I see some long time users already leaving Fedora, some consider to switch if this proposal will be approved, some new potential users who were planning to install Fedora now looking for alternative distros…
Damage is already done.
To fix it somehow I have a completely opposite proposal, some kind of Declaration that Fedora always be without any telemetry forever. That should prevent any new proposal attempts to include telemetry into Fedora in the future.
Because I have a feeling that in case the current proposal was rejected, there would be a new attempts maybe in a several months, like for example to add telemetry in Fedora, but only opt-in this time.
I also find this upsetting, although maybe not for the exact same reason.
Fedora is a big, collaborative project. We try new things. We don’t always agree on how, but we’re working together to a common goal — a world where everyone benefits from free and open source software built by inclusive, welcoming, and open-minded communities. We do this by building an operating system and making it easy for others to do things with and build on that OS.
Many people have strong opinions about privacy, and some loud voices are presenting that as all-or-nothing — but “all or nothing” has never been the Fedora way.Freedom is a core principle — but so are Features and First. Most crucially, we’re Friends working together to do all this. Friendship doesn’t mean we all think the same, and it has to be safe to propose things that others might disagree with.
Some folks are arguing that privacy-respecting collection of non-personally-identifiable information is completely impossible. I don’t think that’s an invalid position, but it is an extreme one.[1] Clearly a lot of people don’t like the idea of “opt-out”[2], but a lot of people are taking that to mean “no choice given”. Some folks are not reading the proposal carefully, or just assuming deception. Others take the position that presenting an option with a bias towards yes (like, having the box pre-checked) is morally equivalent to not presenting an option at all. That’s an absolutist take — and I don’t think it’s a mainstream one.[3] It’s more complicated than that.
We need to be able to discuss complicated topics. Because we are Fedora and this is the way we do everything, we want to have these discussions in the open. For that to work, people need to participate in good faith, listen to others, and assume that the folks working on proposals also have Fedora’s best interest in mind.
If simply having such a conversation means “damage is already done”, then I don’t know what to do. So, yeah, I’m upset too.
I keep bringing up Ubuntu. Sure, we can have a higher standard — but, I don’t think it’s at all reasonable to argue that Ubuntu or Canonical are malicious. C’mon. Even Kantian deontologistism is more forgiving. ↩︎
As a practical matter, such a policy would be something at the Fedora Council level, and any Fedora contributor is welcome to propose such a policy — draft a proposal (perhaps collaborating via discussion in Project Discussion) and submit to Issues - Fedora-Council/tickets - Pagure.io.
But, this is complicated. We have packages like Firefox which do already include some level of 3rd-party telemetry. We have our own metrics systems — DNF Counting and we count IP addresses hitting our mirror servers. We have ABRT crash reporting. These things are objectively useful and beneficial to the project, and I don’t see us moving to a hardline stance where we turn them off generally.
The people making the current proposal have made it clear that they don’t think such a system will provide valuable information. But, if someone else has an idea for an opt-in system that they feel would provide meaningful benefit, they absolutely should feel welcome to bring that to the community and FESCo for discussion.
I know I’ve brought this up before, but it’s a new day and so I’ll bring it up again.
Editing the proposal from how it originally stands will go a long way in addressing this and helping move the conversation forward. It’ll actively demonstrate to those that “decisions aren’t already forgone”
I know that it’s only 24 hours after @catanzaro said he would come back and start responding again, but it may be sending an unintentional message that there’s no compromise from how things currently stand, or an unwillingness to engage further concerns. I don’t think that’s what’s actually going one. I would imagine that trying to deal with this would be draining, exhaustive, and anxiety inducing emotionally.
I mention this so that one, we the community show some empathy for those in the community trying to make things better and two try to get some real understanding if our current discussions have actually changed the current proposal at all. (or are we just waiting for FESCo or… )
100% agree and we all need to keep this ahead of our conversations. Thanks Matt.
I have read the whole “main” thread. l haven’t read the “Approaches to data handling” because obviously I am not interesting in any telemetry in the OS I am using.
I don’t see a point of such Opt-in / Opt-Opt discussion now because it was stated clear in the beginning by proposal authors that they do not interested in Opt-in at all. Did they change their mind?
But I am reading this thread at the moment anyway.
The people making the current proposal have made it clear that they don’t think such a system will provide valuable information.
The breakouts were based on themes that I saw emerging, rather than guessing beforehand (or trying to direct things). We could have said “this topic is off limits”, but… clearly, people wanted to talk about it. Maybe the change proposers will change their minds. Maybe they won’t, but someone else with a different idea later can take that into account. Either way, there’s useful information there.
I have no doubt it has a very useful information.
But I consider it’s a bit off-topic and it shifts attention from the main topic: opt-out telemetry vs no telemetry at all (the original proposal)
Maybe the change proposers will change their minds.
well, they clearly stated multiple times that they are only interested in enabled by default telemetry
If they would suddenly changed their mind in favor of disabled by default telemetry it would look very strange to me… So many talks about how disabled by default telemetry is usless, etc
If they changed their mind, it would imply that they decided to listen to the members of the community that were concerned about opt-out, so I think the good faith view is to interpret as a compromise in favor of your position.
Maybe that would be a good thing to communicate as part of the process for this change. I wonder if editing the proposal live will even be noticed by most people. What if we did the following to communicate a next step in the conversation?
Make a new thread for the updated proposal (assuming there will be one).
Link to the updated proposal at the top of the original post and all breakout posts.
Link to the updated proposal at the bottom of all related threads.
Lock the old threads and direct people to the new threads as part of a second pass with the updated proposal. Assuming we want to clone the threads for the topics that already got broken out so that people still have space to focus on those areas?
I think this could make things clearer, but I’m wondering if there’s some sneaky way in which people get upset about this.
I believe there were some early edits, and there’s already been some “changes” (I’m not sure if all of them resulted in edits)
In fairness Michael was mostly working out of another breakout thread today and hasn’t gotten to the big Opt-In/Out thread. So there’s likely going to be a very lengthy lag before he gets to some of these conversations. The opt-in/out discussion has spilled out into other places (probably because it’s the biggest sticking point for many) and because he didn’t start there, he’s going to have quite a bit of repeating himself to work towards since there’s likely a lot of people that aren’t in the other breakout threads.
I appreciate the spirit of this. I think what makes this particularly contentious is that some see what’s being proposed as anti-social and not compatible with friendship. Friends don’t subject friends to surveillance, and after asking and being told “no,” they don’t keep arguing and insist that it’s actually for their friends’ own good (which is the optics of some of this discussion, if not the reality).
Well, sure, no one is going to disagree with that. But surveillance is “close watch kept over someone or something (as by a detective)”[1].
I think there’s plenty of room for reasonable, privacy-minded people to disagree on exactly what is “too close” or “too much”. I know there’s a “nothing at all, never” camp. That’s fine — but I don’t buy that that’s the only valid view.
Personally I don’t think things like “how many systems use BIOS vs UEFI”, disassociated with any other data (especially including IP addresses or identifiers, but also from anything else that could use to fingerprint the system) are surveillance.
And, in fact, using terms like “surveillance” more broadly than most people would understand
them tends to make discussion really hard. At best, it tends to drift into discussions about semantics.
I don’t know what else to call the activity. “Asymmetric observation”? As far as I can see, “surveillance” an entirely appropriate descriptor for an automated system that lives on others’ computers for the purpose of collecting information about their activity and/or possessions on an ongoing basis. “Telemetry,” on the other hand, is a euphemism that is used to obscure the practice of commercial surveillance. (Not saying that anyone here is consciously trying to obscure anything, to be clear, just that neither term is neutral.)
I definitely don’t want to make discussion hard.
I object to the collection of this information by the proposed means, irrespective of the quantity or nature of the data. I hope that’s clear from my initial comments.
Would you be willing to work on a project like this with me? I’ve helped with the Fedora Jam lab before, so i’m aware of some of the technical side of this, but I wouldn’t know enough about the privacy side to really move it forward.
I understand FESco needs to make a decision, but what we have here is a very one-sided proposal that the majority of the community, new and old members, within minutes is able to identify flatly that it is not a good fit.
Proposals should need to meet a bare minimum of acceptance within a short period of time; because part of the reason why this “discussion” is stale is due to the fact that the current proposal has not been updated and @catanzaro keeps maintaining his position while @mattdm keeps telling us, the community to be patient.
Well, I’m sorry… I’m not waiting 18+ days or however long for FESco to do what should have been done by now: reject this proposal and close these discussions until a new proposal is submitted. We need faster turn-around time / action from FESco when it is clear the proposal isn’t mature enough.
Why? What’s the rush? This is change was submitted with a target date of Fedora Linux 40. That won’t have a beta release before March, 2024.
I mean, I’m not happy with the social media drama and all, but I don’t think we should be steamrolled out of our process (which specifies at least a week before FESCo takes things up).
And while I think it’s very clear people a large majority are strongly against opt-out (in any form), I don’t think everything is so clear. By the straw poll, we can see that a pretty large chunk of people are okay with explicit choice or explicit opt-in options. (Both are around 2/3rds as I write this.) The “no such proposal should be considered” option is at 18% — that’s not insignificant, but it doesn’t seem like a level that justifies dramatically going outside of the process.
Most people on FESCo — even Red Hatters — are volunteering for the job.[1] There’s a lot here to digest, and if anything, that sheer volume and the importance of the issue should lend some sympathy towards taking more time.
So, yes, I’m asking everyone to please be patient. And I’ll ask again. Be patient, have some trust.
However, I’m not the dictator of Fedora. I think the above is good advice, but if you don’t want to take it, you can bring the issue to FESCo. See FESCo’s ticket policy here: Fedora Engineering Steering Committee :: Fedora Docs.
Actually, there’s no one at Red Hat that’s paid to take that position, although some engineering managers are going to be more flexible than others about using work time for it if elected. ↩︎
One way is that the optics on this are terrible and it would be better to clearly shut it down until it is in a better form. I totally agree with that.
On the other hand, the process doesn’t exist for this one controversial proposal. In general, it seems like it would be better that when someone proposes something and gets feedback, everyone would be working together to improve it so that the best proposal for Fedora is ultimately put forward.
Because the opinions here are so passionate and polarized, it may be causing additional drama and angst in this specific case but I am not sure it is the wrong process overall.
