Re: F40 Change: Privacy-preserving Telemetry for Fedora Workstation (System-Wide)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/6/23 12:10, Aoife Moloney wrote:
> Important process note: we are experimenting with using Fedora
> Discussion as part of the Changes process. Change announcements (like
> the one you are reading right now) will still be sent to the
> devel-announce mailing list, but the conversation about each change
> will take place on Fedora Discussion at
> https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320
> 
> 
> This will follow the same process as before, just with discussion in a
> different format
> https://docs.fedoraproject.org/en-US/program_management/changes_policy/
> 
> 
> You can subscribe to and interact with these conversations by email.
> See https://discussion.fedoraproject.org/t/guide-to-interacting-with-this-site-by-email/
> for detailed instructions. To make sure you do not miss anything, make
> sure that you have the Change Proposal category set to “Watching” —
> or, if you just want to get notified about new changes but not every
> reply in the conversation, to “Watching First Post”. (Click on the
> little bell icon at the top right of the category page.)
> 
> 
> 
> 
> The below document represents a proposed Change. As part of the
> Changes process, proposals are publicly announced in order to receive
> community feedback. This proposal will only be implemented if approved
> by the Fedora Engineering Steering Committee.
> 
> 
> == Summary ==
> 
> The Red Hat Display Systems Team (which develops the desktop) proposes
> to enable limited data collection of anonymous Fedora Workstation
> usage metrics.

There are two problems here:

1. The GDPR and similar regulations are 100% clear that consent must
   be opt-*in*.  Opt-*out*, as is proposed here, is not consent.
   Therefore, this change is proposing collecting telemetry *without
   user’s consent*.

2. Irrespective of whether or not the metrics are personally
   identifiable for the purposes of GDPR and other regulations,
   I highly doubt you will be able to convince people that they are
   in fact not personally identifiable.  Techniques for correlating
   metrics can only get better, never worse, and this means that what
   information may become personally identifiable in the future even
   if it was not in the past.  Even Differential Privacy cannot solve
   this problem because it works on aggregate statistics, not on the
   raw data collected.

   The only way I could be convinced that the raw data is in fact not
   personally identifiable is if there was a mathematical proof to
   that effect.  Such a proof would probably be worthy of publication
   in a peer-reviewed research paper.

Since this Change proposal comes from Red Hat, I have an alternative
to propose: Red Hat can ask its paying corporate customers for
this information, perhaps in exchange for a discount on their RHEL
subscriptions.  This should be much less controversial.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux