F40 Change Request: Privacy-preserving Telemetry for Fedora Workstation (System-Wide)

Mark my words: Users are already switching. Telemetry is viewed as an evil. The fact that Fedora is being associated with it, is already a problem.
The ONLY way Fedora can keep users is not opt-in opt-out, but by a system of per instance Error/Crash Reporting, with options minimal or detailed report that the user can view, if desired/clicked on.
Help us Improve your experience! Be part of the Fedora Community"
Report this error. Minimal/Detailed. Click to view full report. Send/Don’t Send(don’t fix).

This is the ONLY way to establish/keep a user’s trust. Being 100% transparent and making sure THEY are the ones making the decisions on what will be shared, and when. (and making it decision they can feel good about). There is no compromise.
The issue is not the developers looking at issues, it is the aggregation of the data, and the human temptation to use it to search for things they shouldn’t. (And using it for profit). Data must be visible first to the user(if clicked), and agreed upon as willing to share. If that frustrates the people who want it, then they are most certainly trying to hide something to gain more.
… Just user perspective.

Given this is proposed by Redhat and Redhat’s recent track record of anti consumer actions, why should anyone trust the intentions of this proposal? A mistrust of a for profit, self serving corporation and its intentions seems healthy.

That said I cannot for the life of me see this proposal being rejected given how much influence Redhat has on Fedora. If we want to claim that Fedora is truly a community project I think everyone involved with Fedora needs to reflect on if it’s a good idea allowing Redhat employees to take up so many positions of power within the project.

IMO a greater degree of separation is needed between Fedora and Redhat, especially after this, the CentOS lies and the contempt for the open source spirit Redhat has openly showed.

1 Like

if we want to claim that Fedora is truly a community project I think everyone involved with Fedora needs to reflect on if it’s a good idea allowing Redhat employees to take up so many positions of power within the project.

I think that Redhat employees should be restricted to a minority position on any of our boards/councils. At the moment they dominate anything in regards to the Fedora decision making process. Assuming the best intentions out of people, especially people that are financially beholden to a company that has recently proven itself hostile to opensource (Redhat going closed source to bloat their coffers for example) is naive and asking for trouble.

If we are so in bed with Redhat that we cannot function without Redhat and their employees we should change how we sell ourselves to people interested in Fedora: From an independent community project sponsored by Redhat to a Redhat project with some involvement from a loose outside community. If this proposal goes through given the outcry from the community then it seems like the latter is true and our marketing should be changed to represent that.

1 Like

Fedora Leaders are mostly community-elected. See: Fedora Leadership

The Fedora Council is the topmost governance and leadership body in Fedora, and is made up of appointed and elected members from across the Fedora community. Details about the Council such as size, constitution, and succession planning are found in the Fedora Council Charter.

Editing to include some more context:

The Fedora Project Leader is hired by Red Hat with the advice and consent of the Council

Fedora Program Manager (Not a role anymore since May 2023)
[ … ]
This position is funded by and hired for by Red Hat, with the approval of the Council.

These are the only positions I found that have Red Hat employees.
Source: https://docs.fedoraproject.org/en-US/council/#_appointed_leadership_positions

It’s baffling that this needs to be said and isn’t well-agreed after two decades of privacy movement.

1 Like

Maybe it was already discussed and I missed it, but I wonder how many exactly people in The Fedora Council and FESCo and how many of them are Redhat employees respectively?

Ok. I’ve sat with this since you’ve posted it, and debating on saying anything, but I just can’t be ok with letting this slide. Sorry in advance everyone if this response is deemed problematic…

Yes, I work for Red Hat. They pay my paychecks. But my involvement here in this community has nothing to do with what they pay me for, I do it voluntarily of my own free time. I am having a really hard time interpreting what you’ve said as anything but offensive and inflammatory to me and my intentions on being involved, and I am finding it hard to assume positive intent here. I doubt I’m the only one.

Especially after so much time has passed and so much has been said here in this post and the other related ones, that address these specific issues.

Many employees (including myself) got hired by Red Hat after being passionate and involved with open source projects, not the other way around. If they took such an action as overriding the community will (read: results of FESCO), I assure you many of us Red Hatters would have strong feelings about it and cause problems all the way up to the top of our management chains. “Upstream First” is a CORE belief and principle, and we are officially empowered by Red Hat to make upstream decisions in projects that go against the desire and will of Red Hat and it’s Products. (Most notably here, BTRFS by default in Fedora)

These “Red Hat is an evil corp” statements are, in my opinion, FUD. i.e. Fear, Uncertainty, and Doubt. If you don’t understand how that is the case, go look up the definition of those words. You are afraid the “big bad corpo” is going to rule against the upstream project simply because that’s what it wants to do. Red Hat does NOT work that way. Even with smaller projects that are solely developed by Red Hat employees and for Red Hat products.

Fedora is governed in a certain way, and has rules and guidelines set up to achieve said goals. Before you start fear-mongering that Red Hat will destroy Fedora, please take a look into how this is actually all set up and ran, and what has happened in the past.

Also, if your intent here is to actually start a discussion on leadership changes, I highly doubt this is the right topic. Open up a new top-level topic to discuss it. That way you will get better engagement and conversation. Instead of it staying buried in this thread.

10 Likes

This is all public information that is easy to find.

most but not all folks on those bodies are currently RH employees, but this is partly because RH employees are often elected to the positions that are filled by open elections (because most of the Fedora community does actually trust the RH folks who work on Fedora, apparently).

Any Fedora community member can stand for election to either body, when the elections happen (next cycle will be after F39 release, I believe). Non-RHers are frequently elected to both.

FESCo is simply directly elected, there are no reserved spots or anything for FESCo. Council is more complicated, and only one or two members are directly elected, I think. Full details at Fedora Council Charter :: Fedora Docs . Broadly speaking, things are set up such that a majority of Council members are paid by RH. This is openly explained (see link) and isn’t something we hide. Fundamentally, if you think RH is evil and you don’t trust RH, Fedora is not the community for you, really. Fedora is associated with Red Hat and always has been, we don’t pretend it’s a completely independent project. It’s not Debian.

7 Likes

well, I see that only 1 person has specified that they work for Red Hat.
According to the links there are 7 Members of the Fedora Council and 9 Members of FESCo.

You said most of the members are currently RH employees, do you maybe know how many exactly?

2 Likes

of the folks on Council, Aleksandra, Sumantro, David, Vipul, Matthew and Justin definitely work for RH. I’m not sure about Alberto. (Aleksandra and Sumantro got their positions through open elections; a non-RHer could have stood and won one of those elections, but as it happened, RHers did).

of the folks currently on FESCo, I believe they all except Fabio work for RH. That’s a pretty high ratio historically, as it happens.

edit: Major’s been at RH longer than I thought, since 2018. I think Neal might be contracting rather than an employee, not sure - if he’s reading he can probably clarify.

Neal is an employee, but on a Black Belt team

of the folks on Council, Aleksandra, Sumantro, David, Vipul, Matthew and Justin definitely work for RH. I’m not sure about Alberto. (Aleksandra and Sumantro got their positions through open elections; a non-RHer could have stood and won one of those elections, but as it happened, RHers did).

Vipul is not currently a RH employee. :wink:

of the folks currently on FESCo, I believe they all except Fabio work for RH. That’s a pretty high ratio historically, as it happens.

It’s varied over time somewhat.

Jeez, I knew I was going to get something wrong. Then he needs to update his profile :smiley:

You are beholden to Redhat if you’re employed by them. The Redhat of 2023 has proven itself untrustworthy, anti foss and liars (example; CentOS lies, pay walling their source code, destroying forks decrying them as leeches all the while they are submitting fixes back to RHEL, for free). You choosing to be employed by this company reflects on you and like it or not says something about you. Redhat employees who continue to associate with the company and benefit financially off them align with those views, even indirectly as you must be ok with those actions on some level to continue your association with them.

Your post boils down to “guys trust us” and being mad that some of us (me) would dare question Redhat intentions and thus yours, while not blindly trust you as a willing Redhat employee after the debacle and anti consumer actions of said company is kind of laughable. No I won’t just trust you or anyone employed by Redhat. I won’t just trust “Redhat doesn’t work that way”. We have been told that before from Redhat employees (like how they will never close source, never go after forks) and recent events has taught us everything coming out from the company or anyone associated with the company, at best, has to be taken with a massive grain of salt.

And no I won’t apologise for being hostile when it’s very obvious Redhat/IBM is taking every available action to attack the FOSS community that they have benefited off for decades in order to bolster their coffers. If there isn’t push back against garbage proposals like this and the people who make them then corporate influence and for profit decisions will worm their way in and Fedora will end up becoming the meme of “RHEL beta”. Decentralised, community projects fail to be that when a large, central authority takes the reigns.

a large, central authority takes the reigns

Tell that to Canonical

Red Hat employees do the Fedora work on their free time. If Red Hat needs them for something, they will be forced to stand down on helping Fedora to do their job at Red Hat. If you want a recent example, a Red Hat employee that was taking care of large parts of the GNOME desktop got pulled out because Red Hat needed them elsewhere. In consequence, a large part of the GNOME desktop is currently without a maintainer.

If you and a group of people want Fedora to have no corporate involvement at all, you could just fork it and maintain the fork in a pure community way. Putting the blame on employees that take their time to contribute to a project when they could not even care at all and still receive their paychecks is just disrespectful, especially when the project is 100% open-source and free of any charge whatsoever. And, according to wikipedia:

its employees make up only 35% of project contributors, and most of the over 2,000 contributors are unaffiliated members of the community.

From: https://en.m.wikipedia.org/wiki/Fedora_Project

3 Likes

Honestly, I wouldn’t worry too much about posts attacking Red Hat since they’re unlikely to sway opinions very much. It’s not like a bunch of Fedora developers are going to read NB’s posts and decide they are particularly persuasive.

Well in fairness, I think almost all of us are paid to work on Fedora. At least, I certainly am. 95% of RHEL work needs to happen in Fedora first anyway. This metrics project is a little unusual in that it’s one of the few things we work on that is not intended to ever be used in RHEL.

If you want a recent example, a Red Hat employee that was taking care of large parts of the GNOME desktop got pulled out because Red Hat needed them elsewhere. In consequence, a large part of the GNOME desktop is currently without a maintainer.

I don’t think of this as Fedora vs. RHEL but rather “this component vs. that component.” A high number of components are now suddenly unmaintained, which is quite unfortunate, but it affects Fedora and RHEL about equally since all those unmaintained components are also included in RHEL. It’s a real shame we no longer have anybody working on them.

1 Like

Thank you for having the courage to say exactly what is the point of conflict here.

Much of redhat and fedora problems now boil down to communication. It started with breaking first promise to centos to keeping it going as is after acquiring it in 2014, and breaking that promise two years ago without good communication, and promise to keep current centos releases in support as is, which Mike broke in the nastiest way possible ever with two posts any junior in PR would rank them a negative hundred.

Then you come with this plan and we see people who are “leaders” of this redhat-owned distro mock in different occasions any idea that explains why users of fedora shouldn’t trust this move, which is another move that a “PR for dummies” book can be written to explain why was it problematic.

So, I applaud your courage, again, although we are definitely on different sides of the field, but that’s okay, because redhat fedora distro wouldn’t be hurt if Mahmoud stops using it and begin recommending users move off of it (although I seem to have persuaded some already), nor Mahmoud will be hurt for moving off fedora to any other GNU/Linux distro, because at the end of the day, someone who used GNU/Linux for twenty years can find his path around any distro.

It’s not like a bunch of ethical, logical thinking users are going to read your posts and decide they are particularly persuasive.

I didn’t actually attack Red Hat, so you’re just advertising your fallacies. I simply said no one knows what they will do. What they have done recently is out in the open and well known.

I don’t think Red Hat people are doing themselves or Red Hat any favors with a lot of the comments being made on these threads. It’s coming off very snobbish and condescending.

You have to expect some users will come in on just about any thread and be conspiratorial, disrespectful or other kinds of nonsensical but the developers and Red Hatters should be able to control themselves.

I’m late to the party, I’ve made a Discussions account just to say NO to any telemetry/analytics.

I’m a day to day desktop Fedora user since about 2016. My first contact with Red Hat was probably in 2004.

Opt-out is evil, opt-in is a lesser evil, but still evil (one “bug” could turn the telemetry options on without anyone knowing it). You can’t opt-out at distro upgrade. OP wants opt-out, as they mentioned, only the hard core users use the opt-in, that is clear. So, they indirectly acknowledge that opt-out is a social engineered option to make people, knowingly or not, give their data out. Telemetry is evil, it helps a few lazy designers and devs, the real main value is for big data companies. Put your brain to work and you will make the best UI/UX/apps ever. This whole thing opens a Pandora Box into spyware. Just NO!

On the “we won’t collect any personal information” subject. Metadata can lead to personal data. This is a fact! Big data companies are using metadata and little other info (like location) to create full personal profiles with good to great accuracy. “Controversial third party services”. You don’t need third party services to be controversial. The tools are there to start collecting data and to become your own big data company, all you need is to hire a couple of data engineers and come up with some proposals like this one and get it accepted. Nothing is anonymous about a hash either.

Let’s say OP is truly honest about their intentions, even though I subjectively doubt it, this whole “feature” will help a fraction of the community. Why waste much of your efforts (time and people) in creating something that doesn’t add up in value (if you’re really not into spyware/big data), when you could just do a better job at Quality Assurance and Quality Control? Are your releases close to perfect? Let’s see, the devil is in the details: “Occasionally, Red Hat might need to collect specific metrics to justify additional time spent on contributing to Fedora or additional investment in Fedora.” Well, well, here’s a sneak peak into the Pandora Box. Nobody asked Red Hat to invest into telemetry on Fedora in the first place.

Not quote-on-quote “It shouldn’t concern you if you don’t use GNOME.” Really?! It’s not like you’re using a gnome- package, you use a 2nd tier package that could lurk into any spins, like it never happened to get even explicitly called gnome packages into other spins before. I don’t buy it. I’m not a GNOME 3 user, but, as others mentioned, GNOME 3 devs have other problems, like ignoring users’ feedback for years. This whole request doesn’t seem to have anything to do with GNOME than the fact OP worked for GNOME project.

Not quote-on-quote “It should respect GDPR / Legal team approved”. GDPR is a great idea poorly implemented. No user can battle a corporation or even a small company who steal their data. The EU regulation is ambiguous, GDPR consent service corporations have found loopholes into collecting data, making everything opt out and painstakingly hard to remove all of the options. By then they’ve already collected everything, as the system was designed to be opt out. Some GDPR services don’t even reside in EU, their clients are the corporations trying to steal users’ data, not the actual users for which GDPR was built. So, from my perspective, GDPR is a nice political fairy tale to impress the masses, but it doesn’t actually do anything much (I’ve read stories about healthy responses from the government organizations in Germany, but this is one country). In the end, GDPR made opportunistic and connected companies rich by offering consulting and web consent services. How come Microsoft didn’t get any penalty for using default on telemetry/analytics in Windows 10/11 in EU?! I wonder. So talking about GDPR is, for me, pointless. Anyone who cares about privacy knows zero data is best, opt-in in the cute evil and opt-out is a total violation of privacy rights. Funny enough, the same corporations who want to steal every day people’s data are the ones that fear the most sharing data with others or using software that might leak any information about their systems. Ironic. It’s for “security reasons”. And people privacy isn’t about security at all, right. Perhaps it’s not, it’s much more than that, it’s a human right.

Another non quote-on-quote “But X does it, and Y does it”. Because others do telemetry, it doesn’t make it right. Firefox is a good example. Just because they used opt-out telemetry and got away with it, it doesn’t make it morally right.

WOW, JUST WOW! Most users will not care or most users WILL NOT KNOW about dark pattern opt out telemetry to have an opinion on it? Or maybe it’s because, as I’ve mentioned, they have been conditioned to accept anything tech related. I think it’s both, not knowing and conditioned not to question things they don’t know much about. Sounds about right for a dictatorial political maneuver.

I’m done.

Thanks for taking the time to read my post.

1 Like