I mentioned just a few hours ago that Amazon has just launched a cloud-based music streaming service, and is the first of the big three (those being Google, Amazon and Apple) to do so. And in that piece, I also talked about the fact that the uploader requires Adobe Air, and that was a bit irritating to me.
What I didn’t mention (because I just found out) was that the privacy portion of the terms of agreement sucks out loud.
You can go ahead and hit the link above, or just read section 5.2 right here:
5.2 Our Right to Access Your Files. You give us the right to access, retain, use and disclose your account information and Your Files: to provide you with technical support and address technical issues; to investigate compliance with the terms of this Agreement, enforce the terms of this Agreement and protect the Service and its users from fraud or security threats; or as we determine is necessary to provide the Service or comply with applicable law.
What they’re saying here is they can look at anything they’re holding for you, for basically any reason. So aside from getting to read the digital backup to your Captain Midnight decoder ring, they can examine all of your MP3s to see if they’ve been acquired in a way that they, and presumably anyone else they show them to (like the RIAA, who we all know are a balanced bunch when it comes to lawsuits), believe is legit.
Personally, I don’t need 5 GB of free online storage badly enough to let Amazon.com and anyone else they choose dig through my files despite the fact that I’m not a thief. Frankly, the idea of granting someone access to my files whenever they choose (remember, their cloud service stores documents, video, and photos as well) sits nowhere close to comfortable with me, and just the existence of paragraph 5.2 is enough for me to say “screw you guys, I’ll keep ‘em at home.”
“What they’re saying here is they can look at anything they’re holding for you, for basically any reason”
No…. they list the reasons why they can look at your docs (tech support, legal intervention…..). It seems standard to me – if you want to scream bloody murder about privacy, blog about Facebook selling your personal data.
There’s a big difference ….
Alan,
First of all, I’d hardly say I’m screaming bloody murder. However, I disagree fundamentally with your assessment. From the quoted paragraph: “You give us the right to access, retain, use and disclose your account information and Your Files…as we determine is necessary to provide the Service or comply with applicable law.”
At first glance, it ALMOST seems reasonable because of the “comply with applicable law” bit, but it isn’t – the “as we determine is necessary” gives them license to do as they wish.
So should the RIAA decide they believe that you have MP3s that you don’t have rights to, they can request that Amazon review all your MP3s, and you’ve granted Amazon the right to do so. Frankly with the proliferation of non-licensed content out there, I wouldn’t be surprised if Amazon were to decide they needed to take a close look at ALL MP3s on their system under the guise of complying with applicable laws – it’s certainly a tasty nugget they can offer record companies in light of the fact that they have no agreements in place with the majors that cover their new cloud service.
Also, the rights granted are in effect limitless: they don’t say they’ll examine or disclose only information that’s required during some sort of legal process, nor do they say they’ll even tell you they’re doing it. It’s a “we can look when we think it’s necessary, at what we think is necessary, and need give you no notification” thing. Which isn’t my thing.
And MP3s are just a part of it. Any file at all can be examined by them at their discretion. Personally, just because I’m not doing anything illegal doesn’t change the fact that I don’t want to grant anyone the right to review my personal property any time they decide it’s “necessary.” I wouldn’t let Western Digital come examine what I keep on my local hard drive either.
Plus, you’re granting them access to “retain” your files, which means if you have second thoughts about that anti-government treatise you wrote when you were drunk, deleting it may not, in fact, delete it.
However, I understand it’s a service that you can choose to use or not, and beggars can’t be choosers. It’s free storage and streaming, etc etc. But it’s worth noting these privacy issues if you’re considering the service, because your files are way, way more accessible to them than you think.
As for Facebook, I’m no fan of those privacy policies either. In fact, they’re desperately bad – but I’m also cognizant of the fact that in order to provide what they do at no cost, they’re going to collect that sort of data to generate revenue (Zuck’s not worth $13 billion for no reason, after all), and I make my choices accordingly (I have a Facebook page, but avoid apps and games, don’t post words or graphics I want to tightly protect, and I pay attention to my security settings).
But even so, I don’t think that selling aggregate user data (which is what they admit to, anyway) for targeted advertising is the same as accessing a user’s personal files without the need to get any sort of warrant, or serve any sort of notification. So on that we agree – there IS a big difference.