Regarding KDE Privacy policy

Christoph Cullmann christoph at cullmann.io
Tue Feb 25 18:06:27 GMT 2020 

On 2020-02-25 18:47, Nate Graham wrote:
> I find myself in agreement.
> 
> I have access to the kuserfeedback data and to be honest I'm rather
> dissatisfied with its actionability. There's nothing detailed like "x
> percentage of users change the default wallpaper" or "y percentage of
> users switch to double-click" that we could actually use to inform our
> UI design--let alone anything that could be used to personally
> identify anyone. The actual data set is so tame and uninteresting that
> I agree that we could change our policy and release the stats just to
> show everyone that we have nothing to hide.

+1 from me. (e.g. for the Kate stats)

Greetings
Christoph

> 
> Nate
> 
> 
> 
> On 2/25/20 5:44 AM, Veggero Nylo wrote:
>> Hi!
>> Currently, data transmitted by KUserFeedback is available only by 
>> opening a sysadmin ticked explaining why you need access in the 
>> first place. I can see the reasoning behind this, but I do not think 
>> this is a good idea for developers and users. I think that releasing 
>> the aggregated data under CC0 license would be better, as also 
>> proposed by Martin here: 
>> https://mail.kde.org/pipermail/kde-community/2017q3/003808.html. I 
>> think this would benefit user trust, as right now they have to trust 
>> what the KUserFeedback KCM without really being able to see what data 
>> KDE developers are actually able to see (as most users won't be able 
>> to look into the code); on the other hand, if the data was publicly 
>> released, they would be able to see the data themselves and know 
>> exactly what developers are going to see. I also think this would 
>> benefit developers, as there might be a significant number of 
>> developers who could be interested in looking to the data, maybe just 
>> a single value, without being able to fully justify access to all the 
>> data (the fact that you have to write a justification becomes a 
>> negative factor that makes looking at the data less interesting); 
>> furthermore, even if they get access to the data, they would be unable 
>> to discuss it in KDE communication channels as those are public, nor 
>> on phabricator tasks to support their patches, effectively making the 
>> data much less useful. Also, the current policy might result in a 
>> privacy problem, e.g.: I once needed data from stats.kde.org 
>> <http://stats.kde.org> regarding website views over time. I was 
>> granted access to it, and I now can see every singe website viewer, 
>> with their country, OS, browser, etc - much more than I actually 
>> needed. If the aggregated data was to be released publicly, I would no 
>> longer need for stats.kde.org <http://stats.kde.org> access, and I 
>> would no longer be able to access private data that I did not actually 
>> need. Finally, I do not fully understand why the data needs to be kept 
>> private in the first place, since it is supposed to be anonymous and 
>> contain no user content.
>> What's your opinion on this?
>> ~ Niccolò Venerandi (aka veggero/niccolove)

-- 
Ignorance is bliss...
https://cullmann.io | https://kate-editor.org

More information about the kde-community mailing list