Bug#743694: lintian: Downgrade most of privacy-breach* tags from severity: error to pedantic

[Bill Allombert <ballombe@debian.org>]

On Fri, Sep 10, 2021 at 04:05:32AM -0700, Felix Lechner wrote:
> Hi,
> 
> > The severity chosen for these tags/checks is not justified by any of our
> > policies, neither the Debian policy, not the best packaging practises nor
> > any legal reason!
> >
> > There is no technical nor social justification for this severity.
> >
> > making our package compliant to this new privacy-policy doesn't add
> > any value to our users.
> 
> I believe Debian users have a reasonable expectation to read static
> files on their own storage media without being monitored. That
> objection is based on my own everyday experience in working to improve
> Debian, the Golden rule [2] and item #4 of Debian's social contract
> ("Our priorities are our users"). [2]
> 
> The legal landscape is also changing. At least Europe and California
> have seen shifts toward greater privacy protections for consumers
> since the bug was filed.
> 
> [1] https://en.wikipedia.org/wiki/Golden_Rule
> [2] https://www.debian.org/social_contract
> 
> > I simply morally disagree with removing donation requests from authors
> 
> It is not the solicitation but the unexpected loading of network
> resources that violates privacy expectations. Many micro-donation
> services offer resources like images or active HTML components to
> evoke feelings of familiarity or goodwill. That allows them to see who
> is using which software, and who chooses not to donate. While such
> gamesmanship may be common while browsing online (there are tools to
> fight it [3][4]) it is unexpected when browsing static files located
> on one's own storage media.
> 
> Another, more generalized solution could be to modify all browsers
> shipped in Debian so they do not load online resources without
> confirmation. Unfortunately, that separates the solution from the
> problems. It is more reliable to address the privacy breaches where
> they occur, i.e. in the affected files.
> 
> There is no issue with authors requesting donations (or even with
> Debian promoting such requests, for example in package metadata). The
> moral charge that Lintian's privacy expectations starve authors is not
> reasonable. The request just has to be made without unexpectedly
> loading online resources.
> 
> [3] https://privacybadger.org/
> [4] https://noscript.net/
> 
> > I find it unacceptable that the burden to make packages "privacy"-
> > compliant to some users is put on the shoulders of myself and fellow DDs.
> 
> Lintian already reduces the workload by locating the issues for
> maintainers. (We hope that most of our tags do that.) As for the
> actual burden, the task of creating patches that drop lines from
> upstream files is well within the capabilities of any DD with upload
> privileges. The burden is not unreasonable.

Thanks for taking this stance. Phoning home without the user consent has
always been treated as a RC bug.

Lintian errors do not by themselves create more work to package
maintainers since they can be ignored, instead they present an
advance warning of a potential bug report about privacy violation,
which can save time unless the maintainers plan was to hide the issue
under the carpet which contradict SC #3 "we will not hide problems".

Cheers,
-- 
Bill. <ballombe@debian.org>

Imagine a large red swirl here.