Amazon Goes Unprotected, Ditches Encryption in New Fire OS Update

If you’re an Amazon Fire user and also a criminal, it might be a good time to move any incriminating data off of your devices. There are a couple of ways major companies approach digital security: for Apple, you can double-down on device integrity and duke it out with the FBI, or you can do what Amazon did today and toss encryption out the window for an entire line of products.

In the latest Fire OS 5 update, Amazon announced that its Fire devices will no longer support encryption, mystifying and angering many users on its support forums. Fire users can stay encrypted by sticking with an older version of the OS, which means they can’t get Android security updates, or upgrade to the new version and lose the option to encrypt their data.

Fortunately, this update only affects Amazon’s Fire OS — its Echo smart-home devices are still fully encrypted, meaning their link in the internet of things is more secure than some. It also signed a amicus brief in support of Apple’s fight against the FBI, so their company-wide policy of encryption is a little unclear.

After users complained about the change, Amazon gave some clarification in a statement to Engadget.

“In the fall when we released Fire OS 5, we removed some enterprise features that we found customers weren’t using,” Amazon said in a statement. “All Fire tablets’ communication with Amazon’s cloud meet our high standards for privacy and security including appropriate use of encryption.”

Basically, Amazon users weren’t using encryption, so the company took it away. While this might be a realistic approach to streamlining their operating systems and doing away with obsolete features, encryption is rapidly becoming an expected feature by an increasingly privacy-aware public. And especially with digital security all over the headlines, Amazon’s decision seems poorly timed at best.