[Privacy policy] Questions on data collection
Hello!
I recently got myself setup with Sailfish OS. For this it was necessary to create a Jolla account.
The following are excerpts from the Privacy Policy and a related blog post:
we collect and process a minimal amount of personal data
We collect only a minimum amount of information, only what is needed to run our services
Data privacy has always been in the core of Sailfish OS and in the way Jolla operates, and we believe this one of the main reasons why our customers and fans believe in us
This is very nice. But it leaves me wondering about the following things in the privacy policy:
If you have a Sailfish device (meaning a device running on Sailfish OS), we may collect information about your device such the IMEI number of the device, and the IP address when it is connected to the internet
I understand the IMEI can be used to link a license to a device and needs to be transmitted. But why would Jolla need to keep IP addresses every time a device comes online? How is that needed to run the services or provide better user experience?
We will retain your data for as long as necessary to provide the products and services you have requested from us
This is strange, because even as it proceeds to explain how retention periods are determined, it does not actually describe what the retention periods are for any type of data. How long is Jolla going to keep the log of IPs the users connected with to their services (which is easily mappable to location information)?
We will not disclose your personal data to third parties unless... the disclosure is reasonably necessary...
It has little value to say personal data will not be disclosed and then proceed to list a number of wildcard exceptions, particularly "enforcing the ToS", which pretty much justifies giving private data to any 3rd party service that can potentially help or be related to any of the provisions in the ToS. Also per the ToS, the Sailfish would not be authorized to access any Jolla services outside the "Authorized Countries" (which are not even listed there). I don't know how this affects the OS usage, and I assume in practice this apply to purchasing the license and little else, but the wording is still worrying, and the enforcement of such things gives Jolla green light to track users location.
All in all, I think there are great lengths to improve the privacy provisions made by Jolla:
- Do not collect IP addresses or at least explain why.
- Be explicit about retention periods
- Anonymize more data. i.e. you don't need to keep the IMEI of a phone. You could just keep the hash of associated to the license number and use that to verify if a given license is running on the phone it should.
- Be more explicit about what the services that Jolla provides are, and how are they used from Sailfish OS, for what, how often and whether they can be opted-out.
- Be more explicit about what the Authorized Countries and how it affects users that travel to them in regards to the services they provide.
- Be more explicit about what legislation Jolla is bound to (Finnish I guess?) and what extra provisions it needs to comply with and how they affect the privacy policy.
- Treat privacy data requests as a priority: automated forms to obtain, modify and delete data. Answering to data requests in 30 days can be improved to answering to data requests immediately, or in 24h.
It is not the best way to develop trust to go around saying privacy is of utmost importance and then have a super standard, hole-ridden privacy policy which wants to do one thing (keep as little personal data as possible) but includes safeguards to possibly doing the opposite (keep it forever, hand it to third parties as needed etc...).
About the IP: I can imagine that some WIFI captive portal detection functionality checks the connectivity via http://ipv4.jolla.com/ and thats logging the request.
More services catches for sure also the IP. Some clarity from Jolla would be great ...
Leon ( 2020-04-09 19:01:27 +0200 )edit