The American Library Association (ALA)’s President Courtney Young vowed to “continue investigating possible violations of applicable federal or state laws on commerce/trade and privacy” in response to last week’s revelations about Adobe’s extensive tracking of ebook readers’ data through Adobe Digital Editions 4.
The platform is widely used by public libraries in order to lend ebooks to patrons. News of Adobe’s practices raised concerns among librarians about the “possible over-collection and unnecessary retention of sensitive user data,” as the ALA put it in a press release today. “Are all of the data elements collected necessary for product functionality? Is such sensitive user data deleted soon after the need for operational purposes is fulfilled?”
While Adobe has yet to answer those questions conclusively, the company has promised to roll out an update by October 20 to address alarm over the transmission of ebook readers’ data in plain text. The company has not accounted for why that information was delivered unencrypted.
There is also the question of how long and at what level Adobe has collected ebook data. Adobe framed the history of its data gathering program in terms of the business models Adobe Digital Editions has supported from one version of the platform to the next.
A spokesperson told Digital Book World, “in ADE3 and prior we collected data that was relevant for the business models of perpetual and rental models. ADE4 introduced support for additional business models, such as limited or metered pricing models where publishers or distributors charge readers based on the duration a book is read; or subscription models where publishers or distributors charge based on the percentage of the book read. Additional data sets were added to be able support those business models.”
Even with many questions lingering, the ALA feels Adobe has already gone too far. “The unencrypted online transmission of library reader data is not only egregious,” Young said, “it sidesteps state laws around the country that protect the privacy of library reading records. Further, this affects more than library users; it is a gross privacy violation for ALL users of Adobe Digital Editions 4.”
The ALA’s complete statement is available here.