
If for example I'm fully on amazon AWS for everything, DNS/DB/Web then no matter how encrypted your data is Amazon still has a very good idea of the effectiveness of your campaign. You can't hide the number of DNS queries. You can't hide the number of TCP SYNs. Hell, there is just a huge amount of things that encryption does not cover up, especially involving time for particular transactions to occur.
Amazon, if they wanted, could read stats from Netflix’s database about which movies drive the most engagement and use that to determine what to license for Prime video.
It’s the difference between root on the server and capturing encrypted packets on a network.
How many PayPal horror stories have there been?
(Well, it seems like SGX is insecure right now with all of the CPU vulnerabilities, but in principle it may be fixed in a future generation and be well-suited for this.)
The fact that you wouldn't have to trust your host specifically could have a real decentralizing effect for cloud hosting: people would be able to run stuff on any cloud host without needing to trust them much. If you just wanted compute power and didn't care about strong uptime/connectivity, you could even safely rent cheap VMs on computers of random individuals.
AMD SEV, on the other hand, is exactly that.
This is true, but it doesn't have to be this way .
Now things may have changed since then, but I'd imagine it's not yet gotten down to 1.X inefficiency multiplier regardless of the FHE scheme you're using.
As an aside, Amazon competitors like Walmart typically require their suppliers to host data on a platform other than AWS if they want access.
In the past, AWS has used the data from third party hosted services on AWS to build a similar service and in fact start poaching their customers.
Source: I used to be at AWS and know the PM & his manager who built a service this way. I was hired on that team.
He wrote this: https://www.nytimes.com/2019/12/15/technology/amazon-aws-clo...
Edit: fixed a typo
You might have a family to protect. A home to maintain, etc. I understand. It's scary. But the world doesn't and cannot change for the better if we let corporations bully us into silence. The world will and does change when brave individuals, with the support of society, stand up and blow the whistle.
But yes, I would be happy to contribute to a support fund to support such individuals.
>But yes, I would be happy to contribute to a support fund to support such individuals.
cool you can start by donating to absolutely any charity in need right now.
And yet, a couple times a year perhaps, we have discussions right here on HN about the latest AWS outage that took down half the Internet.
That's not even considering the potential impact to software development and innovation that we get with commodity cloud services. This is hand-wavy of course but I'd stick to it.
Even if their claims are true (which I certainly don’t believe they are), you’d be more likely to get better uptime than EC2 with a small on-prem setup through dumb luck rather than through deliberate planning. Something still has to go wrong for you to have an outage, and you’re more likely to get an incredible lucky streak than you are to outperform their entire AWS infrastructure capability with a few people and half a rack of servers.
2011 April 21 Outage
2011 August 8 Outage
2012 June 29 Service disruption
2012 October 22 Outage
2012 December 24 Outage
2013 September 13 Outage
2014 November 26 Service disruption
2015 September 20 Outage
2016 June 5 Outage
2017 February 28 Outage
2018 March 2 Service degradation
2018 May 31 Outage
Drop the servers in HA sets of 2-3 nodes across 3-4 regions, anycast your service endpoint from each cluster. The hardest thing to replicate without AWS is the 6-7 figure bills.
If some sanely architected code was all you needed, then you’d expect at least other cloud/IaaS providers to be able to match AWS service levels. Which they can’t, and which some little software shop most certainly cannot either.
Personally, I wonder if that isn't an emergent property of a lot of people trying to scale at once.
AWS terms do not assign their customers any rights to any physical computer. And the AWS customer agreement gives Amazon the authority to access your data for certain purposes.
I'm not sure I've ever heard of anyone prosecuted under the CFAA for accessing a computer that they physically own and physically control. AWS is a service, not a computer rental.
> We will not access or use Your Content except as necessary to maintain or provide the Service Offerings, or as necessary to comply with the law or a binding order of a governmental body.
The CFAA uses wording like "exceeds authorized access", which Amazon would absolutely be guilty of if they went into your database to spy on your product listings.
If they could go after Aaron Swartz for using authorized access in an unauthorized way, it seems likely it could be applied here.
Would a judge accept that argument? From me? No. From the lawyers Amazon can afford? I wouldn't be comfortable betting either way.
In this case, Amazon fully owns, possesses, and operates the "protected computer".
You'd have to successfully argue that Amazon fraudulently accessed their own computer. It might be possible, but I'm guessing it'd be a first.
The difference in Aaron's case is huge: he didn't own the computers that hosted JSTOR.
> The difference in Aaron's case is huge: he didn't own the computers that hosted JSTOR.
His access was authorized, though. They still threw CFAA at him.
You have to "exceed authorized access to a protected computer"
The CFAA is not a data protection law. It is a computer protection law.
> In practice, any ordinary computer has come under the jurisdiction of the law, including cellphones, due to the interstate nature of most Internet communication.
Maybe it is possible, but the consequences to answering 'yes' to this is pretty scary.
If I'm renting an apartment, my landlord can't install a camera in the bathroom, even if they're the owner of the building.
Ownership doesn't change the fact that the law says "exceeds authorized access". Amazon agrees to only access the computer I'm renting from them in very specific scenarios. If they violate that, it looks like a pretty clear CFAA violation.
> Amazon agrees to only access the computer I'm renting from them in very specific scenarios.
AWS provides compute services, they do not rent computers. They make this clear in their terms.
They demonstrate that legal ownership is not the same as the legal right to do whatever you want with what you own.
> AWS provides compute services, they do not rent computers. They make this clear in their terms.
Good luck hoodwinking a judge with that argument.
Which one do you rent?
Where is your rental agreement?
When did you first take possession?
Equal protection or application of computer crime law (perhaps, any law) in the USA is a fiction. It would be practically illegal to invent and run a web spider today, for instance, if they didn’t already exist as a concept. (France recently decided this was true for news link aggregation; Google must pay the newspapers for reproducing their headlines. I’m glad hosted RSS readers aren’t outlawed so far, but under these sorts of restrictive legal interpretations you could see how they might be. Google doing AMP, of course, gets a free pass.)
If you don’t believe me about the web spider thing, try making a complete download of Twitter for the purpose of making a tweet search index and see if you get to continue owning your house. (My theory is that Clearview is allowed to do it for Instagram because they’re using the database to provide services to law enforcement/military, so those groups want it to continue to exist free of prosecution.)
Bummer that actively collaborating with violent types like pigs and military seems to be the only way to avoid jail if you want to build large novel data systems with interesting public datasets today. This sort of freedom to experiment with new/neat algorithms over published documents got us Google; today these same companies will get you raided if you dare download/index their data. (Facebook’s idea famously started out scraping public yearbook photos. Try scraping Facebook now.)
one small counterpoint: https://www.eff.org/deeplinks/2019/09/victory-ruling-hiq-v-l...
Now, indiscriminate access to your content might violate whatever commitments Amazon made to you in their terms of service; I have not read them for a long time and can't remember what the language is specifically. But that would not be a matter for the FBI.
Of course there are other reasons to use physical servers.
The one point of solace is that there's a lot of competition out there for web hosting.
Safe to say they are not on Azure.
There are ways that you can use AWS that Amazon would have no way to access any of your data even if they wanted to.
You may trust them not to abuse hypervisor access, but they still have network “meta” data - it could tell them how many transactions clear against credit processors (though not the actual amounts if encrypted), a good idea general distribution of page views With respect to time and user ip (though not the exact pages), times of day, demographics of users (Geo locations and ISPs, for example)
If you don’t trust them not to peek at what they can, don’t use them. He is perfectly right.
There are other cloud providers who aren’t competing with B&H and would be a better choice. But amazon is a direct competitor to B&H, even if they do have an IT barrier - they cross subsidize; any $ paid to Amazon helps it against B&H.
Is it worth the extra effort and moving already functional servers to do so?
Please explain, as I'd like to know how.
People also forget that Amazon doesn't have to pay to advertise its own products, but 3rd party sellers do. This immediately puts you at a disadvantage if you want your product at the top since you pay seller commission and advertising fees to Amazon. Next time you want to buy something from Amazon, I would encourage you to find the seller's website directly or find them on eBay. eBay charges less seller fees and is not in the business of selling products directly.
Where by FB has no direct incentive, yet. It could be a FB Marketplace PM team someone has already copied Shopify outright and is just waiting for the right time to roll that out to all FB user worldwide.
With Amazon Marketplace the strategy has always been to convert customers off that platform into your own.
Most top listings in most niches/categories are priced for break even inclusive of the multitudes of keyword PPC campaigns they're running with the hope that you leave a review and that you actually pay attention to the little postcard that comes inside the package asking you to register your email address.
Both games suck tbh.
How do I know this? 10 years in ecommerce with a different ecomm platform.
If I pay you to host my site where I sell my products, but you index me into the central sales portal in a bad way, I’ll be pissed. Kind of like restaurants on Seamless.
It comes off as deep rent seeking - instead of helping me succeed, which is the real mission of most of these types of companies, you’re creating an artificially scarce resource (visibility within your central sales index) where now I have to pay you an arbitrary tax just to compete.
Immediately makes customers want to leave.
GoDaddy, Wix and Squarespace couldn't really afford to do it because they aren't e-commerce focused.
This can’t be true, since no matter how you create the central sales channel, some sellers will get preferential treatment in terms of screen placement, appearance in search results, etc. Shopify could not pay the costs of operating and advertising that central channel unless the most successful businesses are placed more prominently and lead to higher conversions of some kind (sellers converting, leading to less churn or more subscribers, etc.). But every Shopify customer will want that - so who gets it? If you do nothing and “the rich get richer” and there’s no way for an outsider to break into the better display rankings of the sales channel, you’ll just alienate customers and see a huge drop in new subscribers. This is often a big problem for ecommerce companies that facilitate online sales portals like Amazon, eBay, Etsy, and even more niche things like Shutterstock.
You either “democratically” allow customers to pay for placement in your central product index, or you force customers to pay via lost business and lost opportunity, which they’ll be embittered by. But there’s no such thing as a “free” way to centrally index across all hosted subscribers.
> “GoDaddy, Wix and Squarespace couldn't really afford to do it because they aren't e-commerce focused.”
I think you are very unfamiliar with the hosting industry. All three of those businesses make the strong majority of revenue from subscribers of ecommerce plans and all three have huge platform offerings and nationwide advertising campaigns targeted specifically at ecommerce customers.
All three of them practically only exist (in terms of revenue) because they are a good hosting option for small businesses that sell online.
Marketplace team can do more if they can build a second class product from the get go.
usually the copy/paste pictures and description are a good giveaway.
Last time I bought an item off eBay, it arrived shipped via Amazon Prime. Pretty sure the seller just bought it off Amazon and shipped it to my house... it was a weird turn of events.
It wasn't a branded item, just a third-party battery replacement for a cordless phone, but still.
There was a story in my area a few years ago where people had some sort of scheme to convert Amazon gift cards into cash via EBay.
Shopify may not be amazon yet, but it is certainly learning to be that way.
I say there should be an explicit difference between "running a platform", and "selling on a platform", and never should the two meet. By "platform" here, and in the context of selling stuff online or IRL, I mainly mean that the store should never compete with their suppliers ... it's madness and unethical. If everyone can get a piece of the pie, it makes for a healthier ecosystem. We should want the rising tide to lift more than one boat.
And yes, I believe this should be regulated at the policy level.
This of course has implications for other forms of "platforms", such as operating systems, APIs, and clouds; but I'll leave those discussions for another time ;)
Surely a part of is is placement, but Safeway could put own brand ketchup at the same level (and I think sometimes does) as Heinz and still wouldn’t sell the same volume.
Amazon is clearly getting a big advantage here, I’m just curious about what the underlying dynamics are that allow them to be so much more successful in their context than it seems store brands are in other contexts.
If you see a product on a Safeway shelf, the company that makes that product already got paid--by Safeway. If Safeway puts a generic ibuprofen bottle next to a bottle of Advil, that's fine with Advil because Advil already got paid! Safeway is assuming the risk that those bottles of Advil might not sell because everyone buys the generic.
Amazon is different--they sell things themselves, but they also offer to run a logistics platform for other folks selling things. Folks who use this platform believe (are led to believe) that they are going to direct to consumers, NOT selling wholesale to Amazon. Amazon purports to be a neutral infrastructure provider, like UPS or Verizon.
Now, you can say that these folks are naive for believing Amazon about their neutrality, but it is what Amazon said! Many of these companies would never have used Amazon for logistics in the first place if Amazon had said "we are going to use all your data to copy your products and go direct-to-consumer ourselves with our copies, including placing them above yours in search results." Who would take that deal?
I think a better argument would be the scale of the data collected by Amazon vs physical stores. But on the other hand, Safeway has an online store where they can collect the same information and if they are anything like Walmart then they also already have startlingly detailed insight into the supply chains and logistics of their suppliers that surely rivals what Amazon sees if you use their warehousing service.
I don't think it makes sense to draw a clear distinction between Amazon generics and Safeway/Walmart generics. It seems like a fuzzy line at best.
Where this gets real distinct is in delivery: Amazon is currently purging its warehouses of stock from thousands of vendors so it can keep stock of Amazon-brand and big box brand alternatives to those same products. (See: https://www.bloomberg.com/news/articles/2019-05-28/amazon-is...) So, the Safeway equivalent of this would be you going down the sugar aisle and finding exactly 1 or 2 bags of competing brands with a note that says, "Hurry! Almost out!", and each bag has 10lb. anchor attached to it. But there's 100 bags of Safeway sugar, and there's a line of employees offering to carry it through the store for you do you don't hurt your terribly sore shoulders...
How would you feel if a Safeway associate slapped a tracking device on you when you walked in the door, and then didn't tell you they were recording everything you thought while you were working your way through the store? That's how Amazon.com works. Oh, and if Safeway could just look at your other recent thoughts and know you fapped about 20 minutes before you walked in the door? That's also Amazon.
Amazon, on the other hand, has allowed duplicates, cheap reproductions and false reviews to proliferate. Now the only way you are assured a product is what it says is if it is an amazon brand.
This is not necessarily true. It's typical to not be paid for anywhere between 30 and 90 days. Additionally, some deals are more complex and depend on actual purchase volume.
To his company it didn't matter at the end of the day if people bought the brand name or the store brand, it was all the same stuff.
I don't think this singlehandedly explains why Amazon is so unwilling to do anything about their huge counterfeit problem, but it's suspicious that the dilemma resolves in their favor.
We allowed this vertical integration in retail when maybe we shouldn’t. Yeah it shaves some costs, but is probably having a huge effect on supplier diversity and margins. If we’re revisiting the consumer welfare above all doctrine, this seems fair to revisit as well.
I used to work in a big brewery where we made supermarket branded beers. It was the same product in a different can. Actually, the exact same can, with a custom paint job. It was one of the more generic beers, rather than one with a taste associated with one of the well-known premium brands, but there was zero compromise on quality there. What was packaged for the supermarkets was 100% identical to beers with our own company name on it.
It's only the cheapest of the cheap "value" stuff which has been significantly cost reduced and has compromised quality. That's stuff like pastry with a higher water content in place of fats, or substituted ingredients such as palm oil in place of butter etc. In these cases you're paying less, but obviously getting less product for your money. That's its own specialised segment. These are often made by different companies with their own separate supply chains, and possibly living by a different set of ethics... There clearly seems to be a market for this type of thing, but given the reduced nutritional quality and taste, it's not necessarily providing a genuine cost saving.
If it is possible to create a so-called firewall  within banks to avoid unfair advantage via insider trading, it is possible to create a firewall between the platform and seller divisions withing Amazon for a similar effect.
If a firewall can be implemented, fine, but I don’t see any great loss if we were to restrict the growth of a trillion-dollar company.
But why? Nobody is forcing you to use AWS, there in fact heaps of similar services around which at first glance don't share have said problem.
"Nobody is forcing you" misses the point.
So, Apple would be allowed to vertically integrate and make the chips, hardware, operating system, and applications for their products. But they'd have to stop selling Belkin chargers alongside Apple chargers at apple.com, and the iOS app store would have to contain either only Apple apps and no third-party ones or vice versa.
I agree a diverse marketplace is a healthy one, and that requires intervention since clearly the initial rules are not enough. Some like to pretend that free markets are only negatively impacted by regulation, and only positively impacted by its participants.
Its a free market, you can do what you want as long as costumers like it. Valve makes its own games and the platform. There are other example where this is true.
Should SpaceX not be allowed to launch Starlink. Falcon 9 is a platform, and Starlink is selling the product that you get threw this platform. Maybe not a perfect example, but one could equally make a argument about that as well.
All of these things are pretty artificial opinion based market restrictions, and everybody want to create different rules based on different was to evaluate this question for every market business and so on.
So you would make totally different choices about what is a platform and what isn't. If my company has a product and then opens up the underlying API, is my product now illegal?
For me this is all nonsense, why not just have both the suppliers, consumers and everybody else involved make choices based on what they think is best. Why do you know better of how to define these terms and what evidence is there that when you force a separation it is better at 'raising all boats'. There is no evidence to prove that in the majority of cases.
In the example of Steam they lost many games because suppliers didn't want to deal with them. Microsoft SQL now runs on Linux because people didn't want to us Windows. In all of those cases, costumers and suppliers are perfectly capable at making those decisions for themselves and then the company has to make choice how adjust to this situation.
Why any of this is bad, is totally unclear to me.
Its easy to say 'see this one bad example' and the ignore a huge amount of efficiency gained by vertical integration. The idea that we have bureaucrats to have control over every single vertical integration decision by every company is pretty insane dream to me.
This reminds me of 'Indian Socialism' where you had to fill out a application for every market each company wanted to get into and the of course super smart regulator would then make sore that the 'correct' amount of companies were in each market. Of course as always there was tons of regulatory capture and corruption to say who got a permit and who didn't. Witch is basically the same pickle you want to get into, just with 100x more detailed determination about ever companies internal structure as well. A recipe for disaster if you ask me.
The idea of enlightned regulator who for each choice of each company on each level can figure if that decision is correct for 'the global population' is a total fantasy. Neither can they do it, nor would their intensives to do it actually be for the good of 'the global population'.
I had a profitable Amazon store in 2010. I found niche products that Amazon didn't sell. As soon as I started getting traction on any one product, Amazon would start undercutting me, and my sales would drop to almost zero over the course of a couple of weeks.
I had near 100% feedback and I had a single customer complaint that I sold them the wrong product. Within a few minutes of me receiving this claim, my account was suspended. I had no chance to rectify the situation.
No amount of calling or emailing Amazon could get me in front of someone that could help me. All responses were an automated rejection.
This was a rough time for me as it was my only form of income and Amazon held almost $30,000 of my money for 3 months. I ended up having to close my business and move on, though I did eventually get all of my money back.
I've built multiple successful businesses since then and Amazon has recently had many business reps try to get me to sign up with a business account, because we purchase lots of items on Amazon/month. I always try to get them to re-investigate my old seller account and our email correspondence stops shortly after this. It's crazy to me that after 10 years and in a completely different industry, I still can't open a seller account.
It taught me a valuable lesson not to build my entire business on someone else's platform.
It only gives them more control over you and they will most likely use your customers, data, and more resources to out-compete you, if you get too big. Twitter has also done this to their app developers.
My wife runs a small business on Etsy and it's just as bad. They make random code changes, which bumps listings up or down and you suddenly have no orders for weeks at a time.
What's even scarier is if a handful of companies run everything we use online. Will I suddenly not be able to get a home loan for a decade because of an account closure?
This sounds eerily similar to what happened to a close friend of mine, and that's 100% the right takeaway from the situation.
> My wife runs a small business on Etsy and it's just as bad. They make random code changes, which bumps listings up or down and you suddenly have no orders for weeks at a time.
Same as above, different friend, but again Etsy.
> What's even scarier is if a handful of companies run everything we use online. Will I suddenly not be able to get a home loan for a decade because of an account closure?
And that's why I'm in favor of strong individual privacy laws, and corresponding enforcement of said laws. Because 'I've got nothing to hide' only works so long as your values/goals are in line with everyone else in the system you're operating in.
The second that changes, good luck and godspeed.
Thanks for the great read, and... I dunno just validating your view of things.
I support such laws too, but I wouldn't expect them to really change this. I think what we're seeing is more of a monopoly problem than anything else, even if violating privacy is a part of how they pull it off.
It's very hard to prove that a company that does, in theory, have access to data is not storing it or looking at it. Even accidentally. I just finished explaining all this to someone who freaked out about a Facebook post they saw about how Facebook was starting to collect information about everything you do off-Facebook. I had them show me what they meant, and it appears to just be every app that integrates with Facebook comments or allows Facebook sign-in as an option, etc.
The problem is one Facebook naturally got because of it's success: everyone has good reasons to want to work within their ecosystem. So they get tons of data on everyone. You can inconvenience yourself and refuse to ever visit a service that might share data with Facebook. But honestly: who's going to find that practical and do it? And if Facebook ignores the setting and "accidentally" captures all this data, and I suspect they're misusing it, how do I really get an investigation and more than a slap on the wrist for them?
It's messy to be a platform that provides a service and a consumer of that service that competes with your other consumers. At a previous job of mine we made a conscious decision not to do that for fear it would hurt our core business to ruin relationships with our customers. The problem here is Amazon just doesn't fear that. And I can't say they should. But the root problem seems to me to be more of a monopoly problem than a privacy problem.
Maybe it’s time to revive it. Google, Apple, Amazon, all cause issues because they are too big and haven’t been broken up (or menaces of) for way too long.
We’ve scratched antitrust laws in 9/11, when Microsoft was recognized guilty but never sanctioned, because the domination of USA after 9/11 was important. But maybe that led to two decades of really huge corporations, and a bit more liquidity in the market (choice of platforms, etc) could be nice.
I don't think that's something people, even many very technologically knowledgeable people, are aware of.
1st I got an item from a fraudulent 3rd party shipper. Did not get my money back and amazon claimed they don't know his identity
2nd Packet got stolen. Amazon claimed based on statistical analysis this packet is assumed to have reached me. Delivered to "mailbox". Paid with CC, made a charge back, closed my account.
You know what is a pretty good competitor? eBay. As a business it may be terrible, but as a market place it is quite good.
Competitor on what vector? Speaking from a US-centric viewpoint here, but my thoughts;
* Distribution & Warehousing - Walmart & Costco
* Sales & Advertising - Google & Facebook
A few notable online storefronts that are independent and I use frequently are B&H Photovideo and Newegg. Realistically though the options I listed above are the only companies I see having the scale to compete with Amazon at anything, and even then they're an order of magnitude behind. Just my opinion, again very US-centric.
As a side node: I am actually thinking of buying a tiny bankrupt travel equipment company. Friends advised against it because of "Amazon essentials". I would not sell on Amazon but it is a strong argument.
Maybe someone has some words of wisdom regarding to this.
What do they have that you want, or what do you think you're going to do differently?
Why did it go bankrupt?
If they claim it's only bankrupt because of COVID-19, then it must not have been very profitable (if at all) if they didn't have enough money to weather out at least 3 months. So I recommend not accepting that explanation.
I was always impressed by the quality of their products. It is a comparatively "old" company, they produce their stuff in Eastern Europe, not Asia.
Why they did not sell?
1. Their webpage looks like from the 90ies
2. No marketing. I think I can solve this, I also have contacts with some small travel agencies. I am sure they would be interested in some affiliate scheme.
3. Has also some niche products where I have contacts in the US (Military, dogs etc.)
Biggest problem is to convince the guy to either sell or take on partners.
I asked this business if I can buy a stake before they filed for bankruptcy because I saw potential and value that I could bring to the company. I still do.
If a restaurant of bakery goes bankrupt I would not want it for free since I don't understand the business, nor can I bring value to the business.
All on purpose, all user-hostile actions to take.
Personally i don't think you should be able to run the market and compete in it at the same time.
People talk a lot about other companies but the one i'm most worried about for stamping out startups and holding the economy back is amazon.
It may be, it may not be. I don't know, I am not a Lawyer nor do I play one on the internet.
What I do know is that to date no individual, or collective, has had the financial or political will to test any of this in court.
I suspect this is largely a positive feedback loop whereby any entity that has the financial or political capital to do so and stand a reasonable chance of winning has done the calculus and come to the conclusion that setting said legal precedent would do their own businesses more harm than it would net them in value from Amazon.
Until that changes, meet the new boss same as the old boss.
Old boss wasn't going anywhere until a new one came along that was big enough to crush at will.
I’ve seen it happen, repeatedly - also years ago. If you sold a high volume commodity on seller central, you’d see your commission go up, and up, and up, until you squeak - you either quit or you complain.
They now know exactly how much that line nets you, and whether it’s worth selling.
Lots of developers do this already with iOS and the App store.
Some people don't even have a choice. E.g. taxi drivers had their entire market turned into a platform. Same with restaurants and meal delivery.
It’s legal for Twitter or Amazon or Etsy or Twitch or Discord or YouTube.
I recently got suspended by Twitter after using it daily for 12 years and in addition to not being able to send new tweets or DMs (or do data backup/takeout), I also can no longer see even the usernames (or the message history) of the people I was communicating with in DM. For many of them, that was my only contact info for them.
I am becoming increasingly convinced for the need to regulate arbitrary suspensions for communications platforms (including sales/business platforms, that’s just a special case of communication). The current emergency situation really woke me up to the huge dangers involved.
GP lost his business, which is sad and tragic and unfair. I envision that in disasters or emergencies, eventually someone is going to lose their life.
Imagine if the mobile phone or cable company could arbitrarily suspend your connectivity because you left bad reviews online about their service.
I recently did a deep dive on how these sorts of centralized, censorship systems pose an inherent and existential threat to safety and human rights in an emergency/pandemic/war that is non-obvious in peacetime: https://sneak.berlin/20200421/normalcy-bias/
It’s truly terrifying to me that these systems (among them Amazon, Discord, Twitter, YouTube, Facebook, Instagram) have final say, practically, over who gets to speak to whom in a lot of cases in society, or what is allowed to be said. These companies (and the government in their jurisdiction) are entirely unaccountable for this terrible censorship power they wield, and it is only a matter of when, not if, it will be horribly abused. TFA is just one important facet of this danger.
From my limited understanding, this regulation forcing them to offer service (as a utility) to 100% of the market is coordinated on a state-by-state basis by the public service/public utilities commission.
(Fun fact, I learned this at a young age because my dad ran a paging/voicemail service out of the basement of our single family, suburban residential home when I was about 10. We were the only house on the block with dozens of trunk lines coming into our little bungalow; but by law they had to do it if you ordered it. Try that today with internet access from a cable company, ha! It’s all but impossible due to TOS to run an internet business at a residential address now. Hosting for-profit services with the internet you pay for or reselling the service in any way means you get instantly unplugged.)
Sorry I don’t have a direct link to the all-comers bit of PUC/PSC regulation, but this should give you a starting point for research.
The not-allowed-to-tap-phones bit is a federal law:
It’s sort of insane how provider-wiretapped has been the all-encompassing default for almost all of the largest DM/1-to-1 communications systems in the world: SMS, WeChat, Facebook, VK, Instagram, Gmail. WhatsApp and iMessage are outliers in this regard. Almost all popular new entrants like Slack and Discord are provider-tapped, too.
This is a relatively recent development in our society’s relationship with electronic communications. Reading content by the provider used to be illegal as fuck.
I'd say that you're basically at their mercy with regards to the charging a percentage of revenue though. I mean, that's how all card processors work.
By default I trust Shopify more than Amazon, and in both instances your business is essentially succeeding 'at their pleasure' so to speak. So I thought on it for a minute.
I think the main difference comes down to individuals in the business and culture. I'd elaborate more but I'm not sure I want to write that much speculative crap on the internet this morning, and I should get something productive done with my day.
EDIT: Also just realized, that if you look at my spending habits, they 100% imply I trust Amazon more than Shopify.