"So painful it contributes to the downfall of your product" need not be the standard. There is a middle ground that takes customer data seriously.

I thought Alexa was bad for privacy.

But I guess Amazon does everything in their power that only they have the access.

So it sounds to be quite well secured, while no idea what Amazon does with it.

To be honest, I'm just going off the other commenter's testimony; I would have presumed that their internal data access control policies would be... minimal, to be generous. The fact that developers couldn't get access to data to the point that they noticed and it was painful sounds like a genuine good step in the right direction, though.

There is a point that there should be a way of gatekeeping this in a maximally efficient and accountable way but setting the standard of "Access Control" as being that there's friction to gain access seems like a no brainer.