In case you haven’t heard about it, there is a brouhaha about Amazon un-selling copies of two Orwell books, 1984 and Animal Farm. There has been much hand-wringing, particularly since it’s deliciously amusing that that it’s Orwell.
The root cause of the issue is that the version of the Orwell novels available on the Kindle weren’t authorized editions. When contacted by the owners of Orwell’s copyrights, they deleted the books and refunded customers’ money.
All things considered, Amazon did something approximating a right thing in this matter. They didn’t have the right to sell the novels, and so they pulled the novels from the store and customers, and gave the customers a refund. About the only thing they could have done righter was to give something to the people who thought they had the books. The best thing to give them would have been authorized copies of the books, but store credit would be nice, too.
You can find a New York Times article on it, as well as a CNET article, as well as a Tech Dirt article that brings up the very good point that deleting the books was very likely against the Kindle terms of service, which is why Amazon likely should offer those people something.
Among all the handwringing, there are a number of stupid people — or perhaps people who should just know better — who somehow mutter dark things about how this serves people right for getting a device that has DRM in it. (As if they’ve never owned a DVD.)
Some of these people who should know better might think that I’m somehow in favor of DRM, so let me say that I am not. I am against DRM. I am also against nuclear war, swine flu, totalitarian governments, and bad service in restaurants. I’m also against one or two other things. None of them had anything to do with this little contretemps.
The issue is caused not by DRM, but by cloud computing. The problem is that Amazon has a cloud service in which Kindle customers can keep their e-books on Amazon’s shelf, and shuffle them around to any Kindle-enable device they have (like a Kindle proper, or an iPhone running the Kindle app). Customers can even delete a book from their Kindle and get it back from the cloud at a later date.
The event is that Amazon removed the book from the cloud, not that it had DRM in it. If you are concerned by this, you should be concerned by the cloud service. The cloud service enabled Amazon to respond to a legal challenge by removing customers’ data from the cloud. They didn’t need DRM to do it. In contrast, if iTunes store or the Sony e-book store had improperly sold a book, they wouldn’t be able to revoke it because they don’t have a cloud service as part of the store. (eMusic, incidentally, regularly adds and removes music from their store with the waxing and waning of desire to sell it.)
This is why we need to look at it for what it is, a failure in a business model and in the cloud service. Interestingly, the newly-formed Cloud Security Alliance predicts similar issues in which outside parties cause a cloud provider to shaft its customers. Not bad.
Their prescience is a bit limited because the proposed solution to this problem is to encrypt the cloud data with some fancy key management. That wouldn’t work here for the same reason that DRM isn’t an issue. If I know you have a resource, it doesn’t matter if magic fairies protect it, if I can delete it. It’s still good advice, it just wouldn’t have worked here.
What’s needed is some sort of legal protection for the customers, not technical protection. There are many potential warts here. If the owners of Orwell’s copyrights do not desire any ebooks of his works, it’s hard for Amazon to go buy legal copies for their customers (which would have been the most right thing to do). And it’s hard to argue that the seller shouldn’t do everything in their power to undo a sale they shouldn’t have made.
The correct way to deal with this is through some sort of contract arrangement to protect the customer. (The Cloud Security Alliance is prescient on this, as well.) That contract should be the Terms Of Service between the cloud provider and its customers. As TechDirt pointed out, this was likely a breach of Amazon’s TOS. They’re not supposed to delete books. They said they wouldn’t. Because of this, they owe something to their customers who were on the losing end of this breach of contract beyond the refund. I think ten bucks store credit is fine, myself.
They really need to do something, however, because without doing something, then someday someone will violate their TOS with Amazon and defend it with this breach of the TOS.
However, if you want to cluck your tongue, it should not be about buying goods with DRM, it should be about goods stored in the cloud. Everyone who offers cloud services ought to be clarifying now what they will do to protect their customers against lawsuits from outside parties. It can be crypto or contracts, it doesn’t matter, it just needs to work. This may be the first major cloud-based customer service failure, but it won’t be the last.