On Fri, Jul 07, 2023 at 12:41:00PM +0200, Leon Fauster via devel wrote: > Am 07.07.23 um 12:19 schrieb Richard W.M. Jones: > > On Thu, Jul 06, 2023 at 05:10:24PM +0100, Aoife Moloney wrote: > > > Important process note: we are experimenting with using Fedora > > > Discussion as part of the Changes process. Change announcements (like > > > the one you are reading right now) will still be sent to the > > > devel-announce mailing list, but the conversation about each change > > > will take place on Fedora Discussion at > > > https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320 > > > > Why? This was discussed a while back and the number problems with > > discourse were covered, and to my knowledge none of them have been > > fixed. > > > > > == Summary == > > > > > > The Red Hat Display Systems Team (which develops the desktop) proposes > > > to enable limited data collection of anonymous Fedora Workstation > > > usage metrics. > > > > > > Fedora is an open source community project, and nobody is interested > > > in violating user privacy. We do not want to collect data about > > > individual users. We want to collect only aggregate usage metrics that > > > are actually needed to achieve specific Fedora improvement objectives, > > > and no more. We understand that if we violate our users' trust, then > > > we won't have many users left, so if metrics collection is approved, > > > we will need to be very careful to roll this out in a way that > > > respects our users at all times. (For example, we should not collect > > > users' search queries, because that would be creepy.) > > > > This also keeps coming up and the answer is again, no! There's no > > such thing as anonymous data collection, people don't want it, it must > > not be enabled by default (making it useless to you), it's probably > > illegal in the Europe, so stop asking for it. > > +1 > > General Data Protection Regulation in EU law. > > "... consent can't be implied and must always be given through an opt-in > ..." Note the proposal at the top of the thread directly addresses this opt-in vs opt-out Q wrt GDPR compliance: [quote] Fedora Legal has determined that if we collect any personally-identifiable data, the entire metrics system must be opt-in. Since we are only interested in opt-out metrics due to the low value of opt-in metrics, we must accordingly never collect any personally-identifiable data. We must also not collect any data that could become personally-identifiable if combined with other data, which notably means IP addresses must not be stored. We only want to collect anonymous data anyway, but we need to be especially mindful of the possibility that combining two "anonymous" data points could result in the data no longer being anonymous. [/quote] IOW, the intention is to avoid triggering GDPR obligations by not collecting (potentially) personally identifiable data. The last sentance though hints at how tricky this can be to put into practice in reality though. Combining anonymous data sets can be surprisingly effective at producing metrics that could uniquely identify users - it is the heart of online advertizment targetting techniques after all. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue