Of course there is a state, there’s a configuration file designated to store the user’s choice. You seem to be focusing on a kickstart file scenario, in that scenario there might be no configuration file ever created but I’d suggest that’s also not a typical installation scenario for a consumer desktop offering.
What I’m saying is if the configuration file has a value denoting anything other than “none” or “disabled”, regardless of any other condition, the UX element should always be shown and available to the user. Otherwise, you’re one package mishap away from starting to send data without the user even having a way through the UX to know the situation exists.
Irrespective of that, I still think it’s just a plain bad idea to hide the UX element. People are going to know GNOME now has telemetry, they’re going to want a way to check its status and it is a desktop environment after all.
These are valid points, and even though it’s GNOME* in fedora, I think you’re pointing to additional reasoning that, at least in some ways, this should be addressed upstream first.
Based on Michael’s recent answers to multiple posts, it’s clear that this thing is going to be handed to Fesco with the opt-out UI layout and telemetry packages baked into the disc images. Any alterations to the original proposal are likely to be minor.
Our only hope is that Fesco takes community feedback into consideration and sees things differently.
If that happens, essentially ignoring this discussion and Fesco approves it, Fedora is truly dead to me and many more people.
It would be especially worrisome, as the straw poll is heavily favoring Explicit or Explicit opt-in, meaning that at lest the majority in the forum disagrees.
I will NOT consider modifying this proposal such that the data collection is opt-in. I’m open to feedback on everything else, but not that, because there is no use for garbage data. If the Fedora community requires that this be opt-in, then I would give up on the proposal and we’ll just not have any telemetry.
@catanzaro I wonder if your proposal would be rejected will you drop the proposal and we will not have any telemetry? Like according to your clear statement.
Or you will change your mind and start to consider other options like were mentioned in the poll:
Context! Carry an iPhone or Android phone? Use a credit or debit card? Drive a car or take public transportation? Walk down the street in any major city or shop in the mall?
I don’t think usage data from Fedora Workstation is all that high on the list of privacy **** storms.
I can also be at peace with opt-out as long as the notification about the data collected is comprehensive, easy to comprehend and obvious. None of that small print privacy-policy lawyer garbage.
You want this to be okay, have the storm pass? Sell it! Make a case and make people feel good about it. I get the utility the metrics will provide. I’m real close to getting the need for that data.
Put in the effort and sell it in all it’s complicated detail. Everyone in this community is smart enough to get it. The noise will die down and a good time for an open presentation will come soon enough.
Edited to add: The fact that this was put “out there” in public should make a lot of people feel better. Really, this is the adult way not corporate greed crap.
The presumption here seems to be that strong opposition is necessarily hypocritical or uninformed. I don’t carry a smart phone, I’ve committed to wearing a face mask even post-COVID partially in an attempt to try and thwart the proliferation of massive corporate video surveillance networks like Ring, and I agree to use RFID public transport tickets not because I like being tracked but because it’s too low density where I live to survive without doing so.
Is system telemetry in Fedora literally the worst privacy scandal in human history? Of course not. But why would I compromise on my comfort and values if there are other distros out there? Why wouldn’t I voice disagreement over a proposal that affects my current home?
EDIT: The straw-manning and presumption on my own part is obviously not helpful. Sorry about that.
The presumption is that this is a LOT of noise over something, all in, that probably doesn’t rate so much emotional noise. I can get VERY passionate about Meta or Amazon or Apple or Google. Not so much about this.
Hmm, I don’t think it’s your bad. I agree in principal.
In an ideal world Fedora wouldn’t be entertaining such things. The world in 2023 isn’t ideal. The idea that “community” driven distro’s are sometimes dependent on corporate support isn’t ideal. Fedora is at the moment good. Maybe even very good for my needs. I wonder if I would be using it if they didn’t have the benifit of some Red Hat engineers and infrastructure.
Even projects with a not for profit foundation are dependent on for profit entities to greater or lessor degrees. Who is sponsoring gnome…
I think there is a difference, although subtle, between telemetry and survalence capitalism. If this even starts to smell like the later I’m gone!
I think we really have to keep emphasising that the proposal is wildly different from what Meta or Amazon or Google do. The proposal does not involve building a profile - data points from the same system will not be stored together. It does not intend to track your browsing or do creepy stuff to sell ads or market things to you. It really isn’t anything like that at all.
I get that some folks don’t like it anyway, regardless. That’s a perfectly valid perspective. I just want to keep it in everyone’s head that this proposal, even in its most “maximal” form, is absolutely nothing at all like the “kind of thing” Meta etc. do.
Maybe not, but it is still exactly something they would do. Opt out telemetry is exactly what they do. Except when there isn’t even an opt-out, but they do literally do this exact thing, same with Microsoft.
I see one problem you don’t trust the community nor any third parties, but you ask to trust 100% the Fedora Project about the handling of anonymized data in a box with the Fedora Project having the only key.
so let’s beginning with trusting 100% Fedora handling the data and Fedora make their best efforts to anonymized the data.
but in two years you (RedHat, Fedora Project) hire a new employee, he have bad intentions and deanonymize the data, he use it for his own purposes, and how the data is “secured” at Fedora nobody sees the misuse
So you need to trust too the community and third parties.
lets say Fedora publish raw database dumps monthly, and only publish the last six months, so any interested third parties (single users, small or big companies need to have their own infrastructure to hold the data) can process the data maybe make their conclusions about it or try to de-anonymize it.
so lets play your scenario of somebody smarter de-anonymized the data, but the data was processed/audited by big companies too ( competitors, cloud, database, hardware) and none was able to de-anonymized.
can really the majority of users blame the Fedora Project, when many more companies has access to the data but didn’t find any problems?
I’m too lazy to search but not the less bugs of open source is because more eyes? or something like that.
so if you publish the data and is processed/audited by the companies
so please publish the raw data, so maybe a good guy find any mistakes and Fedora can correct them. the data came from our computers, the computers took computing time to generate the data, so that data have a cost to the users.
a recent change in compilation flags lost a small percentage of computing power, I’m too lazy to search for it, but I hope that change have benefits too, even if it cost computing time.
The reasons why I’m pro telemetry are:
I trust Fedora Project with the handling of my anonymous data.
I’m lazy to complete surveys, polls and questionnaires take time of my own time, so is better delegate that to my computers.
I expect Fedora to declare what aggregate data will be used (e.g. click through rate in GNOME Settings panels) and store that. The required statistical analysis should be done in a cryptographically inaccessible environment. So that there is no need to trust Fedora with our data - only the aggregate is made accessible to them.
I’d like to, at the risk of maybe being a bit off topic, appeal to the folks with me who aren’t too thrilled with the idea of telemetry to try to reign in any dramatics a tad, as it feels like some comments here go past the point of adding much to the discussion and could very well be damaging to our position instead. We’re not fanatics - though I very much sympathize with how desperate the fight for privacy feels. The idea of telemetry gets my emotions running high too and I’m not immune to making rash comments ahaha. Ultimately these people have contributed positively to Fedora in the past; they’re in part to thank for what we currently have, and I do truly believe they’re attempting to improve Fedora, even if we currently have some strong disagreements on how. I think that needs to be kept in mind more. Keeping discussion clear and respectful without resorting to exaggeration is much more likely to sway opinions. Maybe a little late for this thread, but it’s handy to keep in mind for internet debates in general
I do believe the desperate fight for privacy is a big reason this proposal is getting so much flak - the proposal, absent the opt-in/out part which is it’s own can of worms, does attempt to prioritize privacy. However, the fight for privacy absolutely feels like a battle where each and every inch given is taken advantage of. It’s something that, once given, is incredibly difficult to claw back too. In fact, one of the ways one might claw some back is installing Fedora! Which certainly a part of why I’m so concerned about the idea, Fedora feels like the perfect intersection of privacy/security and usability, and I’d be heartbroken for that to crumble away. Even if the proposal author has the best intentions in mind, I’m unable to stop thinking about the future of said telemetry. Will it be expanded? Will Red Hat make some behind-the-scenes moves that slowly boil the frog, so to speak? Will it be able to be guaranteed in perpetuity that this system will not be abused? I recognize that’s likely unrealistic, but that’s the issue. Adding such telemetry feels like opening a Pandora’s box that could potentially lead Fedora to a place I won’t follow, and that has me worried.
Behold a rambling short novel of a comment that I’m largely posting thanks to sunk-cost fallacy haha. Maybe the meta commentary and context for my position might be useful.
Privacy is a combination of many small decisions. Here are some of mine.
I carry a phone with LineageOS. It does not have Google services (GApps) and I only use FOSS apps installed from F-Droid. I don’t use any Microsoft, Amazon, Meta or Apple stuff. My browser of choice is LibreWolf and I know how to stay anonymous on the web. I use ProtonMail, Signal, Mastodon and Matrix for communication. I’m not a part of any customer reward programs that track purchases and I mostly pay with cash.
I use Fedora on my desktop systems and expect that what I install on it or how many times I click a menu is my business and my business only. Fortunately I can choose different distro if it no longer is.
Yes, this all might seem silly to some folks and that’s fine.
Sorry, but that text is written ambiguously and can be understood in many ways, especially the statement that further discussion is prohibited is a red flag. It is also wrong: even if Fedora community is not legally responsible, it is in its interests to understand what ground rules apply to data collection, and one cannot here just say a third party will take care that it satisfies some legal (minimum?) in some jurisdictions.
