Amazon Sued Over Alleged Privacy Policy Violations

Online shopping giant Amazon.com is the subject of a new class-action lawsuit alleging that the e-tailer uses an Internet Explorer work-around to trick the browser into thinking the site is “more privacy-protective than it actually is” and then collecting users’ personal info without permission.

“For years, Amazon has been taking visitors’ personal information that it was not entitled to take,” the lawsuit states. “It does so by misusing privacy-protection software on users’ own computers, bending the software to Amazon’s purpose of collecting more personal information than it had a right to collect or that users have given it consent to collect.”

From SeattlePI.com:

Since the release of Internet Explorer 6 in 2001, most websites have been using machine-readable codes that tell a browser their privacy policies — such as whether a website sends cookies and with whom the website shares personal information gained from those cookies. Most websites use several standard “compact policy” codes such as “NID” (no identified user information collected), but Amazon uses the code “AMZN” — which the lawsuit says is “gibberish.”

That code tricks IE into thinking Amazon’s privacy policy falls in line with a user’s settings, even if they are set to the strictest level, the lawsuit alleges. Even if IE blocks Amazon from sending and accessing cookies, as a work-around Amazon also uses what are informally known as “Flash cookies” — files that transmit data via Adobe Flash Player, which is on most people’s computers, instead of Internet Explorer.

One plaintiff says she began ordering pet-care items through Amazon in 2008 and subsequently began receiving ads in the mail from companies with which she’d never done business. The lawsuit alleges that Amazon collected and shared her personal information with other companies.

The other plaintiff claims she found Flash cookies on her computer that Amazon had used to circumvent her strict IE privacy settings. The browser had previously prevented Amazon from placing cookies on her computer, but the lawsuit alleges that Amazon got around it by using Flash cookies.

Suit: Amazon fraudulently collects, shares users’ personal info [SeattlePI.com]