[kde-community] user stats for Neon

Jaroslaw Staniek staniek at kde.org
Thu Apr 14 16:49:18 BST 2016 

On 14 April 2016 at 17:30, Thomas Pfeiffer <thomas.pfeiffer at kde.org> wrote:

> On Donnerstag, 14. April 2016 14:36:21 CEST Jonathan Riddell wrote:
> > On Thu, Apr 14, 2016 at 04:18:30PM +0200, Thomas Pfeiffer wrote:
> > > Any potentially privacy-sensitive information transfer should be
> opt-in,
> > > not opt-out.
> > > I'd assume that the vast majority of users will allow it (given that
> it's
> > > not personally identifiable and they trust their distro), but opt-in
> puts
> > > you on the safe side.
> >
> > What's privacy sensitive about it?  It's a machine ID but not linked
> > to any other information other than IP address and there's no personal
> > information we can link it to.
>
> It's still a unique identifier which can be used to track the machine. We
> might
> then combine it with others who also only collect the machine ID to create
> a
> profile.
> People can be very sensitive about these topics, especially since we've
> made
> privacy-aware users our main target audience.
>
> As I said: the vast majority would give us their consent anyway, but it
> just
> comes across as "nicer" if we ask.
>
> Martin's suggestion with "Make it explicit on the download page that we
> collect these data, and allow users to switch it off in privacy settings if
> they don't like us to do it" works as well, but then users would need to
> have
> a chance to turn it off /before/ the ID is sent the first time.
>

Sure. All depends how large is the population of our user base that is
_this_ sensitive.
Or not our but for specific project (Neon, {someappname}, {someservice})

Without any negative assumptions: As a software author I don't know ​many
people in person who refuse to use browsers, refuse using e-shops and
refuse visiting traditional shops that use video recording, using GSM/etc.
I only heard about the stories with RMS and his secretary (I suppose he/she
is tracked via browser instead of him -- even without cookies, tracking is
possible).

After thinking about that long ago; it's not even clear _who_ and at _what
level_ someone makes the decision about defaults of privacy. Because the
chain looks like:

1. Organization sets defaults for the org
2. Authors of the code in a subproject set the default for the code
3. Distributor decides about defaults set in the binaries

One idea: KDE's tradition is integration of experience; how about a single
"Do not track" setting for apps (not just for the Plasma) like it's the
case for browsers? Questions about level of privacy could appear on the
first run of Plasma or first run of a KF5 app for given $HOME. It may be
that distributors that are very afraid of privacy, think Debian, may use
the feature; others may easily disable it.


> _______________________________________________
> kde-community mailing list
> kde-community at kde.org
> https://mail.kde.org/mailman/listinfo/kde-community
>



-- 
regards, Jaroslaw Staniek

KDE:
: A world-wide network of software engineers, artists, writers, translators
: and facilitators committed to Free Software development - http://kde.org
Calligra Suite:
: A graphic art and office suite - http://calligra.org
Kexi:
: A visual database apps builder - http://calligra.org/kexi
Qt Certified Specialist:
: http://www.linkedin.com/in/jstaniek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20160414/b10e1a54/attachment.htm>

More information about the kde-community mailing list