Amazon is rolling out a change to Wishlists that could quietly erase a key privacy safeguard. The company has notified list owners that the setting which blocks gifts from third-party marketplace sellers will be removed, and that addresses used for fulfillment may become visible to buyers via delivery updates and tracking information.
That shift turns a convenience feature into a potential doxxing risk, especially for people who share public lists with large audiences. While friends and family already know where you live, strangers do not—and this update makes it easier for them to find out.
What Is Changing in Amazon Wishlist Privacy Settings
Historically, Wishlist owners could restrict gifts to items “sold by Amazon,” which helped keep personal details shielded behind Amazon’s fulfillment systems. By removing that restriction, buyers can pick offers from third-party sellers, and the seller will receive the recipient’s delivery address to ship the item.
Amazon’s masking has typically limited what a gift buyer sees to a name plus city and state. But when a third-party seller handles fulfillment, the full address is used on shipping labels. Buyers may also see that address reflected in carrier tracking pages, order updates, or packing slips—information streams that weren’t previously exposed in the same way.
How Your Address Could Leak Through Wishlist Gifts
The new setup introduces multiple exposure points. A marketplace seller receives the full destination address to ship the gift. If a buyer is determined to learn that address, they might glean it via tracking notifications or by contacting the seller for “delivery support.” In the worst case, a malicious actor could pose as a seller, purchase an item from your list, and use the process to capture your address.
The scale of the marketplace increases the stakes. Amazon’s own disclosures note that third-party sellers account for well over 60% of unit sales on the platform, meaning most inventory runs through vendors outside Amazon’s direct control. More sellers, more shipping handoffs, and more systems involved equal more chances for private information to surface.
Who Is Most at Risk from Public Wishlist Changes
Anyone running a public Wishlist is affected, but the risk concentrates around people who accept gifts from strangers: livestreamers, influencers, adult creators, mutual-aid organizers, teachers and coaches soliciting supplies, and even public figures who share registries with fans. For these groups, a home address is not just sensitive—it can be a safety issue.
Privacy advocates have long warned that doxxing often begins with seemingly small breadcrumbs. Pew Research Center has found that online harassment remains widespread in the U.S., and address exposure is a common escalation path. The Federal Trade Commission has similarly cautioned that contact information can be leveraged for stalking, identity fraud, and social engineering.
Practical Steps to Protect Yourself and Your Address
- Switch public Wishlists to Private or Shared with specific people you trust. This is the most reliable way to sever the link between your public identity and a shipping address.
- Use a PO Box, commercial mail receiving service, or workplace/mailroom as your Wishlist shipping address. Many creators set up a dedicated “fan mail” address for this purpose, separating their home location from public gifting.
- Consider Amazon Locker or counter pickup if available for items on your list. While not all products are eligible, using a pickup location keeps your home address out of circulation.
- Create a new “gift-only” address entry within your Amazon account that omits unit numbers and personally identifying labels where permissible. Keep your legal name and exact residence off any address that could be shown to buyers or sellers.
- Favor digital alternatives when possible. E-gift cards and digital subscriptions provide support without sharing a physical address. Some creators also use third-party gifting platforms that proxy shipments to hide recipients’ locations.
- Audit your lists now. Remove high-value or highly personal items, and check whether they are fulfilled by marketplace sellers. Prune anything you wouldn’t be comfortable receiving from a stranger who might also see your delivery details.
Why This Matters Beyond Wishlists and Public Gifting
Marketplaces thrive on openness and choice, but safety hinges on minimizing how widely personal data travels. Address data is uniquely sensitive: once exposed, it can’t be “unseen,” and it tends to propagate through screenshots, tracking histories, and customer support logs. Even well-intentioned buyers can inadvertently reveal a recipient’s location by sharing delivery screenshots in public forums.
Amazon has introduced numerous privacy controls across its retail and device ecosystem over the years, but the removal of this specific Wishlist safeguard nudges users toward more proactive self-defense. If you rely on public registries, treat your shipping details like you would a phone number or Social Security number—only share them in contexts you can control.
The bottom line is simple: public gifting just became riskier. Take a few minutes to lock down your lists and route deliveries through addresses that won’t put you—or your family—on the map.
