'

Amazon Silk's sheer danger for privacy

The most interesting and significant aspect of Amazon's Kindle announcements on Thursday was not the hardware, diverting as it might be. It was Silk, the browser that the Kindle Fire runs - currently, the only browser it can run.

The most interesting and significant aspect of Amazon's Kindle announcements on Thursday was not the hardware, diverting as it might be. It was Silk, the browser that the Kindle Fire runs - currently, the only browser it can run.

Silk uses a clever technology to speed things up. While it can behave like a perfectly normal browser, where all of the software components inside it run on the Kindle Fire itself, it can also use software running in Amazon's cloud to take over tasks.

For a mobile device, this has many benefits. Amazon's cloud has plenty of computing power and plenty of very fast network connectivity, two things painfully lacking on tiny tablets living on the end of Wi-Fi or 3G. If the cloud does most of the hard work in loading pages, rendering the graphics, running scripts and managing security, the tablet's job is hugely easier and the user gets the best of both worlds.

It's not a new idea: from the days of slow dialup onwards, running browser support processes in servers has been a useful way of bypassing bandwidth problems, and now browsers do an awful lot of computing themselves Amazon is in the perfect position to evolve the technique.

The downside, however, is that everything you do online is now accessible to Amazon. The company hasn't said what it will do — if anything — with the data generated by the browser components running in the cloud. But it could do everything: log every click, see every transaction, analyse every action, on every web page you ever visit on your Kindle Fire.

If Amazon wanted to, it could possess the complete online life of all of its Fire users. The potential makes the abuses that Google or Facebook could commit seem like petty vandalism: they know what you do with their services, but by and large have no way of knowing what you do elsewhere. Even when they do, it's spottable and blockable.

And while it does have some of its own potential for abuse, Google's Chrome browser is based on open source, helping an understanding of its functioning, and it cannot conduct secret transactions with Google HQ : everything has to go through the user's computer's network interfaces where it can be analysed. With Silk in the cloud, neither is true. It is possible for Amazon to do what it likes, entirely invisibly.

None of this is to say that Amazon plans or wants to do anything untoward. If it is committed to privacy, it can make the cloud components of the Silk browser as inaccessible to itself as if they were running purely on the tablet itself. Or it could use a subset of the data, provided it has clear rules about preserving anonymity, impeccable disclosure and solid mechanisms of consent.

But what it must do is say what it is doing. Amazon as a company makes a great deal of money from capturing, analyzing and acting on consumer online data. It has created a mechanism that could add a warp drive to that sort of activity, one, moreover, over which users have little control.

What the company has to do, before unease turns into active avoidance, is be brutally frank about the internals of Silk, brutally frank about the way those are managed in the cloud, and brutally frank about what it intends to do with the private, personal information of which it is now custodian.

If it doesn't, regulators, users and competitors will read more into it than anything else they could put on a Kindle.