The Amazon employee who was fired recently for sharing customer’s email addresses with a retailer will be prosecuted. Sharing email addresses are in contravention of the marketplace’s policies. Amazon have said that they are supporting law enforcement against their ex-employee.
The affected consumers were emailed by Amazon to inform them that their email address had been shared. They were sure, however, and told the customers, that no other items of their personal data had been compromised. They also said that the retailer in question has been kicked off the marketplace.
The message read thus:
We are writing to let you know that your email address was disclosed by an Amazon employee to a third-party seller on our website in violation of our policies. As a result, the employee has been terminated and we are supporting law enforcement in their prosecution. The third-party seller has been blocked from selling on our website. No other information related to your account was shared.
This is not a result of anything you have done, and there is no need for you to take any action.
Amazon Customer Service
It is not known if any European consumers were impacted which would bring this under the auspices of GDPR, in which case the Amazon employee fired has exposed Amazon to a potential fine of €20 million or 4% of turnover (whichever is greater… and Amazon turn over was $177.86 billion in 2017).
Amazon insist that sellers communicate through their own messaging platform, which is pretty good including the ability to send images, and always mask consumers email addresses from merchants selling on the marketplace. There’s no real need for a retailer to have a consumer’s email address unless they want to market to them directly or for hackers who want to attempt to gain financial credentials for fraud.