Menu
Adobe begins encrypting user data collected from Digital Editions app

Adobe begins encrypting user data collected from Digital Editions app

The company was criticized for sending data about content to its servers in plain text

Adobe Systems said it is now encrypting data it collects about certain e-books after facing criticism earlier this month for not protecting the data.

The Digital Reader blog reported on Oct. 6 that Adobe's Digital Editions 4 software, used for downloading and reading e-books, sent detailed logs to Adobe describing readers' activity.

Those logs were not sent using SSL/TLS (Secure Sockets Layer/Transport Layer Security), according to the blog. SSL/TLS encrypts data sent between a client and server, designated by "https" in a browser's URL bar.

In a note about Digital Editions posted Thursday, Adobe said it now periodically collects the data "using HTTPS." The change is made in Digital Editions versions 4.0.1 for Mac and Windows.

The Electronic Frontier Foundation contended that sending the data over plain text "undermines decades of efforts by libraries and bookstores to protect the privacy of their patrons and customers" even if Adobe's practice was a mistake.

Without encryption, the plain-text data could be intercepted and read using network analysis tools such as Wireshark if the data was sent to Adobe while a person was using, for example, a public Wi-Fi network.

Adobe maintains the data is necessary to abide by the DRM (digital rights management) restriction on content, which are imposed by publishers and distributors to protect works from piracy.

The data sent to Adobe includes the title and description of a book, the author, language it's written, the date of purchase or download, the distributor ID, the publisher's list price and ISBN (International Standard Book Number).

In some cases, Adobe may record how long a person reads a book, which is used for "metered" pricing models based on the actual time the content is read.

The company also collects other technical metrics, such as the IP address of the device downloading a book, a unique ID assigned to the specific applications being used at the time and a unique ID for the device.

Adobe said it doesn't collected any personally identifiable information, but may share "anonymous aggregated information with eBook providers to enable billing under the applicable pricing model." It said it doesn't collect information about content without DRM restrictions.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Adobe Systems

Featured

Slideshows

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

EDGE 2018: Kiwis kick back with Super Rugby before NZ session

New Zealanders kick-started EDGE 2018 with a bout of Super Rugby before a dedicated New Zealand session, in front of more than 50 partners, vendors and distributors on Hamilton Island.​

EDGE 2018: Kiwis kick back with Super Rugby before NZ session
EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018: Kiwis assess key customer priorities through NZ research

EDGE 2018 kicked off with a dedicated New Zealand track, highlighting the key customer priorities across the local market, in association with Dell EMC. Delivered through EDGE Research - leveraging Kiwi data through Tech Research Asia - more than 50 partners, vendors and distributors combined during an interactive session to assess the changing spending patterns of the end-user and the subsequent impact to the channel.

EDGE 2018: Kiwis assess key customer priorities through NZ research
Show Comments