Telemetry Policy

Volker Krause vkrause at kde.org
Mon Aug 14 18:42:53 BST 2017


On Sunday, 13 August 2017 11:47:28 CEST Volker Krause wrote:
> Hi,
> 
> during the KUserFeedback BoF at Akademy there was quite some interest in
> collecting telemetry data in KDE applications. But before actually
> implementing that we agreed to define the rules under which we would want to
> do that. I've tried to put the input we collected during Akademy into
> proper wording below. What do you think? Did I miss anything?
> 
> Regards,
> Volker
> 
> 
> # Telemetry Policy Draft

Added to the wiki, so we have version control:
https://community.kde.org/Policies/Telemetry_Policy

I've integrated the requirement for transport security suggested by Thomas, 
Ben's comments and Bhushan's idea of a global registry of telemetry-enabled 
applications. Please verify this reflects what you had in mind.

Still open policy questions (unless I missed something):
- do we want to mandate an audit log?
- regulations for licensing and publishing of the data
- should we mandate revocation support, and if so for how long after 
submission?
- should we have upper limits for data retention?

Not sure yet how to balance the conflict between limited data retention and 
revocation support on one side and publication/free licensing on the other 
side. 

The audit log looks easy to implement and has been requested before, so I 
guess there wouldn't be objections to adding that as a requirement?

Thanks for all the input so far!
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20170814/48d4a335/attachment.sig>


More information about the kde-community mailing list