This weekend, lots of writers saw their books disappear from Amazon’s bestseller lists. Somehow, the sales ranking for their books was removed. Since this ranking is an important way for potential buyers to select the contents of their shopping cart, this prompted several angry responses by authors.
Filtering adult content?
In consideration of our entire customer base, we exclude “adult” material from appearing in some searches and best seller lists. Since these lists are generated using sales ranks, adult materials must also be excluded from that feature.
Or was it a hacker?
From here on, things get confusing; around the time this Amazon “policy change” was communicated, a hacker claimed to have tagged the removed books as adult through a CSRF attack. The code posted looks like it might work; the only thing that looks fake to me is this part:
I know some people who run some extremely high traffic (Alexa top 1000) websites. I show them my idea, and we all agree that it is pretty funny. They put an invisible iframe in their websites to refer people to the complaint URLs which caused huge numbers of visitors to report gay and lesbian items as inappropriate without their knowledge.
I really doubt any webmaster on a high traffic website would risk losing his job and possibly spending some time in prison because they think this is “pretty funny”. Still, the idea posted might have worked.
Or did someone at Amazon make a mistake?
Shortly after the reports of a hack started spreading, Techflash got a statement from an Amazon spokesman:
This is an embarrassing and ham-fisted cataloging error for a company that prides itself on offering complete selection.
It has been misreported that the issue was limited to Gay & Lesbian themed titles – in fact, it impacted 57,310 books in a number of broad categories such as Health, Mind & Body, Reproductive & Sexual Medicine, and Erotica.
That sounds like a good explanation, but he added this:
I asked Herdener about reports of a hacker who’s claiming credit for the glitch. Herdener responded: “This was our error,” without elaborating.
Note that he didn’t deny a hack had taken place; “our error” might also mean “we left a gaping hole in our website that allowed anyone to label books as adult”. It later became clear that Amazon doesn’t consider this a hack, but Amazon’s PR department obviously needs some improvement.
So what did happen?
Most people seem to have missed this on monday, but there are several reports from “sources within the company” that describe what really happened over the weekend:
Amazon managers found that an employee who happened to work in France had filled out a field incorrectly and more than 50,000 items got flipped over to be flagged as “adult,” the source said. (Technically, the flag for adult content was flipped from ‘false’ to ‘true.’)
“It’s no big policy change, just some field that’s been around forever filled out incorrectly,” the source said.
This sounds credible; what company hasn’t had these kinds of issues in the past? In the end, there is always room for human error. Let’s hope this incident makes Amazon re-consider its policy of sharing as little information with the media as possible; better communication might have prevented the hype surrounding this. A simple statement on their homepage saying “sorry, we mislabeled some books, we’re working on it” would have been enough.