Approaches to data handling, safety, and avoiding individual identification — a breakout topic for the F40 Change Request on Privacy-preserving telemetry for Fedora Workstation

You have argued along this line several times now, but I think this is flawed. In the original proposal thread, this is what is mentioned:

Many Gnome applications are used outside of Gnome; e.g. Evince, gnome-terminal, and many others. If any of these applications decide to gather telemetry, a non-gnome user would start collecting telemetry data without having seen a prompt. You will of course argue it’s not being sent. But the problem is it is there now, waiting for a bug/malware/proprietary application to abuse it. In the original thread I suggested to make this a “weak dependency” so that a user can ban telemetry packages for good e.g. by setting excludepkgs.

That said, this only solves the issue for advanced users savvy enough to know their way around dnf configuration. This should be thought out really carefully. Handling private data isn’t trivial. It is a constant fight against information leakage. Approaching everything as an engineering problem isn’t going to cut it. E.g. even though the final result is aggregated, an event stream needs to be processed. The proposal includes nothing regarding the handling of in-flight data (the event stream).