As promised, Adobe is rolling out a software update to Digital Editions 4 in order to address privacy concerns involving the data gathering program that came to light earlier this month.
Digital Editions 4.0.1 aims to secure that transmission in HTTPS. Users will be automatically notified of the software update, which can also be downloaded here.
Adobe has clarified the scope and nature of the data it collects as well as the uses to which it’s put, but so far not everyone is satisfied with those explanations.
The American Library Association took Adobe to task not just for the company’s “egregious” transmission of unencrypted user data but also for gathering it in the first place, asking, “Are all of the data elements collected necessary for product functionality? Is such sensitive user data deleted soon after the need for operational purposes is fulfilled?”
In a statement provided to Digital Book World today about the software update, Adobe did not address either of those questions directly, but it did make an effort to shed further light on the transmission issue. “While it is correct that prior to the update, certain usage data was transmitted in clear text,” Adobe explains, “Adobe did not transmit or store the actual user ID or device ID in clear text.”
The statement continues:
Even prior to the update, both the user ID and device ID were obfuscated by assigning unique values (“GUIDs”), which were collected and stored in place of the user ID and device ID.