[kde-community] user stats for Neon

Jaroslaw Staniek staniek at kde.org
Thu Apr 14 18:45:18 BST 2016 

On 14 April 2016 at 19:04, Kevin Krammer <krammer at kde.org> wrote:

> On Thursday, 2016-04-14, 14:36:21, Jonathan Riddell wrote:
> > On Thu, Apr 14, 2016 at 04:18:30PM +0200, Thomas Pfeiffer wrote:
> > > Any potentially privacy-sensitive information transfer should be
> opt-in,
> > > not opt-out.
> > > I'd assume that the vast majority of users will allow it (given that
> it's
> > > not personally identifiable and they trust their distro), but opt-in
> puts
> > > you on the safe side.
> >
> > What's privacy sensitive about it?  It's a machine ID but not linked
> > to any other information other than IP address and there's no personal
> > information we can link it to.
>
> I am with Thomas.
>
> While individually pieces of information aren't personal, they can be in
> combination.
>
> In this case the combination of a unique machine ID and IP address together
> with geolocation would allows us to track movement of machines.
>
> Movement profiles can often quite easily be used to identify the moving
> person.
>
> There was a huge scandal in the US a couple of years back in which a
> telecom
> company released fully anonymized (random unique IDs) mobile phone location
> tracks.
> Researchers who correlated positions with addresses were able to identify
> more
> than 80% of the telco customers with pretty good accuracy only shortly
> after.
>
>
​Sure. But I think Jonathan only mentioned _access_ to the IP data as
needed for an Internet service, not logging it for any purpose.

In user stats only particular aspects are important, uniqueness is very
useful to know the users better (to serve them better) but even without
that, statistical information is handy too for us, who have to make
informed decisions about further developments.

A completely different discussion would start as soon as some kind of
(FOSS) app store is involved where users can have their accounts. Stats are
paired with them or existing IDs created for different reason, with, say,
KDE identity IDs. There's definitely opt-in needed.
​

​At different level, any online capability of our native apps is potential
means for tracking if users don't trust us that we're not logging IP
numbers. Yet, the apps are typically downloaded and updated somehow via
TCP/IP. At this level the access alone is an opt-in and manifestation of
trust.
​
Jonathan also said about machine ID because the software is maintained at
system (machine-like) level. With container technologies such as Ubuntu
Snaps (which I'd like to see working well with KDE software) it's possible
to switch from a system to a user-account level. Yet, if the snap packages
can be migrated with the account between machines, the connection between
the user-identity and the machine/system becomes more blurry.
In an interesting way for me this resonates with the ideas of
form-factor-independence formulated within KDE.



> --
> Kevin Krammer, KDE developer, xdg-utils developer
> KDE user support, developer mentoring
>
> _______________________________________________
> kde-community mailing list
> kde-community at kde.org
> https://mail.kde.org/mailman/listinfo/kde-community
>



-- 
regards, Jaroslaw Staniek

KDE:
: A world-wide network of software engineers, artists, writers, translators
: and facilitators committed to Free Software development - http://kde.org
Calligra Suite:
: A graphic art and office suite - http://calligra.org
Kexi:
: A visual database apps builder - http://calligra.org/kexi
Qt Certified Specialist:
: http://www.linkedin.com/in/jstaniek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20160414/4bc1c035/attachment.htm>

More information about the kde-community mailing list