NEWS RELEASE
Office of Maryland Attorney General J. Joseph Curran, Jr.


December 13, 2001 Media Inquiries: Sean Caine 410-576-6357

AMAZON.COM AGREES TO PROTECT PRIVACY OF FORMER EGGHEAD.COM CUSTOMERS

Attorney General J. Joseph Curran, Jr. today announced that, in response to concerns raised by his Consumer Protection Division and those of nine other states, Amazon.com has agreed to protect the privacy of personal information collected from more than one million former customers of Egghead.com.

"Consumers should be able to rely upon a companyís promise to keep their personal information private," Curran said. "Companies that renege on privacy promises hurt not only their own reputations with consumers but also the confidence consumers have in making purchases with any online company."

Egghead.com, a California-based online retailer of software and computer-related office equipment, declared bankruptcy earlier this year and, despite a posted privacy policy promising that personal customer data would not be sold, sought to sell its customer list and personal customer data. Maryland and seven other states joined an objection to the proposed sale filed by Massachusetts and California seeking to prevent the sale of customer data in violation of Eggheadís privacy promise.

The Egghead.com website and customer information were sold to Amazon.com. Following discussions with the Attorneys General and the Federal Trade Commission, Amazon agreed that no personally identifying information regarding former Egghead.com customers will be provided to Amazon without the customerís express consent.

Amazon.com agreed to protect the personal information of former Egghead.com customers by either destroying their information or placing the customer information under the control of a third party. Amazon could request that the third party send e-mail to former Egghead.com customers on its behalf or analyze aggregate data that does not include any personally identifying information. However, under the agreement, Amazon would not have access to the customer information without the customerís affirmative consent.

###