Upgrade StorageSeparating Work and Personal libraries : setup, and privacy concerns
I have been a long time user of Zotero. To simplify my workflow significantly, I'm considering becoming a paying customer so that I can sync my work devices and my personal ones.
I do however have concerns about data privacy, as well as separation of work/private life, and would like to put these to rest.
The situation is fairly simple:
- I'd like to sync only a part of my Zotero library (the work-related documents), while keeping personal documents exclusively local, as I don't want them on a work machine, nor I do not even want the Zotero team to have access to them (or, in the worst-case scenario, have them leaked to an unknown third party were the encryption compromised in any way).
- I do not want to rely on a personal WebDAV server, as I am not competent in maintaining a server and do not wish to get lost in that rabbit hole.
I know there have been many threads along these lines over the years, and from what I've gathered, the way to set up this kind of separation between work and personal stuff is as follows :
- Create 2 private groups, let's say one "Personal", one "Work". At creation, in the "File editing" options, select "No group file storage" for the "Personal" group, and "Only group admins" for the "Work" group.
It can also be modified after the group's creation in the Library settings of the group.
- For good measure, on your personal device's Zotero, go into Edit > Settings > Sync and uncheck "Sync attachment files in My Library using Zotero".
Here are my questions :
1. Is the setup I described above correct?
2. In particular, does it mean that the files in the "Personal" group will remain exclusively local, unless someone with access to my account changes the group's "File editing" option?
I realize that if the Zotero team were compromised/subpoenaed they could technically force the sync of my "Private" group by toggling this option, but I see no better alternative so far.
3. From what I've read in the [security policy](https://www.zotero.org/support/security) the data I chose to sync is both encrypted in transit, and encrypted on the AWS US servers it's stored on, meaning that, unless the US government decides to subpoena Zotero for some reason, nobody outside of a handful of Zotero employees can access my synced data. Is that correct?
4. Is the privacy policy for documents in private groups the exact same as those that would be in a standard synced library, i.e. encrypted in transit then encrypted on the AWS US servers?
Thanks for your help!
I do however have concerns about data privacy, as well as separation of work/private life, and would like to put these to rest.
The situation is fairly simple:
- I'd like to sync only a part of my Zotero library (the work-related documents), while keeping personal documents exclusively local, as I don't want them on a work machine, nor I do not even want the Zotero team to have access to them (or, in the worst-case scenario, have them leaked to an unknown third party were the encryption compromised in any way).
- I do not want to rely on a personal WebDAV server, as I am not competent in maintaining a server and do not wish to get lost in that rabbit hole.
I know there have been many threads along these lines over the years, and from what I've gathered, the way to set up this kind of separation between work and personal stuff is as follows :
- Create 2 private groups, let's say one "Personal", one "Work". At creation, in the "File editing" options, select "No group file storage" for the "Personal" group, and "Only group admins" for the "Work" group.
It can also be modified after the group's creation in the Library settings of the group.
- For good measure, on your personal device's Zotero, go into Edit > Settings > Sync and uncheck "Sync attachment files in My Library using Zotero".
Here are my questions :
1. Is the setup I described above correct?
2. In particular, does it mean that the files in the "Personal" group will remain exclusively local, unless someone with access to my account changes the group's "File editing" option?
I realize that if the Zotero team were compromised/subpoenaed they could technically force the sync of my "Private" group by toggling this option, but I see no better alternative so far.
3. From what I've read in the [security policy](https://www.zotero.org/support/security) the data I chose to sync is both encrypted in transit, and encrypted on the AWS US servers it's stored on, meaning that, unless the US government decides to subpoena Zotero for some reason, nobody outside of a handful of Zotero employees can access my synced data. Is that correct?
4. Is the privacy policy for documents in private groups the exact same as those that would be in a standard synced library, i.e. encrypted in transit then encrypted on the AWS US servers?
Thanks for your help!
If the goal is to avoid syncing some data as well, there's no supported way to not sync part of a given Zotero library. The point of syncing is to make all your data and stored files available online and on all devices where you choose to download them. There are options not to download files to a given device until you open them, but not to avoid uploading them.
What you describe above about group settings would not work. Groups without file editing can't have files in them at all.
Your only option would be to maintain a local profile that wasn't tied to a Zotero account, and then have another that syncs, but note that that's an advanced configuration that we don't recommend for most people. Yes. Yes.