An E-Book Buyer's Guide to Privacy
As we count down to end of 2009, the emerging star of this year's holiday shopping season is shaping up to be the electronic book reader (or e-reader). From Amazon's Kindle to Barnes and Noble's forthcoming Nook, e-readers are starting to transform how we buy and read books in the same way mp3s changed how we buy and listen to music.
Unfortunately, e-reader technology also presents significant new threats to reader privacy. E-readers possess the ability to report back substantial information about their users' reading habits and locations to the corporations that sell them. And yet none of the major e-reader manufacturers have explained to consumers in clear unequivocal language what data is being collected about them and why.
As a first step towards addressing these problems, EFF has created a first draft of our Buyer's Guide to E-Book Privacy. We've examined the privacy policies for the major e-readers on the market to determine what information they reserve the right to collect and share.
(Updated Jan 6 2010: We've updated and corrected this guide. Please read the latest version instead.)
When you use Google Books, we receive log information similar to what we receive in Web Search. This includes: the query term or page request (which may include specific pages within a book you are browsing), Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
In addition, because users must have a Google Account in order to purchase and view books, Google maintains a dossier, via its Web History service, of all books purchased unless the user gives up the right to view a book he or she already "bought."
Physical e-reader devices pose similar threats to reader privacy. For example, the Kindle does not sell, but rather licenses, the books, magazines, and other materials offered for wireless download through its Kindle Store, which can only be used on a particular device. This implicitly requires Amazon to know what reading material a user has licensed at any given time.
Information Received. The Device Software will provide Amazon with data about your Device and its interaction with the Service [i.e. the wireless connection, purchases through the Kindle Store, etc.] (such as available memory, up-time, log files and signal strength) and information related to the content on your Device and your use of it (such as automatic bookmarking of the last page read and content deletions from the Device). Annotations, bookmarks, notes, highlights, or similar markings you make in your Device are backed up through the Service. Information we receive is subject to the Amazon.com Privacy Notice.
In other words, your Kindle will periodically send information about you to Amazon. But exactly what information is sent? Amazon's wording — "information related to the content on your Device and your use of it" — reads so broadly that it appears to allow Amazon to track all content that users put on the device, regardless of whether that content is purchased from Amazon. Some security researchers have indicated that the Kindle may even be tracking its users' GPS locations. Is this the future of reading?
Still, there are no perfect options this holiday season for the many shoppers who consider Internet-connectivity to be a must-have feature for their e-readers. Let's hope that by this time next year, e-reader manufacturers have stepped up to the challenge of taking their users' privacy seriously.