Runbox 7 updates July 2020: Contacts improvements

August 6, 2020 Leave a comment

A brand new Contacts interface, one-click view all email by recipient, contact avatar support, and many other improvements and bug fixes.

  1. New feature (app): Implement indicators for multipart background activities
  2. New feature (contacts): Add background activity indicator
  3. Bugfix (mailviewer): React to avatar settings as soon as they change
  4. New feature (contacts): Add a tooltip to picture upload button if gravatars are disabled
  5. Bugfix (contacts): Hide pictures in contact details if they’re disabled
  6. Bugfix (identitys): make main identity email field read only
  7. New feature (contacts): Add avatar settings to Contacts settings
  8. Visual fix (compose): Show suggested recipients with light gray background. (#693)
  9. Bugfix (webmail): Redraw folders properly after new item completed.
  10. Bugfix (contacts): Scroll details to top when new contact is selected
  11. New feature (contacts): Add settings to adjust avatar use in the app
  12. New feature (mailviewer): Use pictures from contacts when available
  13. New feature (contacts): Allow uploading/deleting contact pictures
  14. New feature (contacts): Show pictures/gravatars on contact details page
  15. New feature (mailviewer): Show gravatars when available
  16. Visual fix (webmail): Add a tooltip for webmail settings button
  17. Bugfix (webmail): Make sure we can still use saved searches when no folder is selected
  18. Bugfix (contacts): Make contacts draggable again
  19. Bugfix (webmail): Fix switching folders not working in some cases
  20. New feature (contacts): Add hints to columns indicating what they’re for when they’re empty
  21. Visual fix (contacts): Minor layout fixes to contactlist
  22. Visual fix (contacts): Make the 3-column layout more rigid
  23. Bugfix (contacts): Fix a template crash when deleted contacts exist as group members
  24. Visual fix (calendar-app): Side-nav menu styles fix
  25. Visual fix (contacts-app): Side-nav menu styles fix
  26. Bugfix (contacts): Make contactlist scroll independently of contact details
  27. New feature (webmail): Show folder count for drafts
  28. New feature (webmail): Add webmail settings, allowing the disabling of popular recipients
  29. Visual fix (webmail): Move message action menu to middle column
  30. Visual fix (compose): Differentiate “Recently used” from recipients
  31. Visual fix (compose): Differentiate “Recently used” from recipients
  32. Bugfix (compose): From-specific reply-to addresses saved/stored if setup
  33. New feature (contacts): Add a way to edit group members from the group page in mobile view

Continue Reading →

Runbox 7 updates June-July 2020: Webmail and Compose improvements

July 10, 2020 Leave a comment

New features such as listing messages by recipient, recently used recipients on Compose, and several other improvements.

  1. New feature (compose): Compose now accepts pasting email lists recipients
  2. Bug fixes (common): Fix edge-case email address (list) parsing
  3. Bug fixes (compose): Different positions for action buttons for mobile and desktop
  4. Bug fixes (compose): Push draft action buttons further apart
  5. Bug fixes (webmail): Only recount folder unread counts after content change
  6. New feature (webmail): Reset search when switching folders
  7. Bug fixes (compose): Make layout more responsive
  8. New feature (webmail): Add a list of popular email recipients to the sidebar
  9. Bug fixes (compose): Update recipient suggests whenever searchindex is updated
  10. New feature (multiple_msg_unread): Replace endpoint that marks multiple messages as unread/unflag
  11. Bug fixes (compose): Update angular deprecated recommendations
  12. Bug fixes (mark_multiple_msgs): Update before the request is completed
  13. Bug fixes (mark_multiple_messages): Try to use messageFlagChangeSubject.next to fix e2e errors
  14. Bug fixes (compose): Make sure suggested contacts are shown with their names
  15. Bug fixes (compose): Make sure we can still drag and drop suggestions to CC/BCC and have them show up
  16. Bug fixes (compose): Reload CC and BCC contents properly
  17. New feature (compose): Allow drag-and-drop for suggested contacts
  18. New feature (compose): Keep feeding the suggestion list after some contacts are selected
  19. Bug fixes (webmail): Make switching to the current folder a no-op
  20. Bug fixes (compose): Show only one suggestions bar per compose window
  21. Bug fixes (compose): Make sure profiles are loaded correctly regardless of races
  22. Bug fixes (compose): Cope with reply-to field in new TO format
  23. Bug fixes (compose): Ensure we cope with CC/BCC emails containing a comma
  24. Bug fixes (compose): Re-add code lost in cherry picking/merging
  25. Bug fixes (compose): Cope with replying to emails where From name contains a comma

Continue Reading →

Runbox 7 updates June 2020: Webmail and Contacts improvements

June 13, 2020 Leave a comment
  1. Bugfix (webmail): Make sure the URL fragment updates after closing an email
  2. Bugfix (webmail): Prefer contact recipients over searchindex recipients
  3. Bugfix (webmail): Visually scroll the message list when using the up/down keys
  4. Bugfix (contacts): Contact updates now appear in compose window directly after update/addition
  5. Bugfix (webmail): Update contacts cache separately from search index contacts
  6. Refactor (compose): Remove dead code / simplify code
  7. Test (e2e): Ensure localSearchPromptDisplayed is set upon closing the dialog
  8. Test (webmail): Adapt test to new structure. Prefer contacts over searchindex

Continue Reading →

Runbox 7 updates May-June 2020: Webmail improvements and bug fixes

June 3, 2020 Leave a comment

Runbox 7 enhancements and bug fixes, including better navigation, improved message handling, and a Welcome Desk with common tasks for new and existing users

A full changelog can be seen directly in the app at Runbox 7.

  1. New feature (webmail): Highlight currently “opened” email in mail list
  2. Bugfix (webmail): Fix up/down navigation in maillist
  3. Bugfix (webmail): Close mailviewer when email is deleted via multi-select operation
  4. Bugfix (webmail): Don’t “check” emails in folder view unless actually clicking on the checkbox
  5. Bugfix (webmail): Display selected-mail operations whenever more than one message is selected
  6. Bugfix (messagetable): Display time instead of the date for messages received after midnight
  7. Bugfix (mailviewer): Store message list view settings in browser
  8. Bugfix (mailviewer): Grow HTML view to proper size right away
  9. Bugfix (contacts): Make sure we’re not adding duplicate contacts to groups
  10. Visual fix (mailviewer): Increase the minimal width of canvastable columns
  11. Visual fix (welcome): Add note about how to return to Welcome Desk.
  12. Visual fix (welcome): Make Welcome Desk a flexbox. Use routerlinks where applicable.
  13. Visual fix (mailviewer): Increase the minimal width of canvastable columns
  14. Bugfix (styling): Fix breakpoints for iPad Pro
  15. Bugfix (compose): Ensure we can forward emails with no To or Subject
  16. New feature (login): Add password reset link to login window
  17. Bugfix (canvastable): Make it possible to open email from the bottom of the screen
  18. New feature (login): Add password reset link to login window
  19. Visual fix (login): More modern look to the login window

Continue Reading →

Runbox Email is officially an ethical buy

March 24, 2020 Leave a comment

We are delighted that Ethical Consumer has rated the Runbox email service one of their ethical best buys.

Following a thorough assessment of our business that included areas relating to our privacy policy and whether we were acting in an environmentally friendly way our email service gained one of the highest scores and was given the prestigious title of being an Ethical Consumer Best Buy product (you will need to be a subscriber to see the list of Best Buys and individual email service scores).

We’re obviously very pleased with the outcome of this assessment and it further confirms that our efforts to run a privacy and environmentally conscious service are valued in the wider market of ethical products that consumers seek out.

If you would like to know more about the work that Ethical Consumer do there is information on their website. For more information about the services that Runbox provides please visit runbox.com

Continue Reading →

Message from Runbox regarding the global health situation

March 17, 2020 2 Comments

In situations such as the one we are currently experiencing with COVID-19, uncertainty spreads easily and one may wonder whether services we rely upon will continue to function as usual. We are aware that our email service is of great importance to our customers, and that many rely upon Runbox in their professional and personal lives.

We can assure you that our operations will continue to function normally.

Runbox is located in Norway, a country with robust and reliable Internet services, and the Norwegian government and telecommunication operators are on the alert to ensure that Internet services are running as normal.

In our organization telecommuting is the modus operandi, and we are used to working from home offices or remote locations. For the immediate future the use of our headquarters is suspended in accordance with the advisory from our health authorities, but this will not have any impact on our day-to-day operations.

These are also the regulations our partners in Norway adhere to, and our affiliates abroad will naturally follow the advice in their respective countries. The data center where our servers are located will be enforcing stricter access procedures, but will otherwise operate normally.

This means that maintenance, support, development, and other internal functions will continue to work as usual. Our services are running on our own infrastructure, and there are no indications that our service will be exposed to any consequences of the current situation.

Our mission is to provide electronic communication between people, which is more important than ever in these times. We will continue fulfilling this obligation with dedication and determination.

Continue Reading →

Runbox is double carbon negative

March 11, 2020 Leave a comment

As explained in a previous blog post, Runbox works continuously to decrease CO2 emissions from our operations and act in an environmentally responsible manner.

We recently implemented an environmental policy to this end, which lays out our commitments to reducing, reusing, and recycling our resources.

In our policy we also pledge to doubly offset any CO2 emissions that do result from our operations despite our email service being entirely hydropowered.

We are proud to announce that we are now supporting World Land Trust in order to plant trees sufficient to compensate doubly for the emissions that result from our business.

The World Land Trust certificate for carbon dioxide emissions 2019

World Land Trust is an environmental non-profit organization working to ensure conservation of plants, animals and local communities in areas at environmental risk.

We chose World Land Trust after having researched a number of organizations offering similar services, and found World Land Trust to be the most professional and reputable candidate.

We encourage other companies to offset their own emissions in order to help achieve the goal of carbon neutrality.

Continue Reading →

GDPR implementation part 8: “Personal data” in the EU and the US is not the same

February 13, 2020 Leave a comment

We usually think of “personal data” as a term that contains for instance a person’s full name, home address, email address, telephone number, and date of birth.

These are ordinary data that can obviously identify a specific person. But in the personal data category of linked personal information are also data such as social security number, passport number, and credit card numbers – data that can identify us, and data we usually feel more restrictive about.

Linkable and non-linkable information

But there is another category of data that on its own may not be able to identify a person, but combined with other information could identify, trace, or locate a person. Such data are gender, race, sexual orientation, workplace, employment etc. These are examples of linkable personal information.

Then we have the category non-personally identifiable information. That is data that cannot be used on its own to identify or trace a person, for example IP addresses, cookies, device IDs, and software IDs (non-linkable personal information).

Privacy regulations differ in the EU and the US

Now, we know that there are industries that exist almost under the radar while taking advantage of personal data. For instance, companies in the AdTech and MarTech industry base their business on collecting and trading personal data for targeted advertising and marketing.

Many of these actors try to take protection of personal data seriously, and refer to the rules and regulations for processing personal data. In Europe this is the GDPR (General Data Protection Regulation) within the EU/EEA-area1, and in the US it is the responsibility of the FTC (Federal Trade Commission).

However, what the EU/GDPR and US government agencies mean by “personal data” is different. Specifically, the definition by EU/GDPR is more comprehensive than the definition often referenced by US agencies, such as that of NIST (National Institute of Technology).

For example, the EU concept of personal data includes information such as cookies and IP addresses, which are not considered as personal data in a US setting.2

This means that if US websites in their privacy policy state that they are GDPR compliant, but combine their data with other data sets, they may breach the GDPR. For example, they must have the user’s consent to collect their IP address under the GDPR.

Definitions of “personal data”

National Institute of Technology’s definition

NIST’s definition of personal data is contained in the definition of Personal Identifiable Information (PII):

PII is any information about an individual maintained by an agency, including (1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number, date and place of birth, mother‘s maiden name, or biometric records; and (2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment information.

US Office of Privacy and Open Government’s definition

Another PII-definition is from the US Office of Privacy and Open Government (OPOG) as follows:

The term personally identifiable information refers to information which can be used to distinguish or trace an individual’s identity, such as their name, social security number, biometric records, etc. alone, or when combined with other personal or identifying information which is linked or linkable to a specific individual, such as date and place of birth, mother’s maiden name, etc.

EU’s GDPR definition

Compare these PII-definitions with the GDPR Article 4(1)’s definition of personal data:

‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

It is obvious that GDPR defines personal data much broader than both NIST’s and OPOG’s PII, and this is underlined by this statement found in GDPR’s Recital 30:

Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

The US is lacking comprehensive regulation

That said, US authorities are moving towards stronger protection of privacy and personal data, but as late as March 2019, the US Congressional Research Service says:

Despite the increased interest in data protection, the legal paradigms governing the security and privacy of personal data are complex and technical, and lack uniformity at the federal level. The Supreme Court has recognized that the Constitution provides various rights protecting individual privacy, but these rights generally guard only against government intrusions and do little to prevent private actors from abusing personal data online. At the federal statutory level, while there are a number of data protection statutes, they primarily regulate certain industries and subcategories of data. The Federal Trade Commission (FTC) fills in some of the statutory gaps by enforcing the federal prohibition against unfair and deceptive data protection practices. But no single federal law comprehensively regulates the collection and use of personal data (our emphasis).

Conclusion

When US websites claim to follow the rules for processing personal data it is dubious at best, compared to the regulations in the EU/EEA – which the Norwegian legislation is based on and is what Runbox adheres to.

However, it should be mentioned that some US states, for instance California, do classify some anonymous data (i.e. IP-addresses, aliases and account data) as PII.

In addition, as stated in our Privacy Policy, the personal data we ask customers to register in order to use our service is very limited. We are conscious about the trust our customers place in us when they register personal data in our systems, and in return we can demonstrate that we are compliant with the regulations.

Addendum

Above we referred to the AdTech and MarTech industries and their usage of personal data to identify, trace, or locate a person for advertising and marketing purposes. That topic is outside the scope of this blog post, but is absolutely worth writing about in a later post.

1 EEA = European Economic Area, that is the EU and three countries: Iceland, Lichtenstein, and Norway.

2 https://www.forbrukerradet.no/out-of-control/ footnote on page 102.

Continue Reading →

Our pledge to planet Earth for 2020 and beyond

December 31, 2019 Leave a comment
Cumulative vertebrate species recorded as extinct or extinct in the wild by the IUCN (2012)

We are living at a time unprecedented on Earth.

The year 2019 has confirmed that humanity’s collective activities have pushed Earth’s ecosystems towards the boundaries of what they can sustain.

In fact, for many ecosystems and species the boundary has already been crossed, and species are now vanishing at a rate higher than ever before in recorded history.

The realized threat of global warming

In addition to more obvious drivers of species extinction such as over-exploitation of natural resources and habitat loss caused by agriculture and other land development, the greatest immediate threat to the existing biosphere is global warming.

However, in spite of repeated and increasingly dire warnings from the scientific community for more than a century, greenhouse gas emissions from human activities have increased dramatically and continue to do so.

Already in 1896, Swedish scientist Svante Arrhenius (1859-1927) stated that a doubling of CO2 in the atmosphere would result in a global temperature increase of 5–6°C. Arrhenius’ results are in fact very close to our current climate models.

The benchmark for CO2 content in the atmosphere is the pre-industrial time, that is before about 1750, when the CO2 content is estimated to have been about 280 ppm (parts per million).

Global Atmospheric CO2 since pre-industrial times

By 2017, the annual global average CO2 levels exceeded 400 ppm, which corresponds to the limit of 1.5°C set by the IPCC for keeping the climate changes under safe control. As of November 2019, this number has passed 410 ppm.

Last time the CO2 concentration was that high, horses and camels roamed the high Arctic and sea levels were at least 30 feet higher than today.

The fact that these changes are now happening more rapidly than in recorded history thus far means that many species and ecosystems that make up the biosphere are unable to adapt quickly enough.

A climate spinning out of control

The chemical composition of the atmosphere and the oceans are undergoing dramatic changes with accelerating positive feedback loops involving not only CO2 but methane, nitrogen, and sulfur as well as several other essential components.

These changes are causing the Earth’s biogeochemical cycles, and therefore the climate, to spin out of control.

When the Earth’s temperature increases and its distribution is altered, it affects geophysical systems such as prevailing wind patterns and ocean currents — the global conveyor belt responsible for carrying salt, nutrients, and other essential chemical components upon which marine life depends.

The warmer climate not only melts sea ice and increases sea levels, but heats up wetland peat and thaws tundra in arctic regions which releases additional methane into the atmosphere.

Warmer oceans also absorb less oxygen, which leads to more anaerobic bacteria that produce toxic hydrogen sulfide gases that could have disastrous effects on existing organic life.

These global feedback systems and cycles are so large and complex that it can take decades or centuries for the consequences of our current emissions to take full effect.

This means that we are tipping the balance of the natural systems we depend on for survival and are pushing them to dangerous and unpredictable levels with possibly irreversible effects.

As a result the living Earth itself is turning into an unfamiliar environment that will be detrimental to life as we have known it.

The human race is heading for a disaster — a warned catastrophe, that is — and the entire remaining biosphere is at stake.

The consequences are already upon us

We are ending a year that has seen the most dramatic effects of climate change thus far, closing a decade with increasingly noticeable consequences of continually growing greenhouse gas emissions.

The direct effects are well-known by now and include physical impacts like the melting of ice sheets and subsequent sea level rise, as well as changes in ocean currents and weather patterns.

These impacts in turn lead to increased droughts, heat waves, and uncontrollable wildfires, as well as extreme flooding, cyclones, blizzards, and rainstorms with inevitable crop failures and global fish stock depletion as a result.

In addition to the catastrophic loss of biodiversity, the accelerating changes in our natural environment lead to regional famine, mass migrations, conflicts, and war between peoples fighting for dwindling resources.

Current mitigation plans are inadequate

According to the UN’s Climate Action Summit report we have until 2030 to cut CO2 emissions by 45% in order to limit global warming to 1.5°C . This entails a global average reduction of 4.5% per year over the next 10 years, while emissions on average have increased 1.5% annually in recent years.

This may not sound like much, but in reality it constitutes an enormous challenge on a scale unlike any we have successfully undertaken in the past.

The bottom line is that every person, every organization, every business, and every government have to do their uttermost to reduce their ecological footprint.

Although governments, large industrial companies, and international institutions can do the most to reduce hydrocarbon dependency and restore the depletion of natural resources that is taking place, even small contributions will have an effect — but we are short on time.

Our commitment

At Runbox we have decided to have a positive impact on the planet and our environment, and we want to achieve this with a net negative ecological footprint.

We will take responsibility in several different ways, and have implemented the first version of our Environmental Policy to this end.

In our policy we commit to reducing our ecological footprint as much as possible through reducing, reusing, and recycling the resources we utilize.

This includes our data center, servers and other equipment we acquire, where we source our hardware, how we use and power our office spaces, and the communication and transportation involved in our operations.

For the greenhouse gas emissions that do result from our operations and activities we shall compensate doubly.

We will accomplish this by funding the planting of trees through OneTreePlanted sufficient to absorbing twice the amount of greenhouse gas emissions we are responsible for.

Planting trees is the best existing method of capturing carbon from the atmosphere, and has several other beneficial side-effects as well. So we will support rewilding the forests in order to restore and protect ecosystems, our natural environment, and a habitable climate.

We will also encourage partners, stakeholders, and associates to become more environmentally friendly. Furthermore, we will push for the development and implementation of green and renewable technologies and help encourage governments to become more environmentally responsible.

We are extending our commitment to provide free email services to non-profit organizations with an environmentally oriented profile.

We hope to inspire other companies to adopt similar policies and contribute to a positive impact on the only planet we can call home.

Continue Reading →

GDPR implementation part 7: Information and Tools for Implementation of Users’ Rights

November 23, 2019 Leave a comment
GDPR

One of the main objectives for the European Union (EU) when they developed the replacement for the Data Protection Directive 95/46 (from 1995), was to expand individual control over the use of personal data.

This can be seen in a broader view as an implementation of the right to one’s private life, as laid down in the European Convention on Human Rights (Article 8). The right to respect for one’s private and family life is also stated in the EU Treaty on Fundamental Rights (Article 7).

Norway has signed both of these agreements, and the Constitution of Norway implements these rights in Article 100 and 102 of the Constitution and in the Norwegian Human Rights Act.

Already in GDPR1 Article 1 we see the connection between the GDPR and especially the Treaty on Fundamental Rights:

This Regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data

Article 1-2 of the GDPR

Observe the expression “rights and freedoms of natural persons“, which is very important throughout the Regulation and is used 31 times in all.

Before we go further into the subject of this post, it is important to state that Norway’s legislation on the processing of personal data was already compliant with the GDPR before the latter was declared as the new framework for the legislation in Norway. The Norwegian Personal Data Act (PDA2), as compliant with the GDPR, tok effect 20 July 2018.

First and foremost, the GDPR states that no processing of personal data shall be done unless the data subject has given consent (Article 6-1, a). Runbox obtains consent to registration of our users’ personal data when they sign up for an account and accept our Terms of Service.

The GDPR (Article 6-1, ff.) allows a controller – that is Runbox in our context – to process personal data when there is a legitimate reason for doing so, i.e. something that is necessary to use our services.

It is an important objective for the GDPR to secure one’s control of one’s own personal data. In this respect, the GDPR has given the data subjects eight fundamental rights (Article 15—17).

When implementing these rights in Runbox, we found that most of those were already there. However, the introduction of the GDPR provided us with a checklist and the opportunity to analyze our status, and to improve our services in this respect.

Our Privacy Policy provides exhaustive information about how we process personal data, but here is an overview of the data subject’s rights, and our implementation of them:

  • The right to access (Article 15): Since Runbox does not collect other types of information than what the users register by themselves, they can easily check which personal data is processed. The data processing is only done in order to process your emails, and optionally your web site and domain name.
  • The right to rectification (Article 16): You may at any time log in to your email account and change your personal information.
  • The right to erasure (‘right to be forgotten’) (Article 17): You may terminate your subscription any time, and your account contents will subsequently be deleted after 6 months. Your personal details data will be deleted after 5 years in accordance with Norwegian accounting regulations. However, you may send a request to dataprotectionofficer@nullrunbox.com for immediate erasure of your account contents.
  • The right to restriction of processing (Article 18): Runbox will never use your personal information for purposes other than providing our services to you, so restrictions are not necessary in our context.
  • The right to be informed (Article 19): Runbox uses your personal information only in order to provide our services to you..
  • The right to data portability (Article 20): In case that you wish to move to another email service provider and export your data, you will find information on how to do this through our services and documentation.
  • The right to object (Article 21): Since we never will use your personal data for other purposes than to deliver the services you have agreed to, this right is implicitly fulfilled.
  • The right to individual decision-making (Article 22): This article is intended to protect data subjects against automated data-processing that might involve profiling them based on personally identifiable information, which is something Runbox doesn’t do.

Regarding questions or concerns about our implementation of the GDPR, customers may use the email address dataprotectionofficer@nullrunbox.com as a direct channel to our appointed Data Protection Officer.

Some final remarks about consent: Runbox uses cookies in order to provide our services, and new users must give express consent to this on our signup page. On this page, and on the Account page once logged in, you may also give/revoke consent to future news and offers from Runbox.

In our next post in this series, we will consider our contractual situation regarding GDPR requirements. Stay tuned.

Footnotes

1. The GDPR means Regulation EU 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC General Data Protection, General Data Processing Regulation. Article refers to Article in the GDPR, unless stated otherwise.

2. The Personal Data Act (the PDA) means the regulations that are currently in force in Norway for the protection of individuals in connection with the processing of personal data, which includes the implementation of GDPR in Norway (2018-07-20).

Continue Reading →