Menu
Adobe begins encrypting user data collected from Digital Editions app

Adobe begins encrypting user data collected from Digital Editions app

The company was criticized for sending data about content to its servers in plain text

Adobe Systems said it is now encrypting data it collects about certain e-books after facing criticism earlier this month for not protecting the data.

The Digital Reader blog reported on Oct. 6 that Adobe's Digital Editions 4 software, used for downloading and reading e-books, sent detailed logs to Adobe describing readers' activity.

Those logs were not sent using SSL/TLS (Secure Sockets Layer/Transport Layer Security), according to the blog. SSL/TLS encrypts data sent between a client and server, designated by "https" in a browser's URL bar.

In a note about Digital Editions posted Thursday, Adobe said it now periodically collects the data "using HTTPS." The change is made in Digital Editions versions 4.0.1 for Mac and Windows.

The Electronic Frontier Foundation contended that sending the data over plain text "undermines decades of efforts by libraries and bookstores to protect the privacy of their patrons and customers" even if Adobe's practice was a mistake.

Without encryption, the plain-text data could be intercepted and read using network analysis tools such as Wireshark if the data was sent to Adobe while a person was using, for example, a public Wi-Fi network.

Adobe maintains the data is necessary to abide by the DRM (digital rights management) restriction on content, which are imposed by publishers and distributors to protect works from piracy.

The data sent to Adobe includes the title and description of a book, the author, language it's written, the date of purchase or download, the distributor ID, the publisher's list price and ISBN (International Standard Book Number).

In some cases, Adobe may record how long a person reads a book, which is used for "metered" pricing models based on the actual time the content is read.

The company also collects other technical metrics, such as the IP address of the device downloading a book, a unique ID assigned to the specific applications being used at the time and a unique ID for the device.

Adobe said it doesn't collected any personally identifiable information, but may share "anonymous aggregated information with eBook providers to enable billing under the applicable pricing model." It said it doesn't collect information about content without DRM restrictions.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags Adobe Systemssecurity

Slideshows

Meet the leading HP partners in New Zealand...

Meet the leading HP partners in New Zealand...

HP has recognised its top performing partners in New Zealand at the second annual 2016 HP Partner Awards, held at a glittering bash in Auckland. The HP Partner Awards recognises and celebrates excellence, growth, consistency and engagement of its top partners. This year also saw the addition of several new categories, resulting in 11 companies winning across 11 award categories.

Meet the leading HP partners in New Zealand...
Channel comes together as Ingram Micro Showcase hits Auckland

Channel comes together as Ingram Micro Showcase hits Auckland

Ingram Micro outlined its core focuses for 2017 at Showcase in Auckland, bringing together the channel for a day of engaging keynotes, compelling breakout sessions and new technologies.

Channel comes together as Ingram Micro Showcase hits Auckland
Show Comments