The NW Publisher app is an iOS and Android app that allows publishers to electronically view information created in New World Scheduler by their local congregation elders.
Data for NW Publisher app comes directly from your local congregation only. Your local congregation must first use New World Scheduler (Desktop Edition) to generate and send any data to the app.
The NW Publisher app does NOT store confidential information online. NW Publisher is fully compliant with sfl and fully compliant with European Union (EU) General Data Protection Regulation (GDPR).
NW Publisher app is used by hundreds of thousands of Jehovah’s Witnesses worldwide, including elders, pioneers, missionaries, and Bethelites.
Does the Branch 'approve' of NW Publisher app?
New World Scheduler and NW Publisher app are not official apps or programs created by the Watchtower Society. Therefore, New World Scheduler and NW Publisher app are obviously not “endorsed by”, “recommended” or “officially approved” by the organisation.
This makes sense. The organisation does not and will not create a list of books, songs, movies, websites, programs or apps we can or cant use. (see w14 7/15 14)
The branch is fully aware of New World Scheduler and NW Publisher app and has no objections to its use. World Headquarters (WHQ) has been in contact with us several times.
New World Scheduler and our NW Publisher app are both used by hundreds of thousands of Jehovah’s Witnesses worldwide every single day! This includes elders, pioneers, missionaries, Bethelites and even Branch Committee members.
Please feel free to read the comments of many spiritually mature elders around the world, including in your local area.
NW Publisher app Data Security
New World Scheduler contains an optional feature called NW Publisher app that can be enabled by your local elders if they choose to do so. By default, NW Publisher app is disabled, but it can be enabled in just a few minutes.
NW Publisher app allows publishers to see upcoming Christian Life and Ministry meeting & Public Talk assignments, Reserve Public Witnessing, submit Field Service Reports, see upcoming Duties and Maintenance tasks, Territories, and much, much more!
NW Publisher app does not store sensitive or confidential information online, therefore is fully compliant with sfl.
World Headquarters (WHQ) has been in contact with us several times over the years NW Scheduler has been in operation. They are fully aware of New World Scheduler and has no objections to its use, nor any objections to the use of NW Publisher app.
Security Overview
NW Publisher app implements the following best-practice security processes:
- NW Publisher app uses OAuth 2.0 authorization, including Access Tokens and Refresh Tokens, to provide secure credentials to approved brothers in your congregation.
- New World Scheduler uses both data obfuscation and data encryption to ensure any transferred data strings are meaningless unless viewed inside New World Scheduler.
- New World Scheduler uses end-to-end encryption (E2EE), which means your data is fully secured before it is transferred to other appointed brothers and cannot be opened by anyone outside your congregation.
- New World Scheduler uses the Congregation ID, PIN and Persons Name to generate your 256-bit encryption key.
- A random and unique 128-bit Initialization vector (IV) and 128-bit salt are used for each piece of data transferred, each time the data is transferred.
- New World Scheduler developers or support personnel do not and can not access your encryption keys or congregation data. It is therefore technically impossible for them to decrypt, view, see or edit your data under any circumstances.
- Data transfer uses secure and encrypted TLS 1.2 connections.
- The only “data” that ever leaves your local computer are randomised and meaningless strings.
- Each congregation can choose which NW Publisher app server they use and where it is located. Data is only ever transferred to and from this one server to approved publishers in your congregation. Data on the server you select is not backed up, saved or transferred anywhere else. Data on the server cannot be accessed by anyone outside of your congregation.
- After selecting a server location, each congregation is assigned a unique and obfuscated storage location to transfer the encrypted data strings. Access to this location is restricted to approved publishers who must first authenticate using your unique Congregation ID, Congregation PIN, Person Nam, Person PIN and OAuth 2.0 authorization token.
- If you Disable NW Publisher app, the meaningless encrypted strings are immediately and permanently removed from the server.
Authorization
NW Publisher app uses OAuth 2.0 authorization, including Access Tokens and Refresh Tokens, to provide secure credentials to approved publishers in your congregation. This means only authenticated users with the correct credentials can access your encrypted data strings.
Secure credentials only allow access to your congregation publishers, meaning authenticated users cannot even access another congregations encrypted data strings.
End-to-End Encryption
End-to-End encryption is the gold standard for securing sensitive data in digital communications.
Data is encrypted on the local device before being sent, then remains encrypted the entire time during transfer, and is only decrypted by the other device.
Encryption keys are stored on your local device only. They are never transferred and never seen by any server. Keys are created by secure algorithms (Argon2id) using your Congregation ID, PIN and Person Name.
Most computer systems and programs do not use end-to-end encryption, but both NW Scheduler and NW Publisher both do.
Secure Data Encryption
NW Scheduler uses end-to-end (E2E) symmetric encryption. The encryption algorithm is Advanced Encryption Standard (AES) with a password-based key derived by the Argon2id algorithm in conjunction with SHA-256.
Encryption key length is 256-bit.
A random and unique 128-bit Initialization vector (IV) and 128-bit salt are generated by RandomNumberGenerator for each piece of data transferred, each time the data is transferred.
Encryption keys are stored on your local device only. They are never transferred and never seen by any server.
Data Transfer Security
Data is transferred using TLS 1.2.
Both TLS 1.0 and TLS 1.1 are disabled.
Server Security
Server Locations
- North America: Located in Iowa, USA
- South America: Located in Santiago, Chile
- Europe: Located in Belgium
- Asia Pacific: Located in Melbourne, Australia
- Africa: Located in Johannesburg, South Africa
How does the NW Publisher app work?
- Step 1: An elder opens New World Scheduler and enables the NW Publisher app.
- Step 2: An appointed brother uses New World Scheduler to create the Christian Life and Ministry, Public Talk, Duties or cleaning schedule.
- Step 3: That brother uses New World Scheduler to send the data to the app.
- Step 4: A publisher downloads the NW Publisher app from the Apple Store or Google Play Store.
- Step 5: Using information his elders gave him, he opens the App, logs into the congregation and identifies himself.
- Step 6: His device will now receive any assignments, duties, congregation events and announcements from his local congregation.
Does NW Publisher app share data using Email?
No, NW Publisher app does not use Email or a Mail Server to share or transfer data.
We recommend brothers be very cautious about using any program or application that recommends sharing congregation information via email.
Using Email or a Mail Server to transfer data is extremely insecure and unsafe. In fact, it is one of the least secure methods possible. It is extremely irresponsible to share congregation data via email.
We strongly recommend against using Email or a Mail Server to share data files, for at least the following reasons:
- Email and a Mail Server is almost always not encrypted. All data is freely viewable.
- For example, Gmail, Hotmail, Outlook do not use encryption
- Email is by default sent from server to server in clear text that can be read by anyone while in transit.
- Mail Server data can be easily accessed by any Server or Email Admin, at any time.
- For example: Gmail, Hotmail, Outlook have thousands of Server and Email Admins that can access this data.
- Email and Mail Server data is usually permanently kept on a mail server, even if you remember to click Delete.
- For example: Most large companies have data retention policies that require keeping data for many years.
- Most Email and Mail Servers have built-in “backdoor access” for government agencies. This means they can very easily access any data at any time.
- For example, google “Edward Snowden”.
“Email by default is not and was never intended to be a secure mechanism for sending data,” says Dr. Catherine J. Ullman, Senior Information Security Analyst for UB. “Although you need credentials to log in and access the e-mail in your mailbox, email is by default sent from server to server in clear text that can be read by anyone while in transit.”
NW Publisher app does not use Email or a Mail Server to share or transfer data.
Is NW Publisher app web-based? Does it share data via web servers? Can the data be accessed online?
No, NW Publisher app is not web-based. It must be installed on your mobile device.
We recommend brothers be very cautious about using web-based or cloud-based apps (such as Deckhand or Hourglass) to store congregation information. While web-based applications are convenient, we personally feel the direction and principles found in sfl do not permit web-based applications to store congregation data.
Web-based applications (like Hourglass or Deckhand) store all congregation and person data permanently online and do not generally use end-to-end encryption.
Web-based applications by nature must allow any website administrators, developers and potentially support personnel full access to everyone’s data. This means they can potentially access every single persons data in every single congregation. We do not feel comfortable with this, nor do we feel this complies with the principles and direction in sfl.
Web-based applications are also much more prone to hacking or data theft. They provide a single point for a hacker to attack and obtain every single persons data in every single congregation.
Web-based applications also rely on the honesty and integrity of worldly hosting companies, sometimes located in countries with poor data integrity records.
Web-based applications can even be subject to government or company subpoenas, whereby the software company or hosting company must provide access to everyone’s data.
NW Publisher app is not web based. Data cannot be opened or accessed by our developers, support staff, or anyone else.
Data Retention and Expiry
New World Scheduler strictly follows the branch Congregation Records Retention Policy (see sfla).
Obsolete data is removed as per sfla direction. This is automatically performed on January 1.
Old and unused congregations are automatically removed after 4 months of inactivity.
Data Removal and Deletion
NW Scheduler users can immediately and permanently delete all local data by clicking the Delete Congregation button and then uninstalling NW Scheduler.
- Note: You will need to manually delete any backups you have saved elsewhere.
App Administrators can immediately and permanently delete all app data by either Disabling NW Publisher app, or clicking the Delete Congregation button.