Telemetry Policy
Volker Krause
vkrause at kde.org
Mon Aug 14 18:42:53 BST 2017
On Sunday, 13 August 2017 11:47:28 CEST Volker Krause wrote:
> Hi,
>
> during the KUserFeedback BoF at Akademy there was quite some interest in
> collecting telemetry data in KDE applications. But before actually
> implementing that we agreed to define the rules under which we would want to
> do that. I've tried to put the input we collected during Akademy into
> proper wording below. What do you think? Did I miss anything?
>
> Regards,
> Volker
>
>
> # Telemetry Policy Draft
Added to the wiki, so we have version control:
https://community.kde.org/Policies/Telemetry_Policy
I've integrated the requirement for transport security suggested by Thomas,
Ben's comments and Bhushan's idea of a global registry of telemetry-enabled
applications. Please verify this reflects what you had in mind.
Still open policy questions (unless I missed something):
- do we want to mandate an audit log?
- regulations for licensing and publishing of the data
- should we mandate revocation support, and if so for how long after
submission?
- should we have upper limits for data retention?
Not sure yet how to balance the conflict between limited data retention and
revocation support on one side and publication/free licensing on the other
side.
The audit log looks easy to implement and has been requested before, so I
guess there wouldn't be objections to adding that as a requirement?
Thanks for all the input so far!
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20170814/48d4a335/attachment.sig>
More information about the kde-community
mailing list