Re: F40 Change: Privacy-preserving Telemetry for Fedora Workstation (System-Wide)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 07, 2023 at 12:41:00PM +0200, Leon Fauster via devel wrote:
> Am 07.07.23 um 12:19 schrieb Richard W.M. Jones:
> > On Thu, Jul 06, 2023 at 05:10:24PM +0100, Aoife Moloney wrote:
> > > Important process note: we are experimenting with using Fedora
> > > Discussion as part of the Changes process. Change announcements (like
> > > the one you are reading right now) will still be sent to the
> > > devel-announce mailing list, but the conversation about each change
> > > will take place on Fedora Discussion at
> > > https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320
> > 
> > Why?  This was discussed a while back and the number problems with
> > discourse were covered, and to my knowledge none of them have been
> > fixed.
> > 
> > > == Summary ==
> > > 
> > > The Red Hat Display Systems Team (which develops the desktop) proposes
> > > to enable limited data collection of anonymous Fedora Workstation
> > > usage metrics.
> > > 
> > > Fedora is an open source community project, and nobody is interested
> > > in violating user privacy. We do not want to collect data about
> > > individual users. We want to collect only aggregate usage metrics that
> > > are actually needed to achieve specific Fedora improvement objectives,
> > > and no more. We understand that if we violate our users' trust, then
> > > we won't have many users left, so if metrics collection is approved,
> > > we will need to be very careful to roll this out in a way that
> > > respects our users at all times. (For example, we should not collect
> > > users' search queries, because that would be creepy.)
> > 
> > This also keeps coming up and the answer is again, no!  There's no
> > such thing as anonymous data collection, people don't want it, it must
> > not be enabled by default (making it useless to you), it's probably
> > illegal in the Europe, so stop asking for it.
> 
> +1
> 
> General Data Protection Regulation in EU law.
> 
> "... consent can't be implied and must always be given through an opt-in
> ..."

Note the proposal at the top of the thread directly addresses this
opt-in vs opt-out Q wrt GDPR compliance:

[quote]
Fedora Legal has determined that if we collect any
personally-identifiable data, the entire metrics system must be
opt-in. Since we are only interested in opt-out metrics due to the low
value of opt-in metrics, we must accordingly never collect any
personally-identifiable data. We must also not collect any data that
could become personally-identifiable if combined with other data,
which notably means IP addresses must not be stored. We only want to
collect anonymous data anyway, but we need to be especially mindful of
the possibility that combining two "anonymous" data points could
result in the data no longer being anonymous.
[/quote]

IOW, the intention is to avoid triggering GDPR obligations by not
collecting (potentially) personally identifiable data.

The last sentance though hints at how tricky this can be to put into
practice in reality though.

Combining anonymous data sets can be surprisingly effective at producing
metrics that could uniquely identify users - it is the heart of online
advertizment targetting techniques after all.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux