I don't doubt the developers are using it for 'morally acceptable' purposes, but I don't trust Amazon not to abuse that data later down the line!
I really don't feel that anyone needs to know precisely what pages I have viewed in a specific book.
That it's an opt-out and not opt-in is not a good thing, but it can be opted out of on the e-readers.
Is it confirmed though that these network requests definitely stop after that is switched?
- Go to the homescreen
- Open the hamburger menu
- Tap settings
- Device Options
- Advanced Options
I rely on that regularly as I use both my phone and a Kindle device to read books.
Efficiency is not always the best humanistic approach. So maybe they support unused features and maybe they let some features wither that lots of people like. Maybe it would make things cost a little more. I think people would be ok with some of those inefficiencies.
IMHO, The software today is miles better at UX.
It's a book. You don't need to collect and track every fucking action I do to find out if your stupid highlighter is being used in Poland.
Privacy LARPers are a tiny segment of the market, the average person doesn’t really care if their ‘usage of the highlighter function is tracked’
If so, why don't they loudly advertise the data collection and do it only with opt-in?
It's not that the average user doesn't care if they're tracked, it's that they're not aware that they're being tracked.
Plenty of companies are quite transparent about their data collection practices (set up an Apple device recently?)
Most people are aware of data collection, they care more about functionality though.
I have not, not recently, but what you say is simply bullshit. They're "transparent" in that they give you a ToS loaded with legalese that they know you couldn't easily read through to find just how much and where they're squeezing your life for information to store. In cases where they simplify this with some less legalistic declarations of data use, what you often see there are numerous weasel words and phrases to very ambiguously describe what's being done. You know, things like "We MAY collect some information for the sake of improving user experience" and blah blah....
Then of course, there's the outright lying, which also happens, in which big tech companies simply fail to mention some types of data collection anywhere (the Amazon Alexa voice recordings being listened to by humans is a good example iof this)
Apple prompts you for each piece of data collection during the setup of an iOS device (and lets you choose if you want to share).
Most companies hide it in legalese. Some companies claim they're not sending any data and then send it anyway. Looking at you Philips Hue lights.
It's not what I said.
I wrote my opinion already, but I'll repeat it anyway in case it was not clear. I think you can't know if people care about it or not, as long as they're not informed about it.
But they do.
More importantly, the only usecase mentioned in the discussion that resembles anything like analysis is synching page reads across devices, and tracking reading progress to compensate authors who make their books available through subscription services.
Either you know stuff about "analysing" that for some reason you're keeping a secret, or you're talking nonsense about stuff you have no grasp over.
It's written there:
> "most of what's mentioned in this article are metrics used to understand how the features are used (bookmarks, highlights, dictionnary, etc.), how much they are used, and in which country."
Besides, I don't appreciate phrases like "fabricating accusations" or "you're talking nonsense about stuff you have no grasp over". I'm may be wrong, it happens often, but even if I am this aggressive tone is not in place. You can point out my mistakes politely if they exist, same way as I do with yours.
This is an unnecessarily denigrating term at this point in the conversation. It's not LARPing to want to be able to read a book or take notes without being tracked.
Absolutely agree but it is LARPing to pretend this collection is for anything but improving a product. Nobody is out to get you and nobody particularly cares how often you specifically turn the page (the data is useful in aggregate).
> We also use it to develop and improve products and features for all our customers and to gain insights into how our products are being used, assess customer engagement, identify potential quality issues, analyze our business, and customize marketing offers.
Targeted marketing is, in itself, something that's reasonable for someone to want to block regardless of whether or not there's a mustached villain tracking you. Privacy is about more than stalkers, it's about the effects of data usage. For some people, targeted advertising is a harm regardless of whether or not the company knows their name.
To go a step farther, I also don't understand why it's LARPing to be worried about a company who is actively being investigated for misusing seller data.
I bring this up every time that one of these threads/stories gets posted, but there's (appologies, but for lack of a better word) some kind of weird gaslighting that always happens in these situations. Before it broke that Echo and Siri queries were sometimes listened to by 3rd-party contractors, if I had posted that suspicion on HN people would have called me paranoid. Once the story broke, the argument then shifted to, "well of course they're doing that, how else would you improve the service?" That kind of thinking applies to Amazon as well.
Similarly, I don't know that it's likely, but it's not outside the realm of possibility that this information might get sent to 3rd parties with less responsible data practices, or that employees might be given direct access to it in an unobfuscated form. It's not something I'm losing sleep over, but I wouldn't be shocked to my core if someday all this information got leaked publicly and correlated to people's email addresses.
These are all situations where privacy matters regardless of the original intention. The "I only want to make my service better" defense applies to basically all data collection that most companies do. Even advertisers use that defense. It's reasonable for people to want to avoid being a part of that.
Of course, it's also reasonable for people not to care, to say that hacking is a risk they're willing to live with, and that they don't mind targeted ads, and that the books they read aren't sensitive. But it's not LARPing if someone has a different opinion on whether or not they want to tolerate that stuff.
: See, https://www.telegraph.co.uk/technology/2017/12/12/creepy-net.... Is it LARPing for me to be weirded out by a marketing department trolling over my reading/listening/watching habits looking for viral tweet material?
Maybe it's just me but every tech product I use these days gets worse over time. If something does get better, two things get worse. They mostly try to optimize for user engagement and not user experience.
> Understanding your users is vitally important.
And the only way to understand people is spying on them?
Sometimes a better product comes out of better business metrics, but other times they’re directly opposed.
Now if you look at opposite case, where a feature is worse for user experience but helps business metrics, that feature will definitely be launched. A small, mostly harmless example: Ever tried to hide twitter’s recommended accounts? It gives you the option to “see less often”, but curiously there’s no option to stop seeing the window forever. Why? Because clearly it benefits twitter’s business on average to keep showing these recommendations.
I’ve built enough dark patterns at my last job to know it always comes down to business metrics.
Which is exactly why we have regulation that forbids these practices, to protect the gullible from themselves. Furthermore, do you think privacy should be the privilege of just those that are smart and keen enough to be aware and prepared to engage in a relentless and perpetual battle with the most dark of patterns with every click they make?
I look at VLC as a great example to follow. Their stats show 3.4 billion downloads (https://www.videolan.org/vlc/stats/downloads.html), yet they do no telemetry at all. The product works great. It could be improved of course, but Outlook could also greatly be improved, and they have high-salary staff and a boatload of data they extract from users. Yet it's slow as hell and has lots of UX I disagree with.
I'm myself the author of a replacement of Windows "alt-tab" on macOS (https://alt-tab-macos.netlify.app/) which doesn't do any telemetry. I can lead the roadmap, with the help of the community, without spying on how users set their preferences and use the app.
As a matter of fact, it can be argued that acting that way can be negative value as it's reinforcing popular usage; or from the power-users perspective, dumbing down the software. By definition, advanced features will have low usage. It doesn't mean it should be removed.
Lastly, think about non-software businesses. Many amazing products have simply no way to gather data when the products are in the users homes. They rely on gathering data by talking to customers at the points of purchase, customer care, are in various forums with enthusiast users. This model has shown great results, so it is in no way clearly to be avoided in favor of telemetry-everything.
The sort of telemetry mentioned in the article is used for UX purposes, and God knows FLOSS sucks at UX.
And by the way, Debian collects and reports telemetry since the early 2000s, and Firefox is quite open on how much telemetry it collects.
Why is that so hard to understand?
Why don't developers ever push back against this sort of thing? Collectively we build this stuff, we are not 'soldiers following orders' which makes us responsible for what we create.
The current actual use is not relevant. Consent and the possible uses are relevant.
Every webserver logs the IP address and the URL visited. Do you think most people know this? Do deverlopers push against this?
I don't think the average person knows this. A lot of people even have no clue about internet. So there is no consent most of the time. And we, the developers, just let the logs running.
"with kindle, you’re using your own device and there’s no expectation that amazon will be snooping"
Well I would absolutely have this expectation. I expect a device that is connected to the internet snooping on me. Then there is the Amazon brand. I absolutely don't trust them so I expect them to snoop in me.
But to be clear: I absolutely hate that my privacy is gone. I use all kinds of blockers to disable tracking and I also agree with jacquesm snooping is wrong. But I still think his point is too black and white and therefore unfair.
I maintain a webserver - https://git.sr.ht/~ancarda/tls-redirector - that has no support for logging. If you wanted logs for some reason, you'd need to modify the source code to add that functionality.
Granted, tls-redirector isn't a general purpose webserver, but even in production I tend to turn off logging. I just don't see the need to have logs lying around that I never use.
Yes, most people know this by now.
Yes, some developers push against this.
Also: It's the law. Collecting data without consent is not always legal. Whether that particular bit of data rises to the level of requiring consent is left as an exercise for the reader for their particular jurisdiction and industry.
I was under the impression there was a revenue-allocation problem that Amazon needed to solve (Kindle Unlimited subscriptions?), that depended on reliable reading statistics. E.g. How many people read book A?
Wish I could find the article, but the implication was there were a ton of publishers attempting to game the system. For example, by publishing blank, very long "books" and having them "read" by software automation.
First, if an entity want my input and are going to use it, they should be decent enough to pay me for giving it. Why do users need to work for free for Amazon?
Second, is it opt-in? If not, then there's an ethical issue here, even if a manual opt-out option is given (does it?). If there's no opt-out, there's a double ethical issue.
Thirdly, is this data deleted once it's being used for the goals you mentioned, or is it kept, making it a risk both for leaking and for Amazing deciding to put it for a different usage in the future.
It's deception. Please put on the box a big warning, "THIS DEVICE COLLECTS YOUR DATA", similar to those on cigarette boxes.
A year or two ago Amazon was swearing that humans don't listen to Alexa conversations until we learned they actually do. IIRC Amazon tried to backpedal: "of course they do, it is their job, we meant humans don't listen _for fun_".
At this point just assume the internet connectivity as such a warning.
You can strip the big here.
Kinda like refusing to believe that climate change is real does not change the reality.
Also, plenty of people just leave the kindle in airplane mode and use third party software like Calibre to manage their libraries.
Creative Commons was on the right track with their human-readable licenses, see e.g. this example . Apple is on the right track with their App Store "nutrition labels" . This is what we need for people to make informed decisions. For physical objects like a Kindle, I believe such "nutrition labels" should ideally be put on the box (physical store) and website (online stores), so the consumer is aware before they go home and turn on the device (this makes it easier to compare the Kindle to a Boox or Nook at the store).
If the industry moved to a standardized disclosure form (e.g. something like the HUD-1  in real estate sales), people would stop complaining about this.
2. Nobody reads them because most of the time they are explicitly user hostile, I'm pretty sure they are designed to prevent users from reading them.
Understanding how the book reader features are used in practice is good. Selling the same data to a advertiser is bad. Profiling people into predefined groups is bad, and the technology has risk of having false positives/negatives that reinforce stereotypes. The law has yet to catch up to treat information gathered by libraries and information gathered by a developer of e-readers as being very similar in risks.
An instructive case here is Target figuring out that they could use customer purchase history to detect, with a pretty decent degree of confidence, when a customer was pregnant. They then proceeded to use this model to send out mailings, and those mailings resulted in people being outed in rather compromising and potentially seriously harmful ways.
Philosophy should always be store the minimum amount of data to provide the function that the user wants.
IP address is transitory and shouldn't be kept longer than needed for the tcp session, maybe it sticks in firewall logs, but that shouldn't be used for anything other than security.
goodread account details would only apply if you connect to goodread, I'm not sure what the benefit of that is, but I could see that 'user abc123 read this book' is useful data - again ask if you can send the data.
I mean, we already knew this, but it means any and all Amazon hardware must be considered potentially hostile.
Usefulness is NOT the same as usage.
Metrics can tell that story though so you’re arguing a straw man.
Example: If you see that 99% of users have never used a function ever - you have a pretty good idea that it needs to be reworked or removed. You may also see a function that is used by 80% of users once a month, that you may opt to keep.
Devs think it is either telemetry or develop blind but in reality software was developed (and possibly was better) before telemetry using focus groups.
Back when they had a cell phone in them. I was standing behind a guy who was supporting it. "Uh lets bring up where you are at? It says you are 10 miles off the coast of miami?...." "oh yeah I am calling from my yacht" "do you see any cell towers?" "no" "It kinda needs those to work. I am surprised I got the location data."
The Kindling never leaves Amazon properties; it is not yours even though you paid almost the full price of a book.
If there is rule of law in the US and EU, these will eventually become free e-books, that is, separated from Amazon; they will regain the status and properties of the book.
Same with any data you store on an iOS device. You never let a device you don't control have the only copy of any data important to you.
With all that said, I do dream of a PINE64 E Ink device (or something that's open and hackable).
Still, I think it has the best value proposition for an e-ink tablet at the moment, but I'd love to be proven wrong.
Who knows how long it will take to get good enough yields for affordable consumer products.
How much time and frustration do I potentially waste on something that no one ends up using?
Things like this are very useful and it's strange to me that people aren't sympathetic to that perspective.
It's the difference between someone inviting you to come into their home for a visit, and you breaking in whenever you feel like to take notes on what they're doing.
Telemetry can tell you what users are doing. It doesn't tell you why.
I'd rather people be able to opt-in, but conceptually I'm not really upset that people can see my usage patterns, etc.
Telemetry won't tell you nobody wants a feature you haven't implemented yet. User research might.
Attempting to get the subnet IP address? That seems pretty invasive.
From the article:
> Attempt to get the IP address on the local network (a 10. address, which was incorrect for me)
Fine. So you allow them to collect it. However, don't decide for others if it's "invasive" or "perfectly appropriate" for them or not. Do it opt-in such that people who wants to share their data could do that.
Oh yeah, and offer them payment for that. They deserve it.