The Next Big Data Debacle Could Involve Amazon and China

Data is now essentially the lifeblood of today’s modern industries. Not only does it provide insights for effective decision-making but it can also be used to predict and influence consumer and user behavior. Companies like Amazon and Netflix, for instance, use big data and analytics to better understand their customers in order to create products and services that generate more sales and repeat business.

However, in the wrong hands, data can also be used for shady purposes. The Facebook and Cambridge Analytica scandal showed how data misuse could have history-defining consequences. Profiles generated from personal data can be used to promote political views and sell ideologies that are influential enough to determine the outcome of national elections.

Speaking of Amazon, the US-based e-commerce giant may just be involved in a brewing data debacle that could rival Facebook’s in terms of magnitude. Chinese payment processors are found to be requiring partner Amazon merchants to commit practices that expose customer and financial information. Given the growing tensions caused by US-China trade war, a data scandal involving Amazon and China could have global ramifications as well.

Another Mess in the Making

Amazon merchants looking to conduct business in China need to partner with Chinese payment processors such as LianLian Pay and Pingpong. As such, merchants have to integrate with these payment systems in order to streamline order management and fulfillment. What raises suspicion, however, are claims that these payment processors are asking merchants to provide their Amazon Marketplace Web Service (MWS) secret keys.

According to MWS developer guidelines, this isn’t the proper way to integrate systems. There are mechanisms provided by MWS’s application programming interface (API) for merchants to provide access to their data to third-party developers securely and without having to give out secret keys. Secret keys provide unrestricted access to a seller’s data on Amazon including information such as customer shipping data , and bank and credit card information. Sellers do not have access to customer “bank and credit card information”. Accordingly, they cannot share information they do not have.

Considering that these payment processors may have been given access to secret keys, it is possible that customer data has already been exposed. Pingpong, for example, has processed more than $1 billion in US payments. Given that Amazon sellers are these processors’ principal users, their possession of merchants’ secret keys essentially gives them access to a goldmine of data involving US customers.

Potential Risk to Users

The leak of such information can be damaging across several levels. Customers whose data have been exposed may now be at risk of identity theft and fraud. Personal and financial information can be sold quite profitably in the global black market.

Once in the hands of cybercriminals, the information can be used for other hacking activities including gaining access to other services that use the stolen information or defrauding other businesses using financial data.

Information such as order and transaction histories could also provide insight into users’ preferences and behavior allowing malicious actors to use psychology and manipulation to influence views and perception much like how data from Facebook and Cambridge Analytica were used to promote certain political views.

Tensions Rising

What could raise even more concern is that these issues are emerging in the midst of US and China’s trade war. The US took a hardline stance in its drive to bring back businesses and jobs onshore by imposing tariffs on Chinese products. US also claims that China has long been engaging in unfair business practices. The Asian giant m however, responded with its own moves against US products.

The claims of Chinese manipulation can be observed even on e-commerce platforms like Amazon. Chinese merchants have brought in goods that are being sold at factory prices against which US merchants simply can’t quite compete. The proliferation of Chinese scammers and counterfeiters are also upsetting the balance of the marketplace and undercutting US intellectual property holders.

Whether there are larger forces at play remains to be seen but there have already been numerous efforts to disrupt US organizations through cyberattacks that originate from China. The recent massive data breach on Marriott hotel guest database that stole half a billion records is suspected to be a state-sponsored attack by the Chinese.

Better Protection Needed

These threats to data shouldn’t be taken lightly. Not by anyone. More people are shifting their day-to-day activities to digital and online, relying on services like Amazon to address their consumer needs. Companies, especially influential industry giants like Amazon, should exert even more effort to secure all aspects of their ecosystems. Otherwise, malicious actors could freely exploit weak links, steal data, and potentially perform acts that threaten even the most casual of users.

12 thoughts on “The Next Big Data Debacle Could Involve Amazon and China”

  1. Who made China powerful? All the European manufacturers that allowed unpenalized theft of intellectual property down to the nuts and bolts? A place to start.

  2. It might be more insightful to wonder who made China so economically powerful to begin with. And it wasn’t China.

  3. Sounds like its time to lock my credit with the credit agencies and let Amazon (who I use extensively) know that I will not be using their services any more until this is resolved. Their desire to enter the Chinese market place should not come at my risk.

  4. In addition to the usual Big Brother-ish uses China has for big data, the organization with the most data has a significant advantage when it comes to training AI’s. Privacy may be great for individuals in Europe and (maybe soon) the US, but one of the tradeoffs we make for that privacy is we put ourselves at a societal disadvantage when it comes to machine learning. I’m not sure if the disadvantage will be decisive, but it’s something to keep in mind.

  5. I wonder if this started as fallout from chinese legal requirements regarding secret key access to encrypted things, and not a private info grab per se. Though if a chinese government intelligence group gained access through the payment processor and went fishing that would be pretty damning, but the processor and Amazon could say they were legally bound to provide this access hole and wash their hands of it.

  6. I’m wondering who is this mysterious person with enough clout to badly damage China, given that say… the President of the USA is already tackling China without any swift results.

  7. It depends entirely on who China is being China to. If the wrong person gets scammed, all hell could easily break loose. IMHO China has been very lucky to this point.

  8. Honestly I don’t see anything bad happening to Amazon or Google over their helping China be China.

    Not because there shouldn’t be consequences but there won’t be. Not like we are going to break them up.

  9. Amazon needs to be clear and transparent on this issue. If Bezos is caught in a China-Amazon coverup, something is going to hit the fan.

Comments are closed.