Amazon Wish Lists Pose Privacy Risk, Exposing Personal Details to Public View

A persistent privacy flaw in Amazon's wish list feature continues to put users at risk, potentially revealing personal information like full names and home addresses to anyone online. Despite periodic scrutiny, the online retailer has not changed the default settings that leave this data exposed.

The problem originates with Amazon's configuration. When a customer creates a wish list, the system defaults to a public or shared visibility setting. Unless a user manually adjusts these options, the list—and any attached shipping address—can be found through search or accessed by anyone with the link. During the purchase process for an item on the list, a buyer may be shown the list owner's delivery address.

This vulnerability has led to real-world incidents, particularly for online creators and public figures who share lists with followers. There are reports of unwanted contact and harassment after addresses were obtained this way. However, any user who has ever shared a list link on social media or a public profile could be affected.

Privacy advocates note this is part of a broader pattern where tech platforms favor open, shareable defaults over protective ones. While regulations like the GDPR have pushed for change in Europe, U.S. users remain largely responsible for their own security settings.

To secure an Amazon wish list, users must take manual steps. Navigate to 'Your Lists' in your account, select each list, and update its privacy settings. Set the list visibility to 'Private,' manage the shipping address settings under 'List Settings,' and consider using a nickname instead of a full name on the list's display. It is advisable to review all existing lists, as old ones may still have the risky defaults enabled.

Amazon has not announced plans to alter the default privacy stance for wish lists. For now, the task of preventing exposure falls to the individual user.

Source: Webpronews