On Wed, 2020-04-08 at 10:25 +0200, Kamil Paral wrote: > On Tue, Apr 7, 2020 at 7:22 PM Adam Williamson <adamwill@xxxxxxxxxxxxxxxxx> > wrote: > > > On Tue, 2020-04-07 at 13:12 -0400, Alex Scheel wrote: > > > I'm sure we can trust that Red Hat did its > > > > > > due diligence and Google isn't using responses to a customer's form to > > > > > > track those taking the survey. > > > > I don't really know why you'd think anyone can trust that. Google > > tracks everyone everywhere as hard as it can. It's what Google *does*. > > > > But I didn't actually suggest it's Terribly Awful to run this survey > > through Google. I just said the privacy declaration seems to be wrong. > > > > I personally considered it quite clear that the intended meaning was that > they are not giving the data away to anyone external deliberately. Your > responses will be read and understood by a very small group of people and > not published in raw form. Yes there are servers and software providers > along the way. But this way you could also include the ISPs who also are > not prevented from snooping in your packets (and it's trivial at least for > plain text emails). And even if they provided a "direct" way to send your > responses to their email, and we ignored the ISPs, still, Google is the > email provider for most RedHatters. So there's no improvement at all. Er. It's a Google Survey, provided over https. Email is not involved. "On behalf of Red Hat's Modularity team, I'd like to ask you to fill out a survey on Modularity: https://docs.google.com/forms/d/e/1FAIpQLScOA97rGONieSOYmlZLsHdkq-EhdePZ4IN3RwOjJKd1F1a9sw/viewform?usp=sf_link"; so there is no involvement of email servers, and the data is encrypted so no, your ISP can't snoop on it. I sort of got the intended meaning as well. But this seems to be a legally-required GDPR text, I don't think "we sort of get what you mean" cuts the mustard for those. If the data is going to Google it's going to Google and I think that's supposed to be declared. > I'm not saying we shouldn't talk about it, but the points mentioned are > common for most data submissions anywhere. I don't think it was the core of > the message. The bullet point I quoted was under "Privacy / GDPR:". Pretty sure it's the "core" of that. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
