Complaint: Amazon doesn’t allow baseline TLS security
Content
Data Security Baseline email security missing. During their route to the recipient, emails are handled by different entities, nodes and service providers which may intercept, manipulate and unlawfully use the content. In order to reduce these risks, it is a baseline industry standard to use so-called TLS encryption. View complaint (PDF) “TLS is like an envelope around a letter. If not used, anyone can read the content of an email in transfer.” Stefano Rossetti, privacy lawyer at noyb Surprisingly the Amazon servers reject TLS connections in certain cases, for example when third party sellers on Amazon communicate with customers vie email. This means that millions of emails that are sent via Amazon may be exposed everyday. Violation of GDPR. Article 32 of the GDPR requires companies to implement “appropriate” security measures, such as encryption, to protect the confidentiality of communications. As TLS encryption is very cheap and simple to implement and the number of sellers and custo