On 14 April 2016 at 17:30, Thomas Pfeiffer <thomas.pfeif...@kde.org> wrote:
> On Donnerstag, 14. April 2016 14:36:21 CEST Jonathan Riddell wrote: > > On Thu, Apr 14, 2016 at 04:18:30PM +0200, Thomas Pfeiffer wrote: > > > Any potentially privacy-sensitive information transfer should be > opt-in, > > > not opt-out. > > > I'd assume that the vast majority of users will allow it (given that > it's > > > not personally identifiable and they trust their distro), but opt-in > puts > > > you on the safe side. > > > > What's privacy sensitive about it? It's a machine ID but not linked > > to any other information other than IP address and there's no personal > > information we can link it to. > > It's still a unique identifier which can be used to track the machine. We > might > then combine it with others who also only collect the machine ID to create > a > profile. > People can be very sensitive about these topics, especially since we've > made > privacy-aware users our main target audience. > > As I said: the vast majority would give us their consent anyway, but it > just > comes across as "nicer" if we ask. > > Martin's suggestion with "Make it explicit on the download page that we > collect these data, and allow users to switch it off in privacy settings if > they don't like us to do it" works as well, but then users would need to > have > a chance to turn it off /before/ the ID is sent the first time. > Sure. All depends how large is the population of our user base that is _this_ sensitive. Or not our but for specific project (Neon, {someappname}, {someservice}) Without any negative assumptions: As a software author I don't know many people in person who refuse to use browsers, refuse using e-shops and refuse visiting traditional shops that use video recording, using GSM/etc. I only heard about the stories with RMS and his secretary (I suppose he/she is tracked via browser instead of him -- even without cookies, tracking is possible). After thinking about that long ago; it's not even clear _who_ and at _what level_ someone makes the decision about defaults of privacy. Because the chain looks like: 1. Organization sets defaults for the org 2. Authors of the code in a subproject set the default for the code 3. Distributor decides about defaults set in the binaries One idea: KDE's tradition is integration of experience; how about a single "Do not track" setting for apps (not just for the Plasma) like it's the case for browsers? Questions about level of privacy could appear on the first run of Plasma or first run of a KF5 app for given $HOME. It may be that distributors that are very afraid of privacy, think Debian, may use the feature; others may easily disable it. > _______________________________________________ > kde-community mailing list > kde-community@kde.org > https://mail.kde.org/mailman/listinfo/kde-community > -- regards, Jaroslaw Staniek KDE: : A world-wide network of software engineers, artists, writers, translators : and facilitators committed to Free Software development - http://kde.org Calligra Suite: : A graphic art and office suite - http://calligra.org Kexi: : A visual database apps builder - http://calligra.org/kexi Qt Certified Specialist: : http://www.linkedin.com/in/jstaniek
_______________________________________________ kde-community mailing list kde-community@kde.org https://mail.kde.org/mailman/listinfo/kde-community