Because of the ongoing battle between Apple (NASDAQ: AAPL) and the Federal Bureau of Investigations over an encrypted iPhone used by a terrorist, the sanctity of information on personal devices has been front and center in the news recently.
In this particular case, the FBI wants Apple to help it break the protection on the phone, freeing the information it wants for its investigation. The company has refused, not because it doesn't want to help, but because the backdoor into its operating system it would have to build to comply would open up all iPhone users to potential data security breaches.
But, what if the data had never been encrypted in the first place? The person owning the device would have no presumption of privacy, and the FBI would have nothing to crack. It could simply take what it needed without any help from the company.
Apple, of course, would never create a device like that; in recent years, it has tightened its encryption, adding fingerprint recognition as an option alongside pass codes. The company has essentially made it impossible for anyone to access your iPhone without your codes -- or that the very least, an image of your thumbprint.
Amazon (NASDAQ: AMZN) has gone in another direction. The company has removed encryption in recent releases of its Fire OS 5, both for new Fire tablets and older ones being upgraded, Ars Technica reported.
Why did Amazon do this?
The online retailer's tablets use a customized version of Android. Essentially, the operating system for the Fire tablets uses the bones of the Google OS, but it's heavily customized, which means that not all Android apps are compatible and some core features are changed or even in this case disabled.
Amazon's Fire Tablet Source: Amazon
Amazon still encrypts and protects data being sent between its servers and users' cloud storage accounts, but the company told Ars Technica that it removed local encryption because it was rarely being used.
"In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren't using," Amazon told Ars Technica. "All Fire tablets' communication with Amazon's cloud meet our high standards for privacy and security including appropriate use of encryption."
On the surface, that sounds like it makes sense, but do you allow your apartment building to remove the fire extinguishers and smoke alarms because you never use them?
How did people react?
As you might imagine, people did not take it well when they learned their data was not being encrypted by Amazon. There was a public backlash as soon as the news broke, which let Amazon to backtrack rapidly on the policy.
"We will return the option for full disk encryption with a Fire OS update coming this spring," the Seattle company said in a statement emailed to reporters Friday night, USA Today reported.
It was a quick reversal of a decision which seemed like a bad idea even if people haven't been using the encryption technology. Given the publicity surrounding the Apple case, it's also likely that the general public will have a heightened awareness of security issues. This could lead to greater adoption of encryption on Fire tablets once the feature gets turned back on.
This was a mistake
While Apple has taken extreme measures to protect user data on its devices, Amazon perhaps went too far in the other direction. It's one thing to give people the option to opt out of security measures, and another thing entirely to drop them altogether.
Amazon, which has supported Apple in its fight with the FBI, was smart to see which way the wind was blowing and change its policy accordingly. The perception that it did not caring about the security of users' information put the company in a bad light, and the only possible damage control was to prove that it did.
In the long run, though, the blunder probably won't hurt Amazon much, because Fire tablets are not generally business or personal productivity devices -- unlike Apple iPads, where sensitive data might be stored. Still, this debacle may cause more consumers to think twice before turning over their personal data to the online retailer, which might subtly hurt its growing device and home automation efforts.
