Adobe’s e-book reader sends your reading logs back to Adobe—in plain text [Updated] – In what has to be one of the very worst moves in Internet history, Adobe Digital Editions 4 now tracks every book you read and send that information IN PLAIN TEXT back to Adobe. That’s right folks: Adobe is massively violating your privacy by keeping track of what you read, then further imperiling your security by having that information travel unencrypted to spy central. There is also concern that this activity violates the Reader Privacy Act recently enacted in New Jersey. And what about epub library books, you ask?
Digital Editions (DE) has been used by many public libraries as a recommended application for patrons wanting to borrow electronic books (particularly with the Overdrive e-book lending system), because it can enforce digital rights management rules on how long a book may be read for. But DE also reports back data on e-books that have been purchased or self-published. Those logs are transmitted over an unencrypted HTTP connection back to a server at Adobe—a server with the Domain Name Service hostname “adelogs.adobe.com”—as an unencrypted file (the data format of which appears to be JSON).
The behavior is part of Adobe’s way of managing access to e-books borrowed from a library or “lent” by other users through online bookstores supporting the EPUB book format, such as Barnes & Noble. If you’ve “activated” Digital Editions with an Adobe ID, it uses that information to determine whether a book has been “locked” on another device using the same ID to read it or if the loan has expired. If the reader isn’t activated, it uses an anonymous unique ID code generated for each DE installation. –Ars Technica
Adobe Confirms It’s Gathering Ebook Readers’ Data – I know you didn’t think it could get any worse, but, alas, it does. Adobe tries to explain itself, and when Nate Hoffelder informs Adobe that ADE 4 is not only tracking epub books, but his whole digital book library, Adobe reiterates its original statement:
Reached for comment, Adobe confirms that those data gathering practices are indeed in place. “Adobe Digital Editions allows users to view and manage eBooks and other digital publications across their preferred reading devices—whether they purchase or borrow them,” Adobe said in a statement this afternoon. The statement continues:
“All information collected from the user is collected solely for purposes such as license validation and to facilitate the implementation of different licensing models by publishers. Additionally, this information is solely collected for the eBook currently being read by the user and not for any other eBook in the user’s library or read/available in any other reader. User privacy is very important to Adobe, and all data collection in Adobe Digital Editions is in line with the end user license agreement and the Adobe Privacy Policy.” –Digital Book World
Adobe Digital Editions 3 Probably Safe From Adobe’s Spying, Experts Say – Nate Hoffelder, who broke this story originally, reports that earlier versions of ADE do not appear to be prying into your private reading habits. You can check out this article and the others he wrote to see how both he and Ars Technica confirmed that Adobe is sending your info in plain text back to spy central. Hoffelder suggests that if you want to avoid Adobe altogether (and how many of you are ripping that software from your computer as I write this?), you can try a reader program like Bluefire.
I have followed up on this story and looked into the earlier versions of Digital Editions, just to see how long Adobe may have been spying on users. After testing DE2 and DE3 I can report, and others can confirm, that neither app appears to be tracking my reading habits nor uploading details about my ebook library.
The older apps do send some information to Adobe, but the data packet is small enough that it can’t hold much more than info required to authorize the DRM. So if you need one of Adobe’s apps, you do have safer options than DE4. –The Digital Reader
E-Reader Privacy Chart, 2012 Edition – Although it’s from 2012, EFF has a handy chart that looks at Google Books, Kindle, Nook, Kobo, Sony, OverDrive, IndieBound, the Internet Archive, and Adobe Content Server, to determine what information each application can and cannot monitor, track, and share, along with assessing compatibility with digital books purchased elsewhere. Right now it may be especially handy. –Electronic Frontier Foundation