BOOKSELLER Amazon has responded to questions about the privacy implications of its Silk web browser from the Electronic Frontier Foundation (EFF).
The browser has had critics ever since it was announced because of the way it ties users' information to their surfing habits through the use of cloud acceleration, which is Amazon's term for routing web pages and user requests through its own web servers.
The fear is that this could be used to build up too much information about a user, and the EFF, as well as a US congressman, have asked Amazon to explain itself.
The EFF has its answers already and is rather happy with what it found out. Amazon has thought about privacy, according to the group, and will let the user decide whether they want to use the cloud acceleration tools that its Fire tablet offers. However, the EFF added that the use of the cloud, and technology in general, has to have privacy built in.
"We are generally satisfied with the privacy design of Silk, and happy that the end user has control over whether to use cloud acceleration. But this new technology highlights the need for better online privacy protections," said the EFF in its statement.
"As companies continue to innovate in ways that make novel uses of--and expose much more personal data to--the internet cloud, it's critical that the legal protections for that data keep up with changes technology."
Although cloud acceleration is the default setting on the Fire e-reader, it can be turned off, and easily. Amazon told the EFF that the change was easy to find in the browser's settings menu and when selected turns Silk into a normal web browser, one that sends requests directly to the web sites the user wants to visit.
Importantly, any secure, or SSL traffic, is not intercepted by Amazon either, and Jon Jenkins, director of Silk development told the group that, "secure web page requests (SSL) are routed directly from the Kindle Fire to the origin server and do not pass through Amazon's EC2 servers."
"Our conversation with Amazon allayed many of our major concerns," added the EFF as it explained how the company will use the data that is gathered.
The firm told it that the only information that it will keep, for a period of 30 days, is the URL of the web site being requested, a time stamp, and a token that identifies the session, but not the user. The EFF pushed Jenkins for more information, asking whether any individual identifiers were associated with browsing history.
"We were told that there was not," it explained, "and that Amazon is not in a position to track users."
It was not all smiles and handshakes however, and the EFF said that it still has some "serious concerns" about the web browser.
"Amazon will effectively have a database of user search histories across many different search engines," it said. "In addition to URLs, the content of the EC2 servers' cache might in some instances... contain information that could identify an individual. The data collected by Amazon provides a ripe source of users' collective browsing habits, which could be an attractive target for law enforcement." µ
790,000 personal messages also leaked in SQL-injection hack
Build delivers fixes for Action Centre and Live Tile interface
Why, Eye-Fi? Was it all a lie? We may cry
Kaspersky sees huge spike in mobile attacks