Sailfish OS: Security and Data Privacy
Mobile World Congress is back again! Like every single year during the Jolla journey, we are excited to take part in this event. We have had great experiences in the past MWC’s, our main drivers for attending are the current and relevant topics discussed during the congress. One of this year’s core themes is Digital Trust; “Digital trust analyses the growing responsibilities required to create the right balance with consumers, governments and regulators.” It makes us happy that these topics are being discussed, especially since several scandals have recently affected trust in digital solutions.
At Jolla we work constantly towards providing a secure and transparent solution. Our value towards our customer’s privacy is reflected in our values and actions. Back in May of 2018 our CEO Sami Pienimäki wrote a blog post on the GDPR laws passed within the European Union and stated the cornerstones on how Jolla views data privacy. This stand on privacy is not rocket science – the core idea is to respect our customers’ privacy and allow them to be in control of their data.
Jolla’s Stand on Privacy
- We collect only a minimum amount of information, only what is needed to run our services.
- We do not monetize your data, or give your data to third parties without your express consent: we only use it to provide our services to you.
- We do not collect any data without your consent.
- And last but not least: we care are about privacy on all levels
To support our Stand on Privacy we recently attended the Computers, Privacy & Data Protection (CPDP) 2019 conference in Brussels. CPDP is a “world-leading multidisciplinary conference that offers the cutting edge in legal, regulatory, academic and technological development in privacy and data protection.” The event took place right after the celebration of International Data Privacy Day on the 28th of January. During the event, Jolla was invited to attend a panel focused on privacy and design in mobile development.
Here are a few insights from Vesa-Matti Hartikainen, Program Manager at Jolla, who was the speaker at the panel:
“Jolla was invited to attend the panel titled “Implementing Privacy by Design into mobile development, obstacles and opportunities. A developer perspective on data protection by design” at CPDP2019 conference. As I co-ordinated the work of Jolla’s GDPR project I was chosen to represent our company.
In the panel there were representatives from academia, other companies and data protection authorities. During the panel an interesting question came up: “What else (than GDPR) is necessary to finally get these solutions (Privacy by Design) into broad deployment?” The answer I gave came from my experience while developing Sailfish OS. It is very difficult to compete against “free” when the competitor OS is essentially free for the device vendors. At the same time the OS vendor gets its investment back by having their apps and services being prominently present in the device, which allows them to profile the users, collect data and in the end mostly monetise from the ads on the app and from the ads on their other services. GDPR has already had some impact on the situation as it severely limits what organisations are able to do with the data and exposes what data they are collecting. It is valuable to have regulations in place and having better visibility on what information is collected from the users. The fines and controls are slowly impacting the big players. GDPR has shown some promise here in Europe, but it would be very good for privacy if other major markets should follow the lead.
After the panel I had several interesting discussions with conference delegates and it’s nice to see that privacy is a big concern here and actions are taken to protect peoples’ privacy. This concern was shown not only through the discussion but also by the reports presented during the event. A clear example is the report “Every Step you take: How deceptive design let’s Google track users 24/7” presented by the Norwegian Consumer Council and funded by the Norwegian Government. This report analyses how Google gets permissions to track the location using different technologies and through deceptive design practices.
Data privacy has always been in the core of Sailfish OS and in the way Jolla operates, and we believe this is one of the main reasons why our corporate customers and community believe in us. In our latest release, Sailfish 3, security has been a special focus and it incorporates several features to improve device security and keeping the user data and communications private. The security related features we’ve been developing into Sailfish 3 include among other things: encrypted user data and communication, new security architecture, remote lock and wipe, fingerprint support, VPN and specifically for corporate users: Mobile Device Management.”
As Vesa-Matti already mentions above, it is important to discuss about privacy and security. Awareness is growing, and governments are taking action into protecting the privacy and security of their citizens and businesses. As from our trench, we continue working on providing privacy for our customers and constantly improving the security in our solutions. We hope to have good discussions in Mobile World Congress 2019.
If you are interested in our solution you can still book a meeting with us through firstname.lastname@example.org. If you are part of the community in Barcelona we hope to see you in our Community Meet Up hosted with Planet Computers on Sunday 24th at 5pm, in restaurant Bodega La Puntual.