+1 on disabling Floc. If it introduces a problem with any of our analytics tools, it means that we should rethink these tools to ensure a proper privacy of the community and users, but I assume it's opt-out by default, and opt-in at user request's?
Le mercredi 28 avril 2021 à 14:12:53 UTC+2, Mark Waite a écrit : > +1 that we should disable FLoC > > On Wednesday, April 28, 2021 at 2:59:41 AM UTC-6 Oleg Nenashev wrote: > >> Hi all, >> >> As you may have heard, Google is rolling out its FLoC (Federated Learning >> of Cohorts) tracking system, for advertisement needs. This system is >> enabled in Google Chrome by default, and it is a corporate standard for >> many of the Jenkins users. They cannot easily opt out. Yesterday GitHub set >> a good precedent by disabling FLoC by default >> <https://github.blog/changelog/2021-04-27-github-pages-permissions-policy-interest-cohort-header-added-to-all-pages-sites/>. >> >> I think we should do the same. >> >> We can explicitly disable FLoC on Jenkins resources by setting the >> *Permissions-Policy:* *interest-cohort=() *header in Jenkins >> distributions by default and on our websites: jenkins.io, >> plugins.jenkins.io, javadoc, update center, etc., etc.. >> >> *Jenkins distributions.* For the Jenkins core, it is a small patch >> adding additional headers (e.g. here >> <https://github.com/jenkinsci/jenkins/blob/0fd55bd6b50fcdf27368c6b771fb3d8363a24f83/core/src/main/java/hudson/Functions.java#L2273-L2289>). >> >> Probably we should introduce the new "Privacy" category in the "Manage >> Security" screen for better UX, but this particular control should be also >> manageable by system properties so that the settings always apply. >> >> *Jenkins Infa.* For our infra, It should be easy to do for resources >> we host in the main infra Kubernetes cluster. Although in some cases it may >> prevent Jenkins-friendly (or not) advertisements from popping up for users, >> I think we should rather put privacy first and disable FLoC on our >> resources. Google Analytics might also be a subject for removal, but I >> suggest to have a separate thread about it >> >> What do you think? >> >> References: >> >> - https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea >> - >> >> https://github.blog/changelog/2021-04-27-github-pages-permissions-policy-interest-cohort-header-added-to-all-pages-sites/ >> >> Best regards, >> Oleg Nenashev >> >> -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/6c4a661a-9e48-4053-9b84-f92b3fb2deb7n%40googlegroups.com.
