On Mon, Mar 16, 2015 at 03:04:21PM -0400, Paul W. Frields wrote: > https://fedoraproject.org/wiki/User:Pfrields/PrivacyPolicyRedux > > There is still a significant section missing from the draft (on > sharing information) but I hope to have something there by Wednesday. > This hasn't been vetted through any actual attorneys but I wanted the > WG to be aware of it and to see diffs. IIUC, this is the policy to be linked from PRIVACY_POLICY in os-release. If not, then my comments are probably mostly irrelevant. My issue with the text as it is now is that it lists all kinds of things which *might* be collected. So it protects the project from liability. But it does not answer the question of a user what information is exposed in various situations. The roots of this text in the corporate-designed policy are still very much visible. For example, it places heavy emphasis on the data collected at conventions and trade shows. But for a majority of users of Fedora this isn't interesting — I'd guess that everybody knows that if they sign up for a contest during a fair, their name is kept somewhere — but they'd instead like to know what kind of information is exposed and stored when they install Fedora, install updates, enter bug reports, use ask.fedora. To present all this information in a form which is palatable for a normal user, I think it should be broken into a few broad types of usage: normal use of Fedora, requesting help through forums, bug tracker, mailing lists, registration as a project member. - If you download and/or install Fedora, and/or enable updates, your IP and Fedora version will be logged on Fedora servers and will be visible to anyone who can watch your traffic. The list of packages and their versions too. - If you create an account in the bugzilla to post bug reports or create and account on a Fedora user forum (ask.fp.o), your e-mail address and name and IP address will be stored, and ... will be publicly visible. - If you register to become a Fedora contributor, your GPG key, timezone, and location if you decide to share it will be publicly visible. I presume that PRIVACY_POLICY will point to this. I think it should be mentioned that this is the official policy linked to from GNOME privacy policy dialog. Zbyszek -- desktop mailing list desktop@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/desktop
