Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
0
Helpful
1
Replies

Jabber client - Personal data protection

ciaranmurphy1
Level 1
Level 1

‎02-27-2018 02:31 PM - edited ‎03-17-2019 07:21 PM

Hi Folks,

 

I'm doing an exercise with the workers council in Germany where I am required to asses personal data protections in a self hosted (CUCM) Jabber client.

 

For example, one item flagged already is in relation to the sometimes casual/informal nature in which IM is used and that control over the chat history must be given as an option to the user so that any non-work related conversations or personal opinions cannot be scrutinized by anyone else.

 

With that in mind I would like to gather opinions from the community about where else there might be personal data protection concerns for a Jabber user who is also using the softphone feature in Jabber. 

 

For exmaple personal data could be an phone number, email address, AD username or any log files that could be used to identify a person either in the Jabber client or on the CUCM.

 

all feedback or links to documents is greatly appreciated

 

Kind Regards

 

Ciarán   

 

 

0 Helpful
1 Reply 1

Jaime Valencia
Cisco Employee
Cisco Employee

‎02-27-2018 04:03 PM

You might want to reach out to a local SE and discuss this in first place with a legal representative to know EXACTLY what are their worries.

 

BUT, I mean, CUCM, IM&P and Jabber are meant to store user information that you input, or sync from LDAP in order to provide work properly.

If there's no directory, jabber will show JIDs and there will be no search feature.

If there's a directory but no phone numbers, you cannot choose a contact and call him, or directory resolution will not work.

If you do not input the name in the DNs, you won't know who is calling you, or who you are calling to.

Jabber caches all your contact list and refreshes it every 24 hours plus a random time between 0 and 6 hours to avoid hitting the servers with too many requests.

If you want, you can have pizza guy contacts in your Jabber.

If you have all the above, you can see that info on logs and traces.

If you have compliance or persistent chat, all the conversations go to a DB.

 

All the above are not concerns for most people as they have all that integrated for the products to work as expected and with the right user experience.

HTH

java

if this helps, please rate
0 Helpful
Customers Also Viewed These Support Documents