April 19, 2014

avatar

Lessons from Amazon's 1984 Moment

Amazon got some well-deserved criticism for yanking copies of Orwell’s 1984 from customers’ Kindles last week. Let me spare you the copycat criticism of Amazon — and the obvious 1984-themed jokes — and jump right to the most interesting question: What does this incident teach us?

Human error was clearly part of the problem. Somebody at Amazon decided that repossessing purchased copies of 1984 would be a good idea. They were wrong about this, as both the public reaction and the company’s later backtracking confirm. But the fault lies not just with the decision-maker, but also with the factors that made the decision more likely, including some aspects of the technology itself.

Some put the blame on DRM, but that’s not the problem here. Even if the Kindle used open formats and let you export and back up your books, Amazon could still have made 1984 disappear from your Kindle. Yes, some users might have had backups of 1984 stored elsewhere, but most users would have lost their only copy.

Some blame cloud computing, but that’s not precisely right either. The Kindle isn’t really a cloud device — the primary storage, computing and user interface for your purchased books are provided by your own local Kindle device, not by some server at Amazon. You can disconnect your Kindle from the network forever (by flipping off the wireless network switch on the back), and it will work just fine.

Some blame the fact that Amazon controls everything about the Kindle’s software, which is a better argument but still not quite right. Most PCs are controlled by a single company, in the sense that that company (Microsoft or Apple) can make arbitrary changes to the software on the PC, including (in principle) deleting files or forcibly removing software programs.

The problem, more than anything else, is a lack of transparency. If customers had known that this sort of thing were possible, they would have spoken up against it — but Amazon had not disclosed it and generally does offer clear descriptions of how the product works or what kinds of control the company retains over users’ devices.

Why has Amazon been less transparent than other vendors? I’m not sure, but let me offer two conjectures. It might be because Amazon controls the whole system. Systems that can run third-party software have to be more open, in the sense that they have to tell the third-party developers how the system works, and they face some pressure to avoid gratuitous changes that might conflict with third-party applications. Alternatively, the lack of transparency might be because the Kindle offers less functionality than (say) a PC. Less functionality means fewer security risks, so customers don’t need as much information to protect themselves.

Going forward, Amazon will face more pressure to be transparent about the Kindle technology and the company’s relationship with Kindle buyers. It seems that e-books really are more complicated than dead-tree books.

Comments

  1. Tom says:

    It’s not that Amazon controls all the software, but that Amazon can control your Kindle without any restrictions. Or to put it another way, your Kindle is a bot and Amazon is the botnet owner.

  2. Adam says:

    Is the real problem transparency? What about this idea of ‘freedom to tinker?’ If we had freedom to tinker with the Kindle, the root shell might be gone, the reporting back might be gone, and the Kindle might have folders in the book UI.

    (I wrote more on this at http://www.emergentchaos.com/archives/2009/07/kindling_a_consumer_revol.html)

  3. brianary says:

    Sorry, the DRM plumbing (remote control/revokation/deletion) is what allows Amazon to delete remotely. They have no reliable way to delete all variants of GO1984.txt or GO1984.pdf (or their Kindle-converted versions) from your Kindle.

    The rest is true, but best not ignore the fact that DRM played a role here.

  4. Jim says:

    Everyone seems to be ignoring the simple fact that Amazon was required to deleted the copies of 1984 and Brave New World from their servers BECAUSE THEY WERE PIRATED. They (apparently, in good faith) believed they were also required to delete them from individual Kindle devices pursuant to the DMCA takedown notice. Amazon may have been mistaken in the second step: we won’t know until there’s a court case on this issue. From everything I’ve heard, though, Amazon did nothing wrong.

    • eee_eff says:

      Everyone seems to be ignoring the simple fact that Amazon was required to deleted the copies of 1984 and Brave New World from their servers BECAUSE THEY WERE PIRATED. They (apparently, in good faith) believed they were also required to delete them from individual Kindle devices pursuant to the DMCA takedown notice. Amazon may have been mistaken in the second step: we won’t know until there’s a court case on this issue. From everything I’ve heard, though, Amazon did nothing wrong.
      Wrong, Jim on several counts.
      FIRST: It is not proven that these were “pirated” copies, as 1984 is in fact public domain in Canada and Australia. Canadian Kindle users had their copies deleted as well. Amazon stole from their own customers.
      SECOND: Let’s say they were pirated copies. As far as I know, as a citizen of the United States, action by a COURT OF LAW is required before someone can take something from me. Going into someone’s kindle and deleting a file because some corporation somewhere decides something might be pirated does cut it. It’s just corporate vigilantee-ism. It just oppression, by a corporation instead of a government.
      THIRD: This capability was undisclosed, and if any laws regarding privacy have been broken when Amazon determined that users had “pirated” works on their Kindle, they should be prosecuted.
      So Amazon in the first place stole what wasn’t theirs, violated due process in the taking, and also intruded on user privacy, a reasonable expectation of which they maintained without any disclosure by Amazon of this capability.
      So rather than make excuses for Amazon executive’s behavior, I would rather prosecute them and throw then in jail for a while. I might be prepared to grant them some leniency in sentencing if they testify how they enabled the NSA to eavesdrop on Kindle users, in violation of wiretapping laws, which almost certainly happened…

  5. Adam says:

    Jim,

    I’m not ignoring that the copies were unlicensed, I’m just not sure why that matters. Amazon wouldn’t send thugs to my home to take a physical copy they shipped me. They will send packets to my Kindle, and through licenses prevent me from telling my Kindle what to do with those packets.

    If Amazon had designed the Kindle differently, they could not have removed the copies, and many people think that would be a good thing.

  6. Wayne says:

    I suspect Amazon could have accomplished exactly what they felt they had to, and not taken the PR hit, if they had simply replaced the problematic copies of 1984 on the Kindles with digital copies from Houghton Mifflin Harcourt, and paid HMH out of their own pocket. While some people would have objected, most people wouldn’t have even cared (or noticed).

  7. Matt Norwood says:

    I’m not convinced that the distinctions you’re making are warranted. DRM is a consequence of software under the control of someone other than the owner (As you know better than almost anyone, Ed, DRM cannot work if a user can alter — or perhaps even just audit — the software). Lack of transparency is a consequence of software under the control of someone other than the owner (the capabilities of the software are necessarily transparent when a user can audit the software). Cloud computing necessarily implies software beyond the control of the user.

    It seems to me that the root problem, therefore, is that the Kindle runs software not under the control of its owner, with the owner prevented from either inspecting or altering the software running the device. As you admit, there’s nothing to prevent Microsoft or Apple from doing the same thing tomorrow. I don’t understand why you reject this explanation as “a better argument but still not quite right”.

  8. Chris Brand says:

    Orwell died in 1950, so his books are public domain in Canada (life+50), but that didn’t stop Amazon from deleting these works from Canadians’ Kindles.

  9. Anonymous says:

    This article waves off the implications for cloud computing, arguing that the Kindle is not a cloud computing device (or at least not purely so). But I think this does have implications for cloud computing, because you can extrapolate from the Kindle incident to see how the same kind of problem — or worse — could happen in a cloud computing scenario. The problem with the Kindle is that cloud infrastructure has control over your data. That sounds relevant to cloud computing.

  10. Dan Simon says:

    Without a careful analysis of the costs and benefits of the current approach compared to a more transparent one, it’s impossible to claim with any authority that Amazon was wrong (in a practical sense) to take the approach it did. We have no idea how many Kindle sales they will lose as a result of this incident, or how many they would have lost had they been more transparent to begin with, or what extra costs they (would) have incurred in each case. It’s entirely possible, for example, that this publicity will result in only a tiny number of lost sales, whereas openness earlier in the product cycle would have resulted in equally bad publicity at a time when the product had less momentum, and therefore was more vulnerable to lost sales. Or that revealing details of the system early on, before the product was established, would have created pressure from customers or partners to make expensive changes to the system that can now be resisted by citing installed base compatibility.

    And even if this incident ends up costing more sales than transparency would have, it’s possible that we are witnessing a low-likelihood “perfect storm” event–Amazon’s first major use of this feature being the removal from lots of Kindles of a popular classic novel about totalitarian control of information–that Amazon planners would have been perfectly sensible not to plan for.

    Of course, it’s not fair to expect Ed, or anyone else at Freedom to Tinker, to assess Amazon’s business judgment, since nobody here has access to the kind of information that would enable them to do so. But perhaps we should all recognize explicitly that the “problem” that Ed repeatedly refers to here is the problem of his and his colleagues’ disapproval of Amazon’s actions–which may or may not be a remotely significant problem at all, from the point of view of the relevant decision-makers at Amazon.

    • felten says:

      I don’t think it’s right to read this incident as a wise move by Amazon that raised complaints from a minority. Amazon admitted that it made a mistake and promised not to do it again.

      My take on this is that it was a mistake of execution, leading to an action by Amazon that was contrary to Amazon’s own ideas of its best interest. To put that more precisely, I think that some mid-level employee made a decision in real time that was different from what the company’s top management would have decided given all of the facts and time to deliberate. Of course this kind of error will happen in any organization, as most decisions are necessarily delegated and decisions must often be made quickly with incomplete information.

      This is a type of “normal accident”, and as always with normal accidents it pays to ask what were the factors enabled the accident. Which is what I was trying to do in the initial post.

      Amazon’s current position is opposed to its initial position. Given what we know, including Amazon’s words and actions, it seems to me unlikely that the initial position was right one, from the standpoint of Amazon’s business.

  11. Mark says:

    The ability for Amazon (or Apple to kill apps) is wholly to do with rights and licenses so I am confused why you say DRM is not a problem here. You rent from Amazon. You don’t buy. Confusion about that is the core problem. So yes Amazon should be more forthcoming about the distinction but it extends beyond company culture to the broader conversation about content and DRM.

  12. joehall says:

    I wonder: how transparent is transparent enough here? What would it look like? Simply an official description of the kindle system or a “kindle user rights” statement?

  13. Mark Christiansen says:

    Transparency? No, some things really are black. We have machines which don’t actually serve their nominal owners, instead others far away. The potential for evil is very great. DRM is just the start.

    At least this makes a good story so more people notice. We are getting the boiled frog treatment as people get used to more and more remote monitoring and control.

  14. Jarrod Higgins says:

    I wrote an article about this, it offers a slightly different perspective.
    http://jarrodhiggins.com/?p=96

  15. rp says:

    Speaking of transparency, I would love to know more about how this mechanism works and how automated it is. Because if somewhere at Amazon there’s a piece of code you type an SKU into and it sends the memory-hole packets on their way, the company is sitting on a time bomb. (Or if it’s possible for such a piece of code to be written. You’re talking seriously high-value target.)

  16. eee_eff says:

    Amazon got some well-deserved criticism for yanking copies of Orwell’s 1984 from customers’ Kindles last week. Let me spare you the copycat criticism of Amazon — and the obvious 1984-themed jokes — and jump right to the most interesting question: What does this incident teach us?

    Good Question

    Human error was clearly part of the problem. Somebody at Amazon decided that repossessing purchased copies of 1984 would be a good idea. They were wrong about this, as both the public reaction and the company’s later backtracking confirm.

    Not necessarily. Perhaps this type of behavior is rewarded more often than we realize–because corporations get away with stuff like this–usually–and the get caught–rarely–so the decision is still rational, they just had bad luck this time.

    You might dispute this, but I feel my judgment is informed by books such as Steal this Idea by Michael Perelman. This behavior is not isolated, and it is unusual for people to be able to connect the dots and figure out what happened.

    ” But the fault lies not just with the decision-maker, but also with the factors that made the decision more likely, including some aspects of the technology itself.

    The problem, more than anything else, is a lack of transparency. If customers had known that this sort of thing were possible, they would have spoken up against it — but Amazon had not disclosed it and generally does offer clear descriptions of how the product works or what kinds of control the company retains over users’ devices.

    EXACTLY right. This is another example of why free software, such as software released under the GPL 3.0, should be prefered over others. Free software establishes the ability of the owner to investigate and modify the software he or she owns. Not especially that version 3.0 would prevent Amazon from implementing some tricky tied-to-a-specific-device al la TIVO which would prevent users from understanding and modifying their software:

    RMS notes in his essay Your Freedom needs Free Software:

    The software running in most computers is non-free, proprietary software: controlled by software companies, not by its users. Users can’t check what these programs do, nor prevent them from doing what they don’t want. Most people accept this because they have seen no other way, but it is simply wrong to give developers power over the users’ computer.

    This unjust power, as usual, tempts its wielders to further misdeeds. If a computer talks to a network, and you don’t control the software in it, it can easily spy on you. Microsoft Windows spies on users; for instance, it reports what words a user searches for in her own files, and what other programs are installed. RealPlayer spies too; it reports what the user plays. Cell phones are full of non-free software, which spies. Cell phones send out localizing signals even when ‘off’, many can send out your precise GPS location whether you wish or not, and some models can be switched on remotely as listening devices. Users can’t fix these malicious features because they don’t have control.

    Some proprietary software is designed to restrict and attack its users. Windows Vista is a big advance in this field; the reason it requires replacement of old hardware is that the new models are designed to support unbreakable restrictions. Microsoft thus requires users to pay for shiny new shackles. It is also designed to permit forced updating by corporate authority. Hence the BadVista.org campaign, which urges Windows users not to ‘upgrade’ to Vista. Mac OS also contains features designed to restrict its users.

    Microsoft has installed back doors for the US government’s use in the past (reported on heise.de). We cannot check whether they have successors today. Other proprietary programs may or may not have back doors, but since we cannot check them, we cannot trust them.

    More at:http://www.gnu.org/philosophy/your-freedom-needs-free-software.html

    • Anonymous says:

      “Cell phones send out localizing signals even when ‘off’, many can send out your precise GPS location whether you wish or not, and some models can be switched on remotely as listening devices.”

      Is that last statement true? Is there a list of models known to have this behavior?

      Of course, one way to protect against such eavesdropping would simply be to remove the battery from the phone when discussing anything sensitive near (but not over) the phone, and when discussing something sensitive over the phone, do so by encrypted email rather than voice.

      Without the battery it cannot conceivably be remotely switched on.

      If the iPhone has a non-user-removable battery, and can be remote-activated, draining the battery of charge or ditching the phone for a while will suffice. (Bury it in the linen closet between two thick, fluffy towels and then talk in the bathroom farthest away from that closet with the taps running?)

      Then again, what will this hypothetical spying be used for? Certainly, nothing acquired by such surreptitious means is likely to be admissible in a court of law. Even a wiretap warrant doesn’t allow arbitrary remote monitoring, only monitoring of phone calls initiated or received by the targeted party. If the phone was remote-activated to bug an in-person conversation in, say, an office, and the resulting transcript somehow was used at court, it would just give the defendants a free appeal.

      However, it’s something to keep in mind if the country ever starts to turn into a dictatorship. (So is the location of the nearest emergency exit, of course.)

  17. eee_eff says:

    Without a careful analysis of the costs and benefits of the current approach compared to a more transparent one, it’s impossible to claim with any authority that Amazon was wrong (in a practical sense) to take the approach it did. We have no idea how many Kindle sales they will lose as a result of this incident, or how many they would have lost had they been more transparent to begin with, or what extra costs they (would) have incurred in each case. It’s entirely possible, for example, that this publicity will result in only a tiny number of lost sales, whereas openness earlier in the product cycle would have resulted in equally bad publicity at a time when the product had less momentum, and therefore was more vulnerable to lost sales. Or that revealing details of the system early on, before the product was established, would have created pressure from customers or partners to make expensive ch…

    Exactly here you stumble across one of the highest functions of government–to protect the powerless. Amazon was just a bully, and the consequences for Amazon must be made so drastically bad that no company will ever contemplate doing something like this again. So good attorney needs to look at what laws were broken, and I would be very happy to see huge punitive fines levied against Amazon, to the maximum extent allowed by law, as well as jail time for anyone associated with this decision. Why should only the poor go to jail when they steal? I’d be happy to see some Amazon execs do five or ten years time for this. Of course, I realize I am dreaming, as it is unrealistic to expect justice in America…

  18. eee_eff says:

    Everyone seems to be ignoring the simple fact that Amazon was required to deleted the copies of 1984 and Brave New World from their servers BECAUSE THEY WERE PIRATED. They (apparently, in good faith) believed they were also required to delete them from individual Kindle devices pursuant to the DMCA takedown notice. Amazon may have been mistaken in the second step: we won’t know until there’s a court case on this issue. From everything I’ve heard, though, Amazon did nothing wrong.

    Wrong, Jim on several counts.

    FIRST: It is not proven that these were “pirated” copies, as 1984 is in fact public domain in Canada and Australia. Canadian Kindle users had their copies deleted as well. Amazon stole from their own customers.

    SECOND: Let’s say they were pirated copies. As far as I know, as a citizen of the United States, action by a COURT OF LAW is required before someone can take something from me. Going into someone’s kindle and deleting a file because some corporation somewhere decides something might be pirated does cut it. It’s just corporate vigilantee-ism. It just oppression, by a corporation instead of a government.

    THIRD: This capability was undisclosed, and if any laws regarding privacy have been broken when Amazon determined that users had “pirated” works on their Kindle, they should be prosecuted.

    So Amazon in the first place stole what wasn’t theirs, violated due process in the taking, and also intruded on user privacy, a reasonable expectation of which they maintained without any disclosure by Amazon of this capability.

    So rather than make excuses for Amazon executive’s behavior, I would rather prosecute them and throw then in jail for a while. I might be prepared to grant them some leniency in sentencing if they testify how they enabled the NSA to eavesdrop on Kindle users, in violation of wiretapping laws, which almost certainly happened…

    • Steve R. says:

      Lost in this debate is the issue of collateral damage that the users may experience when corporations whimsically axe a product/service. The New York Times wrote: “Justin Gawronski, a 17-year-old from the Detroit area, was reading “1984” on his Kindle for a summer assignment and lost all his notes and annotations when the file vanished. “They didn’t just take a book back, they stole my work,” he said.”

      So, in deleting the books, Amazon also vaporized Mr. Gawronski’s work. So how is Mr. Gawronski going to be compensated for his loss? Or is his loss somehow irrelevant because Amazon was making things “right”. Also remember the Sony Rootkit debacle where Sony “disabled” the CD player to “protect” their so-called property. Company’s on their own volition do not have a right to do whatever they want whenever they want. When companies cause you damage, they should be liable for that damage. Protecting so-called intellectual property is not an excuse to ignore the law or trample on the rights of the public.