Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
The Internet

Amazon Posts User Purchasing Data 187

Mark Denovich writes "Amazon worries those with privacy concerns with its new "feature" thatlets anyone view books, movies, and CDs ordered by amazon.com customers at corporations, nonprofit groups, and government agencies. " Its a neat idea, except that they don't let people opt out. This ought to get crazy.
This discussion has been archived. No new comments can be posted.

Amazon Posts User Purchasing Data

Comments Filter:
  • Yeah you could skew the #'s easily. I notice that National Semi's 10th book is:

    10. 101 Nights of Grrreat Sex : Secret Sealed
    Seductions for Fun Loving Couples
    by Laura Corn

    It's a good thing the Christian Right won't use any of these data on the companies in that list. Whew I was beginning to think there was a privacy problem :)

  • You see, I just had a several-hundred dollar book order on hold with Amazon, waiting on the last book to come into print in a week or two.
    Amazon just got sent a cancellation notice for the order, and it told them that "Product Circles" was the reason why. To add insult to injury, I included the identical order from www.BM.com.
    I'm actually curious to see their reaction. . .
  • Have anyone found an entry of the NSA?
    I wonder which books they buy?
    Probably "Securtiy for Dummies" or something :-)
  • I hate to say it, but from a consumer's point of view, this is an awfully cool feature. I spent some time playing around with it, and I can see a definite value here.

    I'm sure they are in fact aggregating data by domain name - but that's nothing new, anyone looking seriously should know that they're aggregating data on an individual level. That's where all those nice handy "Recommendations" come from. The problem is, well, can I be frank? They're pretty darn useful. That's why they're there. That's why these new features are there.

    As long as there's no way of disaggregating it to an individual level, I think this feature is harmless fun. I think that if they put a more aggressive minimum on the number of people aggregated (say 1,000), it would be entirely unobjectionable. I'm sure there are still plenty of groups that big.

    I have to say that I'd hate to see this feature go, even though I have a single-person domain name. I don't think we single-person domain holders have anything to worry about, though - a "bestseller" on our list is the sale of a single copy of a single book, and that's not going to get these folks excited.


  • I hate to say it, but from a consumer's point of view, this is an awfully cool feature. I spent some time playing around with it, and I can see a definite value here.

    Really? What? I find bestseller lists almost entirely worthless. I'm sure someone is reading all those lousy Grisham novels, but I definately won't. Now we can find out what they're reading in Aberdeen South Dakota. The only people who care about what they're reading in Aberdeen South Dakota are people from Aberdeen South Dakota. As someone else suggested, only if you are part of the community, then you get to see the relevant purchase circles.
    That's where all those nice handy "Recommendations" come from. The problem is, well, can I be frank? They're pretty darn useful. That's why they're there. That's why these new features are there.

    I like the recommendation feature, too. The debate is not about whether a company gathers data about their customers (all do). The question is about the company's distribution policies. When I get a recommendation, the page doesn't say ``%50 of Intel employees liked this book''. What it does say is ``Customers who bought these items also bought...'' Can you see the difference? Do you think it's relevant? The employees of Intel might. If you don't think this will change company policies or purchasing practices, you're wrong.
    As long as there's no way of disaggregating it to an individual level, I think this feature is harmless fun.

    Fun? Only in some voyeuristic way, I think. Why is it okay to spy on many but not okay to spy on one person? Where does the cut off come? What's to stop Amazon from deciding one day that 50 is an okay cut off, or 25. Why can't the purchase circles decide if they want to be observed or not? Don't answer ``logistics'' because that misses the bigger issue of whether a puchasing circle has any rights. This matter is much more complex than the harmless fun you and Amazon are trying to paint it as.

    Fortunately, of course, individuals can opt out. I'm moving my purchases to B&N and fatbrain.com. I know another person in my company will be dropping Amazon, too. Judging by this thread, a majority of /. readers will be, too.

  • I feel sorry for the poor bastard at feedback@amazon.com [mailto]. The inbox for this account has gotta be overflowing with complaints.

    This is a stupid idea. People don't like to be 'watched' and vehemently protest it.

    What if you buy something "objectionable" to someone else?
    Would you want your spouse/boss/coworkers to know what you're reading?

    Now, picture this, a book is shown as purchased at your domain. Your 'management' is upset by this revelation. They crawl all over the IS department to FIND the bastard that bought this book. If they can't find the person then what? They'll most likely implement some draconian filter/blocking mechanism.

    Of course, if they DO find the person, what else are they going to find in the reams of log files they had to read?

    It never ceases to amaze me how fucking stupid marketing people are.

  • Are you all beyond believing that big and mighty Amazon.com cannot possibly have security holes? Your credit card number will be a)in transit b) in a database on a server for a thousand years. Oh, and choose a damn good password. Brute forcing passwords from Amazon using form submits is easy.

  • by Anonymous Coward
    It looks like this is now an opportunity for telemarketers to pick up on selling books now.

    Customer: "Where did you get my number?"
    Telemarketer: "We got your name from a company that says that you like to read Linux books. Are you interested in Learning Linux in 10 days?"

    I seriously see this happening. I currently work as a telemarketer (although this is my last week in the job - I got a good job in the Silicon Valley that I start in September).

    There was a post earlier on that mentioned that if you put your name in the phone book that you're opening yourself up. Not entirely true. Out of the lists that our company buys, we have a lot of unlisted phone numbers, and the people we're calling are quite pissed off when they find out that the credit reporting agencies in the U.S. got their number anyway.

    You know, I may only be 23, but I have a fondness for the days when you went to businesses, not when they called you 10 times a day to sell you credit cards, mortgages, long distance and satelite packages (which I admit to being guilty to, but hey, I have bills to pay too).

    I personally will not be buying books from Amazon now. I find it funny that people don't seem to care that Big Brother is coming and they don't care about stopping companies who actively do this kind of thing.

    Perhaps if we present them with their complete life (including all of the porn and everything they've bought, and everything wrong they've done), they'll be convinced.

  • Just out of curiosity, what exactly is the difference between putting tracking information in a cookie, and embedding it in the URL?
  • #9 for the army - Mastering Microsoft Outlook 98
    #2 for the navy - PC's for dummies
    #3 for air force - Microsoft Windows Nt Workstation Resource Kit
    #1 for the marines - CCNA: Cisco Certified Network Associate Study Guide

    Note that the Outlook book was in all four lists...
  • And the final book that I just bought from Amazon last week was...

    1984 by George Orwell. In a few months when they look over my purchase history, trying to figure out why I suddenly stopped shopping there, 1984 is the last thing they'll see.

    Have a Sloppy day!
  • I'm 16 and have bought stuff through Amazon (I have a credit card in my own name). I thought collecting data on minors was made illegal by the Fed not so long ago. And since Amazon never asks how old you are, some of their harvested profiling data must include purchases by minors. This makes amazon's entire database illegal. Sue 'em! Once this issue goes public, their old DB will have to be trashed for legal reasons and they won't be able to start another one since the now-aware public will demand a privacy statement or opt-out feature from Amazon.
  • Thanks for the book recommendation... B)

    (Click Click... sorted)

  • Lets be realistic here. They have the right to do whatever they wish with the information they gather. HOWEVER, distributing it publicly on a scale like this could have extreme adverse effects that I could see ending in massive lawsuits if Amazon didn't remove them. This is especially serious when a small company like mine may take a U-turn at some point and buy a bunch of books in a new direction. This would blatently disclose private company plannings. I won't buy from amazon until this feature is removed no matter how cool it sounds. I hope that everyone else feels the same way.
  • It doesn't make them accountable in any way,
    really. They can change the policy any time
    they want - TrustE does not require them to
    keep it steady. So, all they have to do is
    periodically change the policy completely
    (remember, notification consists of posting the
    new policy), do bad things, then change the policy

    TrustE exists to try to prevent other watchdog
    groups from gaining acceptance. Don't buy into
  • Who gave them permission to share my contact info
    with their marketing department? Privacy means you
    use personal info about me only with my permission.
    Use, not just sharing, is part of the picture.

    TrustE does not require people to agree not to
    sell names. For instance, Amazon says they may
    at any time start selling names, so you still have
    to ask them not to. Something like TrustE is not
    as good, IMHO, as the Powell's privacy policy
    (http://www.powells.com/info/privacy.html). Note
    that they don't say anything I can see about
    TrustE, but they are offering you more privacy
    than most companies who do.

    TrustE is like an ISO9001 certified organization
    which has documented that it sucks. It doesn't
    help that they have proof that they suck; they
    still suck.

    Hold out for reasonable policies, and let the proof
    be in the pudding.

    (Disclaimer: I am a happy Powell's customer.
    I don't work for 'em, I don't get paid by 'em,
    but it is important to me that they stay in
    business, because they are an excellent source
    for books.)
  • Wow that is intense, Ill have to remember to not order from there as a company then.

  • Make an even better statement and send your business to www.bookpool.com (only after asking them for an email stating that they would not do something similar).

  • Of course, you're assuming that the majority of customers will figure out what's going on.

  • Suppose you have a company that is having a bad quarter and the employees have pushed "What Color is Your Parachute?" to #1 for that domain. It would cause serious damage to stock value.

    Also, these types of marketing schemes may cause a situation where companies will not allow the ordering (and shipping) of books to the office which was invaluable to me when I was in an office due to the fact that I was never at home when they would be likely to arrive.

    Finally, I shudder to think what kind of info Amazon may sell if this is something they would make public. I think the failure of their Catch-22 theory of profitability is making them desperate to explore new avenues of revenue stream.

  • It's even WORSE than that, though. They agglomerate by your ISP as well, for instance "Mindspring", "AOL", etc, and by geography. When I went to that page they had several specialized links "just for me" -- my local Boston ISP (a *small* one), and a "Boston, MA" link (presumably from my shipping address).

    Although they claim these statistics are coming from group research, what if you have your own domain, with only one user at it! In that case, they clustering they are doing is equivalent to person profiling.
  • I have seen all the arguments about how we are loosing our privacy, and our lives are becoming more and more public as a result of technology. Personally, I haven't seen any big changes in my life.

    I'll tell you what I have noticed. I just got back from a 4 day trip out of town, got home, and found 84 messages in my email Inbox. 3 from cron, 4 from people I know. Well over 70 of the messages were spam.

    Any time anyone wants personal information about you, beware. It's not that they will see your every move. It's not that they will know what you eat and change your health insurance rates. It's not that they are going to tell your mom where you were last Friday night. What they will do is _eventually_ sell the information.

    Information is a commodity, and if they tell you they want it to provide you better service, tell them your happy with the service you get now. "Better Service" is a nice way to say "Targeted Direct Marketing." And for the slow witted, "Targeted Direct Marketing" is sales calls when your eating dinner, 70+ spam mails to sort through when your trying to see what your boss said happened at work when your out of town, and a dozens of dead trees sliced up to make coupons to fill your mail box.

    I will choose not to buy from ANYONE who collects such data if I am aware of it. Not because I think they will end up "peeping" or "reporting on me to an athority." I don't think I have anything to hide, but the more junk mail I get, the more I change my opinion on the whole issue. The protest here is in the wrong form, realize, privacy is a part of it... But freedom from "Better Service" is a part too.

    They know what they sell and what they don't. They know what ads work and which don't. If they didn't have good service, thier SALES would reflect it, and they sure know how to read those numbers. DO NOT FALL INTO THE TRAP. No matter how well intended, how safe guarded, how secure they say the data will be, someday, some how, someone from marketing will get thier grubby little hands on the data and exploit it for all it's worth.

  • by drwiii ( 434 ) on Wednesday August 25, 1999 @07:35AM (#1725992)
    Does it really surprise anyone that the most popular books bought by people at Microsoft are about Bill Gates, invisible computers, and Netscape?

    Uniquely Bestselling Books: Microsoft Corporation [amazon.com]


  • I've bought a shelf full of animals + 4 oracle books from FatBrain (Computer Literacy) - some of which I actually finished (still working on that copy of Sendmail ...).

    But who's to say that FatBrain will be any different from Amazon? Once the transaction is recorded, its there forever. The cost of storage has changed everything - the word 'expunge' should soon be leaving the venacular ...

    Your transaction history is going to follow you.
    Look at the other article about 2.3 Terabytes of storage for $50 in 2 years. IDE storage is now approaching $10/Gigabyte. Lets just assume that a tranaction required 100K.That's 10 transactions per megabyte. 1,000 Transactions per Gigabyte.
    Cost of storage is not a factor. A penny for your thoughts? How about it only costs a penny to store your purchase.

    So even if your book vendor doesn't post the aggregate data on the net, who's to say that they won't resell said data to a third party? If you want anonymity, there's only one word in the USA: Cash. No extended warranty purchased along with the item, no warranty form filled out, no delivery address. Cash and carry.

    Trade convenience for your identity. Its easy. Its fun.
    What time did you get on the train today?
    What time did you go through the EZ-Pass booth today. Where were you headed when you went through the Toll Booth at the State line on August 25th, 1999?
    Great Britain has radar detectors equippped with cameras mounted on overpasses. You speed, you get a photo taken of your license plate. You get a ticket in the mail. Add a transponder to the license plate (Don't you think that having GPS in your car will be cool? No.) and you could be tracked everywhere.
    What videos did you rent Today? What books, what TV shows did you watch? Which ones did you download for later? What CD's did you buy?
    How many pounds of unhealthy red meat did you buy this year at the Supermarket with your discount card? You Insurance company would love to know. "Your request for open heart surgery has been declined - too many bags of charcoal."

    The credit card companies are doing the same thing. They know what you buy. "Double your warranty if you buy with our card". That also means "Identify all of your purchases with our card. We're just going to provide the info to our partners ..."

    Transactions will never be deleted. Archived, yes. Resold to another party where they won't be 'archived'? Yes. Mined.
    Expunged? What does that word mean again? I remember hearing that word mentioned 15 years ago when a friend of mine turned 18 ...

    I don't mind letting the world know that I purchase Linux texts. I don't mind letting the world know that I buy computer hardware. If I have nothing to hide, why worry? But what if you take a trip to Europe. Can you imagine having to clear U.S Customs:
    "What? I see here on your passport that you traveled through the Netherlands? Step into this booth and provide a urine sample".
    'But I don't understand, Sir. I have committed no crime here in the U.S.A.'
    "Yes, but we have reason to believe that you may have visited a Hash Bar while in Amsterdam".
    "It says here that you use Linux and that you bought 3 Pink Floyd, 2 Metalica and 1 Phish CD this year. You have been profiled".
    "Drugs are illegal here in the U.S. If you are carrying drugs in your bloodstream, in your body at all, you are in violation of U.S Law".

    What if your next employer designs systems for the Government, or one of its Military contractors?
    I have been asked by FBI agents concerning the behavior of two friends, one from high school and one from college, concerning their worthiness of a U.S. Military Clearance. That's where it starts. Next, its the Teachers. Then its the Transportation workers. That employer won't be your next employer.
    Where would it stop?

    The information is being amassed. No one can stop that. Developers are no longer limited by 255 entries in an "IN" clause. Create a temporary table on the fly. Throw it in a view. Everything "scales".
    I hope that XML fails.
    The last thing we want to accellerate is the interoperability of the various Fedreal, State and Local agencies. Combine that with the Insurance Industry. Feed that info to the Laywers. They will take that info and collectively shit out the little marble of dark matter ... which will be powerful enough to fuel litigation into perpetuity. (yes, I watched Futurama this week).

    I don't know who said it, but I've seen the sig "The Revolution will not be televised". I now know what that means. Don't rely on your government to protect you. Educate fellow Citizens to help protect each other from The Government, from the FUD.

    Don't look for thorough coverage of this type of issue in the Media, as it will not be there. Who buys the Advertising?
    The New Media sites are buying up the 'Old Media' advertising vehicles as fast as you can say 'IPO'.

    Don't just be a consumer. Use cryptography now, because someday you will need it for real - like tomorrow.

    my apologies for the length of the rant, I hope you found something wothwhile in it ...
  • I find it very telling that Amazon is NOT a Trust-E member. I went looking for the gif and there wasn't one, then I checked http://www.truste.com, and sure enough, they are not a member.
  • 2. Instruct employees to use a generic e-mail address like @yahoo.com or @hotmail.com

    Uh, its not your email address they're using.
    Its the IP Address of the NAT, Masquerade or Firewall that they're tracking. Did you notice that little yellow lock in the corner of your browser when you gave them your credit card #?
    that was a secure connection (hopefully with the massive 128 bit key that the US Government still allows us to use). Have you ever heard of TCP/IP?
    Its not your email address they use to set up SSL.
    Think about it - if they didn't know where the packets were coming from, they couldn't return the data that you requested to your browser.

    I completely agree with the Cash. Funny thing though, on last week's Law and Order, they nailed the guy with info obtained from a bookstore where the guy placed an order, but didn't even buy the books! Timed-stamped video cross-linked to the purchase stored in an Oracle8i database (enabling the information age) will soon strip your identity our of the cash purchases. Throw in an audio recording along with it, while you're at it. "How are you today" will mean - "Please identify your voiceprint for our records".

    Can you legally walk into a place of business with a ski mask on and not be thought of as a robber?

    "He was concealing his identity! Thief! How dare he steal our marketing data."
  • What about people -- such as myself -- who have their own domain name? If I'm reading this correctly, it means that they would essentially be profiling me individually.
  • Why wouldn't a company block a domain?
    If they mange their own firewall, its just one entry in their config script, or one item in a list in their commerical-GUI Firewall/Proxy Server. What information does a company want to provide to its shareholders? The quarterly reports, where any meaningful info would require a beowulf cluster searching through the universe of legalese and verbage. Companies spend as much as hundreds of millions of dollars a year building a brand, and they're going to let that image be tarnished by what their employees purchased using the employers' computing system?
  • This is scary, but I can see having a lot of fun manipulating the results. For instance get together with my fellow engineers and purchase a book such as Araki: Tokyo Lucky Hole [amazon.com]. Suddenly it looks like the number one purchased book at my company are nude photos of oriental sex workers.

    The drawback is the lengthly conversation with Human Resources that would result.
  • I have just become aware of a new "feature" at your website. (http://www.wired.com/news/news/business/story/214 17.html).

    I have been a customer of yours for years. I bought my first book from Amazon back when few had ever heard of you and "e-Commerce" was a unknown phrase throughout most of corporate America. Since then, I have spent hundreds of dollars a year at your site. I have considered myself a very loyal customer. I have refused to even visit the Barnes and Nobles site out of princible. When Slate ran an unfair attack on your site "Amazon.com", I lept into "The Fray" and loudly defended you on their message boards. I've recommended you to friends and relatives.

    But until this new "feature" is removed, I will not purchase a book from you.

    It doesn't matter what your "privacy policy" is, or what anyone else's rules are. That is irrelevant. The only thing that is relevant is that I, as a customer, can choose who I do business with. I, as a customer, choose to do business with companies that I feel treat my fairly. I do not feel this sort of thing treats me fairly. For example, if I were to get my own domain name as I have been planning to do, your site would then provide anyone with a list of my purchases. Not particularly in my best interest, I think.

    So, I hope your policy on this changes, because I do want to be your customer in the future. If it doesn't, I won't be.
  • Well, after advocating online purchasing to friends and family, I hate to see an abuse of privacy like this! Where I work (a University), there is a huge concern over the "Freedom of Information and Protection of Privacy Program" (FOIP), to the point where we can no longer view access logs of the web pages we have on the system. For some of the stuff I have to do here, FOIP can be an irritation, but when put in perspective, I can see why the program is place.

    I should mention, I don't buy from Amazon ... but I do buy from Chapters.ca, a Canadian online bookseller. Methinks I will be checking to see if they have any privacy policies in place ...

  • Yes. Also found it amusing a book by Gates was #1 and a book trashing Gates (The Microsoft File) was #9. I bet Gates isn't happy about that second one at all :).

    The book "Competing at the Speed of the Internet" probably means they're getting ready to do battle with open source -- or switch sides. :)

    What would be really funny is to see "Linux for Dummies" there.


  • metaspy.com [metaspy.com] to find out what searches other people are running on metacrawler.com [metacrawler.com]. There are both censored and uncensored version of metaspy. ;-)
  • hhmmm.... Amazon... sell... FatBrain.com's ticker symbol is... buy buy buy

  • The number 2 book for the US Navy is:
    "PC's for dummies"
    The number 3 book for the US Marines is:
    "The path of Daggers" (Robert Jordan)
    The number 4 book for the US Federal Judiciary System is:
    "Memiors of a Geisha" (#2 in House of Reps)
    The number 10 book for the US Senate is
    "Sugar Busters! Cut Sugar to Trim Fat"

    ...and you thought your tax dollars were wasted on Social Security... ;)
  • by JoeBuck ( 7947 ) on Wednesday August 25, 1999 @09:24AM (#1726009) Homepage

    The following is a letter I just sent to the nice folks at Amazon.

    Hey people:

    (I was considering the salutation "Ladies and Gentlemen", but ladies and gentlemen don't behave as you have.)

    Don't you guys know that even as I type this, paranoid companies all over Silicon Valley (and believe me, we are all paranoid) are installing blocks to prevent their employees from connecting to Amazon?

    As for your "top 7 questions" you list on your "Purchase Circles" web page [amazon.com], are you really claiming that these are questions that real people are asking you? I'm sure that the real "top 7 questions" you are getting are:

    • How dare you?
    • What were you thinking?
    • Do you want to wreck your business?
    • Where do I send the cease and desist order to?
    • What kind of pea brains work for your marketing department?
    • Why do you think you have the right to violate our privacy in this way?
    • How do we get the page for our organization removed?

    My wife and I have frequently bought books from Amazon. We will not buy another book until two things happen:

    • "Purchase circles" are gone.
    • You institute a decent privacy policy (e.g. join TrustE or something similar).

    I have also recommended that out network support staff cut off our company from Amazon. People can buy books from home if they really want to.

  • Well, I found

    Varieties of Man/Boy Love [amazon.com]


    Witchhunt Foiled: The FBI Vs. Nambla [amazon.com]

    "Witchhunt Foiled" sure sounds like propaganda, or at least extreme bias.
  • Broken down into meaningful catagories where it can be exploited and used to gain un-intentional information. I wouldn't care if they were to do it solely based on geography, but since they're doing it on organization, they are telling people such 'n such organization is working on such 'n such... Not something I'd want my company involved in.
  • You have forgetten the most fun one: Telemarket to the telemarketers :)
  • I can understand that businesses might be wary of letting their competitors know what they are buying, but I don't see why ordinary consumers *should* care.

    If Amazon wants to take details of what books I buy, and share them with other book buyers to help them find books they want, I don't have a problem with that. In turn, I would hope that the other buyers will be happy to share their data to help me out.

    It's not as if disclosing what type of books you like is any big breach of privacy. Many people put up web pages containing such things, or their lists of bookmarks, or whatever else.
  • I feel like many other posters here: This is a violation of privacy. Look at the Top 20 for DaimplerChrysler: [amazon.com]

    A book about designing organizations,

    an english dictionary,

    a book about how Germans behave and how to get along with them.

    Considering that DaimlerChrysler has merged from a U.S. and a German Company, still having problems concerning the integration of the two management structures, this is exactly what you would expect to see in the book purchase Top 20 for DaimlerChrysler.

    This makes it even more discomforting that at 3rd place it's How to Get Started in Electronic Day Trading : Everything You Need to Know to Play Wall Street's Hottest Game. Doesn't make you feel good about the quality of DC's new cars...
  • The privacy violations are obviously of some concern, but the only significant difference from countless other such marketing ploys that I can see is that Amazon is publishing this data publically. And ironically, it's data on the very same companies that would seek to follow the same practice! Every company wishes to build up these kind of buyer profiles so that they can be even nosier and bother us more often (targetted bothering only, of course ;-).

    Heck, at least Amazon are coming (partially) clean about what data they hold and how they use it. And they're doing it with the big names that do it to us in secret. Excuse me while I weep crocodile tears.

    This is not to say I want to go down the slippery path towards full disclosure of individual purchases, or even that Amazon's "cool feature" is a good thing long term. But the action itself is quite radical in this form.

  • The data given on this 'service' just looks totally bogus to me. I mean, if we look at my geographical region, Ireland, then #1 book is
    The Committee : Political Assassination in Northern Ireland
    which is what I thought it would be, but #2 is a book about Larry Ellison!! And this is throughout the whole of Ireland? I think not. I could stop about a hundred people on the street before I found someone who even knew who he was. They must be using a ridiculously small sample to calculate these.
  • Probably a good thing. I could see this doing real harm to small companies developing a technology in secret.
  • I just found it on their web site (and feel a little better now!):
    Does Chapters.ca disclose personal customer information to third parties?

    We don't currently sell or rent users' non-aggregated specific personal information to third-party companies, but we may decide to do so in the future. If this were to happen, Chapters.ca would announce such a plan by e-mail and ask you to "opt in". By default, we'd assume that you don't want in - if you wanted to share your personal information, you would have to respond to the e-mail. If we didn't hear from you, your information would not be distributed.

    Chapters.ca reserves the right to cooperate with local, provincial and national officials in any investigation requiring either personal information -- including any personal information provided online through www.chapters.ca -- or reports about lawful or unlawful user activities on this site.

    Chapters.ca also reserves the right to change this Privacy Policy at any time. We also reserve the right at any time to disclose any information in an individual's account:

    i. to satisfy any law, regulation or government request;

    ii. if such disclosure is necessary or appropriate to site operation; or

    iii. to protect the rights or property of Chapters.ca and its users, sponsors, providers, licensors or merchants.

  • I hope Amazon doesn't buckle under from the privacy / black helicopers crowd.
  • Well, I hate to say it, but I purchased several books from amazon just this morning. I like thier search engine and the reviews included. However, this is going to make me reconsider using ANY online ordering. From now on I'll find the books on amazon, then go to my local bookstore and buy them. Also, to complain to amazon, email info@amazon.com (maybe a little slashdot will help them rethink things)

  • It's not like this is anything new. It might be new in the sense that it is open to the public, but don't think they had to do some huge database rewrite to put out the information.

    It's easier to sell someone something if you know that they already want it. The more you understand your customer, the more you can appeal to him/her. One of the advantages of advertising on a specialty cable channel is you already know the kinds of people who watch it. If you want to sell sports memorabelia, go to your local cable company and get on ESPN, rather thatn going to your local bradcast station.

    So how narrow can you define your market? Realize the ideal situation of being able to keep track of everything everyone buys is becoming more real every day. When you go to the grocery store, they might tell you that if you have a card, you get special discounts. What is the purpose of this card? To define "special customers"? No. Credit card machines and check verification devices have been integrated into databases to keep track of customer purchases, but what about cash? These cards are there to be able to monitor everyone's purchases.

    Now, instead of sending you a general flyer, they can send you one more likely to bring you in, according to whatever category you fit in (He buys food like a bachelor, let's send him some Hamburger Helper coupons, or ramen 10/$1).

    Why does this bother me? It seems to give the seller too much control over the average buyer. Most people don't really want to have to search to find some things, especially books or music which is what Amazon.com started out in. By keeping track of the fact I bought a book on knitting last week, the next time I come to amazon I get to see 5 more books on knitting. I like knitting (ok, not really) so maybe I buy another. I like a lot of things, which I might have decided to choose a book about, but I'm lazy. Or worse, maybe crocheting isn't something I've really been interested, but it's a bit of a fad right now. I never would have been exposed to crocheting, but amazon knows I like knitting, and think knitting=crocheting, so bombard me with crocheting until I finally buy a book in crocheting, perpetuating a lame (IM imaginary HO) fad.

    Which brings me to why I think this move is obvious. Amazon.com has profiles on millions of purchasers and their buying habits, worth who knows how much money. I believe they are:

    A. (and I hope) just flaunting their resources to show what a powerful company they are.


    B. (and I hope not) flaunting the database that they plan to sell to whoever wants to give them tons of money.

    As a footnote, I would like to discourage anyone from using those "digital wallet" things. If you use one of those, the company you use would know every purchase you made, and has much less obligation to your privacy than say a credit card company. Just don't use them. Really.

  • Their 1-click ordering feature is similarly problematic; it gets turned on by default every time you buy something. I'm not sure where it stores all your credit card and address info (cookies or on the remote server?), but it does and makes it *real* easy to use them.
  • Can I moderate somebody up simply for having a very funny mailsig? :-)
  • A rough roundup -- incorrect, incomplete, mostly tech/nonfiction, blah blah. For some interesting countries.

    Israel: Israel and the Bomb, Susanne Vega, Design Patterns, Effective C++, The C++ Programming Language, More effective C++.

    Lebanon: Day trading stuff, Satanic verses (Ok that's fiction), How-to-become-a-millionaire stuff.

    Ukraine: GMAT (that's not GNAT, mind you).

    China: EVERYTHING is about China.

    Qatar: Oracle, Oracle, Oracle.

    Papua New Guinea: The Camel book is among the 7 that listed (it's 20 for most countries).

    Barbados: Java stuff (also 7 books listed. Coincidence?)

    Also, Microsoft stuff (of course) and Motley Fool are everywhere. Hmm, interesting...

  • Also noticed that UML books are popular in Europe.
  • The section on Purchase Circles that shows up under the account maintenance area does NOT allow anyone to "opt out" of having their data included in the purchase circles. It only determines which circles show up by default on the user's screen when they log in.

    Just because you don't look at a circle, doesn't mean you're not being lumped into it.

  • Subject: Dump this or I am dumping you.
    To: purchase-circles@amazon.com
    From: Randy Rathbun
    Date: Wed, 25 Aug 1999 21:27:55 -0500

    I currently have a $120+ order pending with your company. If this "purchase circle" is not done away with immediately, I will be canceling this order, I will also be removing any and all links from my website to the amazon affiliates program, and I will never visit any of your web sites or do
    business with you again. Period. This includes links to IMDB.

    I will be checking your website the afternoon of August 26. If this thing is still in effect, my business will be taken elsewhere.


    Randy Rathbun rathbun@spamcop.net

    Maybe it is just me, but I think Amazon is gonna get hurt in this deal.

    Mister programmer
    I got my hammer
    Gonna smash my smash my radio
  • Even if amazon didn't do this, the information would be accible by certain (if not all) amazon employees, who could conduct the corperate espionage by themselves. Having the information is "easy to get" isn't really any worse than the situation of it being "not really so hard to get."

    All I have to do is find someone who has access to the information and make it worth their while to give it to me. Given a few thousand dollars of effort/money , it would be pretty straightfoward.

    To anyone who has worked themselves up into a hissy fit about it, get over or it. Or else start demanding protocols (purcasing and otherwise) that make privacy inherent in everything you do.

    Privacy can't be acheived by assuming everyone is going to be nice. You have to protect yourself.

  • Using a URL instead of a cookie makes the paranoid
    feel warm and fuzzy. It also makes it harder for
    websites to personalize your experience.

    "Up with cookies!"


    Why are there so many Unix-using Star Trek fans?
    When was the last time Picard said, "Computer, bring
  • Yeppers. That above letter just about sums it up. In the past 18 months, I have order over $11,000 worth of books, videos, tapes, and books for students, classes, and reading circles. A worthy investment I thought, as I was doing it to donate to a worthy non-profit organization.


    As of today, I have cancelled all 4 of my pending orders, and have told Amazon, that I will never order a book through them again. As well as hurting Amazon, I am also hurting the non-profit mentioned above. And I don't wish to do it, but I don't really have a choice. I feel very uncomfortable with the idea of all the purchases I made making me some singled-out target.

    Combine the above with the fact that I own a domain, and I'm the only user on it, (And it's listed!) Even if there was an opt-out feature. I don't care. The whole thing just smacks of corporate whorage.

    Amazon, fuck 'em.
  • > Do they get a discount if they buy from
    > themselves?

    Nope. My friend there gets free delivery (for books and music only), but no discount.
  • Well, I think the Purchase Circles are interesting.

    But making them all available to the public is NOT.

    You should only be able to access a Purchase Circle if you are a member of that Purchase Circle. That way they can't be used for industrial espionage and by marketeers.....

  • "
    Will Amazon.com disclose the information it collects to outside parties?
    Amazon.com does not sell, trade, or rent your personal information to others. We may choose to do so in the future with trustworthy
    third parties, but you can tell us not to by sending a blank e-mail message to never@amazon.com. (If you use more than one e-mail
    address to shop with us, send this message from each e-mail account you use.) Also, Amazon.com may provide aggregate statistics
    about our customers, sales, traffic patterns, and related site information to reputable third-party vendors, but these statistics will include
    no personally identifying information. "
    But, we will list what your company likes because we think its cool.
    I say don't buy from them, and send them an email why. I remember specificly that these are the same people who spammed my mailbox a couple years ago after buying a book. They repeatedly ignored my requests to remove me from their list until I emailed the admin under the whois info. I got a pretty quick apology, and they added functionality to be removed from their mailing list after that. They aren't the most diplomatic of chaps working there. This is a perfect example.
  • Yeah, there's lots of interesting tidbits.

    For example, Apple:
    1. Apple Confidential - the real story of Apple Inc.
    2. Apple: The inside story of intrigue, egomania, and business blunders.

  • Lets face it, books are a commodity item; there is no good reason to buy a given book from one online vendor vs. another. (ok, you can quibble about 1-click ordering being more convenient, or some such, but lets keep some perspective -- the worst, clunkiest online retailer is still hundreds of times more convenient than getting off your butt and driving to the store, and we used to do that all the time!) If low prices are an issue, use pricescan [pricescan.com] or somesuch to find the cheapest e-tailer that respects your privacy.

    By all means, vote with your wallets, but take an extra second and let them know why. Tell them that they have invaded your privacy, violated your trust, and, as a result, lost your business. They deserve to know why, and enough feedback might just get them to reverse their decision. If other online stores see them get away with this, it could spread. But if we squash it now, no one else will dare. Speak out! Amazon has a special email address [mailto] specifically for accepting comments about this "feature." Use it. Don't flame - no one listens to flames. Be firm, be polite, be concise, but most of all, be heard.
  • After peeking at who's buying what where, I have to admit that it's pretty interesting. However, companies profiled will quickly change their buying habits to make this feature useless by:
    1. Stop shopping at Amazon altogether.
    2. Instruct employees to use a generic e-mail address like @yahoo.com or @hotmail.com

    I think Amazon should definitely offer people an opportunity to opt out, especially companies. There is a very high probability that their rivals will use this information to their advantage. However, I think purchase circles based on geography are more acceptable. They are more anonymous (assuming it's not a population of 100) but also less interesting than company data.

    For those of you who vow not to shop at Amazon anymore, be aware that ALL the companies are going to be doing this. They just won't tell you about it. The bookstore tracks your purchases. The credit card company tracks your purchases. The company you work at might track your net usage. Maybe your ISP even tracks your surfing to find out what sites are the most popular amongst its members. The safest option is to go into a bricks and mortar store and buy things with cash. It's a little more inconvenient and a litte more expensive, yes. But if you're paranoid, it's the best way.
  • #7 at Hotmail:

    The Multi-Orgasmic Man : Sexual Secrets Every Man Should Know

    This is just too amusing :)

  • the number 7 book at EMC is "Hannibal", the sequel to the silence of the lambs. slightly sickening
    http://www.amazon.com/exec/obidos/tg/cm/browse-com munities/-/210278/002-3273012-80772 14 [amazon.com]
  • I am in a Purchase Circle with everyone from my primary ordering domain: cmu.edu. If a person is from a large domain ( almost any .edu, microsoft.com, etc. etc.) the purchase circles are useless from a consumer's point of view. Knowing the most frequently purchased book from cmu.edu is useless to me since there is no reason that a common domain would correlate to reading preferences.

    This feature does nothing good for consumers -- unless they are trying to spy on other consumers -- and is quite destructive in the cases where, as someone pointed out, a domain is held by an individual whose preferences can then be pinpointed.

    I never thought I could be swayed from Amazon, but this is it. Too bad for Amazon, since I just signed on to purchase $300 of textbooks.
  • Hahahahahhaa, very fitting : )
  • I've been nervous about them for a while, but just to make sure, I added "amazon.com" to my packet filter. Now they no longer exist for me, not even the stupid buttons that they stick on everyone else's site.
  • When a telemarketer calls, it's an opportunity to be silly without worrying about offending anyone. What are they going to do -- quit calling?

    1. If you play a musical instrument, put the receiver in front of your instrument and start practicing. It doesn't even matter if you play well. I suggest picking an instrument you just started on that day.

    2. If your spouse gets stuck with one, have fun! We made one guy really uncomfortable because I kept yelling at my spouse to get off the phone and fix my chicken pot pie NOW. Having a Texas area code and a convincing accent helped.

    3. Make up something exciting going on outside and narrate. Car crashes, SWAT team raids, and dog attacks are all good "Ohmigod!" interrupters. Once they've been derailed from their script, see if they're able to get back to it.

    4. Wait a few beats, then start echoing their script back to them. See how long they keep going.
  • I never buy books. I simply treat all the books in our local Borders, in out local public library, and in our University library as my personal property. Whenever I want to read one of my books, I go to the friendly people who store my book and read it.

    Don't forget to bring your own coffee to Borders and read the New York Times and a couple of magazines for free. Whenever you feel like reading something at home (I rarely do), just buy it and return it after you're done with it. Or get it from the library.

    Corporations try to screw you all the time. It's only fair to screw back.

    By the way, have you ever realized that advertising is not only annoying, but that you personally pay for it if you buy one of the advertised products?


  • This is the response I sent to their feedback address a few minutes ago:

    A common comment I have seen from Amazon.com regarding the creation of Purchase-Circles is that it is anonymous. No information is tied to any person.

    I know that, in today's world, this may seem odd, but I hold a certain degree of loyalty to my company. Believe me, I spend enough time here that my company is truly a part of me. While you may not be able to track purchases to me, you will certainly publish all of the purchases my company makes. To presume that concept of anonynimity only applies to individuals is absurd. Rather than violating the privacy of an individual, you are violating the privacy of a group of individuals. The difference is insignificant, except possibly in the minds of whatever suits dreamed this up. Perhaps this would pass in a traditional, bricks-and-mortar, beaurocratic company that is capable of cramming it's will down their customer's throats, but this is not behavior that should be accepted in the Internet community, nor by the purveyors. It is unfortunate that Amazon.com is no longer a leading member of our community.

    With the advent of Purchase Circles, you have decided to publish information that my company may deem private. As a manager of our IT group, one of my tasks is to ensure that electronic communications with our suppliers and vendors remains private. We do not want our competitors to learn what purchases we make, because this may give them some insight into our current or planned production, or, worse yet, our R&D efforts, the secrecy of which we deem critical to our future success. No vendor or supplier we deal with should ever publish information about what business we do with them, especially without our permission.

    I personally will not pursue any business with Amazon.com because I believe in ethical Internet conduct, and you have violated the values on which the Internet was built. Regardless of whether or not you will publish my personal information, I will not send my money to a company that implements such an absurd practice.
  • This is the response I sent to their feedback address a few minutes ago:

    A common comment I have seen from Amazon.com regarding the creation of Purchase-Circles is that it is anonymous. No information is tied to any person.

    I know that, in today's world, this may seem odd, but I hold a certain degree of loyalty to my company. Believe me, I spend enough time here that my company is truly a part of me. While you may not be able to track purchases to me, you will certainly publish all of the purchases my company makes. To presume that concept of anonynimity only applies to individuals is absurd. Rather than violating the privacy of an individual, you are violating the privacy of a group of individuals. The difference is insignificant, except possibly in the minds of whatever suits dreamed this up. Perhaps this would pass in a traditional, bricks-and-mortar, beaurocratic company that is capable of cramming it's will down their customer's throats, but this is not behavior that should be accepted in the Internet community, nor by the purveyors. It is unfortunate that Amazon.com is no longer a leading member of our community.

    With the advent of Purchase Circles, you have decided to publish information that my company may deem private. As a manager of our IT group, one of my tasks is to ensure that electronic communications with our suppliers and vendors remains private. We do not want our competitors to learn what purchases we make, because this may give them some insight into our current or planned production, or, worse yet, our R&D efforts, the secrecy of which we deem critical to our future success. No vendor or supplier we deal with should ever publish information about what business we do with them, especially without our permission.

    I personally will not pursue any business with Amazon.com because I believe in ethical Internet conduct, and you have violated the values on which the Internet was built. Regardless of whether or not you will publish my personal information, I will not send my money to a company that implements such an absurd practice.
  • gee - double post. Aren't I special?
  • Amazon is publishing summary info, Ebay is asking for $1 for reserve price auctions....the world will end next week.

    Privacy issues, I don't see here. Corporate secrecy issues, a slim chance. If Amazon is as loose with their sales data as we'd like to think, it only takes a competitor's marketing firm to buy the info from Amazon directly.

    Speaking of competitors, Amazon may be tipping off their own competitors as to what's hot. That would be a big mistake.

    Really, though, I think there is a difference between making summary info available to the public, and making the same info available to public agencies.

    If they published my personal top-10, then yeah, that's a big problem. Then again, maybe they're waiting for me to actually buy 10 items. :)

    I'm just more ticked that they're branching into all of the other areas, making themselves just another e-tailer, instead of actually developing themselves. It will take me a while to figure out what I actually mean by that, but I figured I'd just get it out there. :)

    And remember, just because someone bought a book, doesn't mean they're going to read it.
  • No, because Amazon says they will not release data from domains with less than 600 purchasers.

    When you say that you have your own domain name, do you mean that you are your own ISP? As far as Amazon be concerned, wouldn't they think that your domain name was that of your ISP, not that of your home page?

  • As someone who worked in one of these places, I can say that making fun of the caller does nothing. The caller is not responsible for the spam, they just need the money

    Everybody is responsible for their actions. "I need the money" is no excuse for doing something immoral and rude (albeit legal). Unless you are starving and there is no other way to get food.

    Simply say 'No thanks.' and hang up. This prevents you wasting your time and theirs

    The goal of course has to be to waste their time without wasting yours. That way, telemarketing gets more expensive, and that's the only language ass holes understand. So say something which keeps them on the line, then lay down the receiver next to the phone and hope that they waste 10 minutes long distance.

    Another strategy is to insult the caller, in the hope that he will quit his job which increases the training cost of the telemarketing company.


  • At least it appears that they include themselves in this survey.

    Cryptonomicon by Neal Stephenson is #7 (WOOP)
  • It was on both congressional circles and the judiciary's too IIRC. Its a bestseller -- those can be popular sometimes. :)
  • I've noticed alot of fear on this discussion about whether or not having your own domain will put you into your own "i'm a demographic" listing. It won't. Trust me. The way they determine who's coming from where is by the REMOTE_HOST environmental variable. If it's something like dkafdaf.foo.bar.intel.com, then the person came from intel. Likewise for microsoft, amd, and everything else. If you have www.mydomain.com, odds are that it's either a virtual host, or a colocated server somewhere. Unless you're connecting through your colocated server, then you won't have a problem.

    Note that I'm not trying to say that amazon isn't wrong for doing this. I'm simply saying don't worry about your wife finding out that you bought that kama sutra book 2 years ago, and never used it with *her*.
  • You always want to give them a "If you change I'll come back". Otherwise, they just roundfile your comment as a lost cause.
  • We don't currently sell or rent users' non-aggregated specific personal information to third-party companies, but we may decide to do so in the future. If this were to happen, Chapters.ca would announce such a plan by e-mail and ask you to "opt in".

    Chapters.ca will only email you to opt in to "non-aggregated" information. Sadly Amazon is claiming that this information is aggregated, while I would slighly dissagree, simply because corporations legally are very close to being an individual. So if Chapters took on the same idea, such a practice would fit into their privacy policy.
  • Can we lobby them to profile Transmeta?
  • . . to my order cancellation and promise not to shop them again was as follows. . .

    Subject: Your Amazon.com Order (#002-3707664-6651414)
    Date: Wed, 25 Aug 1999 12:04:01 -0700 (PDT)
    From: orders@amazon.com
    To: "Keith A. Glass"

    Thank you for writing to us at Amazon.com.

    I am sorry if our new Purchase Circles feature has confused you. Please understand that this feature provides only anonymous demographic examples of customer ordering patterns at a mass level; for example, many customers who live in Los Angeles have bought X title, or many customers who work for Microsoft Inc have bought Y title.

    I assure you that your own personal order history is never, and has never been, revealed. Your customer privacy was never, and never will be, violated.

    For more information about our Purchase Circles feature, click on the link below:

    http://www.amazon.com/exec/obidos/subst/community/ community.html/ref=gw_ro_pc_m_2/002-3707 664-6651414

    As you requested, I've cancelled the following item from order #002-9474870-5405829:

    [Rest of message snipped]

    Looks like, so far, they don't care.
    Sounds like, Yahoo/Geocities all over again...

  • they have a right to do whatever they want with the information they gather ... Like your cresit card number? How about your doctor? Does *he* have a right to do anything he wants with the information he gathers?
  • The mention of "Microsoft employees buying bulk quantities of " would tend to support the allegations that Microsoft has engaged in book buyback schemes to inflate the sales figures for Bill's books in order to influence public opinion. This isn't a new tactic of course, and it isn't unique to Microsoft, but if true it certainly isn't a good thing.

  • I am surprised that Microsoft doesn't have the definitive book on COM. Why are there 4 books in the list about COM? I realize that if there is a Microsoft Press book about COM they probably don't buy it through Amazon, but still, they seem to need a lot of secondary references.

    Site Server 3.0 is another Microsoft product. I guess it doesn't have very good documentation. Maybe they are still writing the documentation.

    And Programming Microsoft Outlook and Exchange? Come on.
  • Don't have many friends calling, huh?

  • You always want to give them a "If you change I'll come back". Otherwise, they just roundfile your comment as a lost cause.

    Well, yeah, but don't expect anything from Amazon. I gave 'em that clause when I bitched about their whoring book-review policy. They changed the policy, but only in a classic "we'll 'change' this to shut up the bad PR, but we'll change it as little as we think we can get away with" condescending corporate-bullshit way.

    I haven't bought a thing from them since, and instead of recommending them to friends like I used to, I bad-mouth 'em every chance I get.

    They suck.

  • I wrote to Trust-E once to complain about a member site that was using questionable security measures to protect credit card numbers.

    I was shocked to find out that they don't do any independent verification. Qouted from their email to me:

    " FYI, the TRUSTe program is a privacy program that believes in full disclosure based on a posted privacy policy. We are not a security assurance organization. We only require that our licensee fully disclose their privacy practices and security measures on their website. There are no security requirements in our current licensing agreement. "

  • According to the article:
    "only information about purchases from large organizations or corporations with at least 'many hundreds of users' will be listed on Amazon.com."

    Of course, it also talks about an organizition of six people that got listed by mistake. :P
  • Should /. end its Amazon partnership?
    I know revenue streams are cool, but
    Barnes&Noble might be a better choice now.
    I think this should be made a /. poll.
  • It's better than nothing at least. It means that the companies promise not to do "bad stuff" with your data, and you can hold them to that promise in court later (since they are required by Trust-E to put their privacy policy in writing online).
  • Free speach ad press are a bitch aren't they.
  • One aspect of intelligence gathering is pattern analysis. Observe what the opposition is doing, find a pattern that fits.

    In this case, observe what, say, Intel people are buying, use that information to determine what they are working on. If you can cross-reference this by the division they are in within the company, you have a very good tool.

    The only way that a company like Intel can protect themselves from this is to bar their employees from buying at Amazon. I would not be surprised to see this happen.
  • I'm desparately afraid that this will have the same impact on Amazon.com as requiring cookies did for Hotmail; ie, no one is going to care.

    Unfortunately for the consumer, the only way to avoid this sort of Big-Brotherish 'Since you've done business with us, now we own you' outlook is to not shop with them... and they are the largest bookseller on the Internet. This is hopefully going to cause some users to reconsider their relationship with Amazon, as they realize that Amazon is not only taking their money for books that they've bought, but also letting other companies capitalize on the user's buying habits.

    Having this sort of information available on the Internet is roughly analogous to having your name printed in the phonebook, however with Amazon, you don't get the opportunity to opt out of it.
    Of course, by having your name in the phonebook, you're not opening yourself to a range of people who are going to mine your buying habits and spam you with offers of stuff they know you want to buy; verily, that's illegal in the US.

    Personally, I have never and will never buy books from Amazon, nor any other online bookstore. I believe that the only true way to shop for books is to go to a local bookseller and peruse the stacks for a tome that catches your fancy. I don't even go to those immense chain stores, because I dislike supporting huge corporations at the expense of local storeowners. I don't shop at Wal-Mart either, for the same reason.
  • From what I can see, although not particularly fair to initiate without asking domain owners, this is pretty harmless.

    There is no information about specific users or specific things purchased by specific users... it is just an aggregate collection. It is essentially the same as saying what the best selling items are on their site, except this is broken down into meaningful catagories...

    I don't see why there is a big fuss over it

  • If you give an organization your email address, and they use it to spam you, this is a bad thing, but it is not a privacy violation (unless they sell the address to someone else).

    So it's bogus to say that TrustE is not a good privacy policy because it doesn't prevent people from "one bite per customer" spamming. Instead, ask for something like TrustE as a minimum.

  • The article is wrong about them not allowing an opt out. I just opted out and it was easy. All I had to do was jot a note on my Palm Pilot saying "Never order anything from Amazon.com". There are plenty of other places to buy books and everything else they sell.
  • by kuro5hin ( 8501 ) on Wednesday August 25, 1999 @08:19AM (#1726125) Homepage
    Now the FBI is going to find out about all those copies of Catcher in the Rye I've bought!

Never buy from a rich salesman. -- Goldenstern