Well, auditing it would show what data is being sent where, and when. Unless of course we assume that the source published for th global search lens is in some way not what's being shipped. That'd be a whole other kettle o fish.
I think it's pretty obvious what it sends - or rather, the obvious stuff is enough to bother some people when the feature defaults to on.
They're saying they'd search for "Joe Random - Resignation Letter - FooCorp.doc" trying to find the latest copy they'd written and when that was sent to Amazon as a product search it would leak private information.
So I take it you've reviewed the source? Sat and watched a packet stream? The thing is I've heard lots of complaints about it infringing privacy, but not from someone who's also reviewed the source, it's all just second hand information.
