Re: Phoning home

To: Ian Jackson <ian@davenant.greenend.org.uk>
Cc: debian-policy@lists.debian.org
Subject: Re: Phoning home
From: Julian Gilbey <jdg@polya.uklinux.net>
Date: Sun, 24 Feb 2008 17:24:03 +0000
Message-id: <[🔎] 20080224172403.GA5074@polya.uklinux.net>
In-reply-to: <[🔎] 18369.30467.829589.767166@davenant.relativity.greenend.org.uk>
References: <[🔎] 18369.30467.829589.767166@davenant.relativity.greenend.org.uk>

On Sun, Feb 24, 2008 at 01:54:11PM +0000, Ian Jackson wrote:
> I think therefore that we should add some statement to policy about
> phoning home.

Agreed.

> As a starting point:
> 
>  * Software in Debian should not communicate over the network except
>    - in order to, and as necessary to, perform their function
>      (which includes the established Debian software update
>       distribution infrastructure); or

I'm not sure what the phrase in parentheses means.

>    - for other purposes with explicit permission from the user

So what about visiting a website with a browser which then opens a
popup?  Not sure how best to word this, but I fundamentally agree with
the sentiment.

>  * When Debian software is talks to a central server, whether to
>    perform its core function (eg, an ntp client talking to ntp
>    servers), or for other purposes with permission (like collection of
>    usage information), the servers should be chosen and managed in a
>    way that gives maximum regard to the users' privacy.  In
>    particular,
>    - Usually, our software should communicate only to servers we
>      control or which we have substantial reason to trust.

"By default", our software should ...
The user might be given an option to change this (see below).

>    - The information which is transmitted, and the information
>      store those servers, should be limited to that necessary for
>      the purposes in question.
> 
> 
> It would be nice to allow users to choose to report to meshlab
> upstream the statistical information which meshlab upstream would like
> to collect about the data files users are processing.
> 
> At the moment we have only the single question about popcon.  Should
> we have a separate question about each package like meshlab ?  How
> often is this going to arise ?

We could have one question which asks "Some software authors like
collecting anonymised data about the usage of their software in order
to better optimise it.  Would you be willing to participate in this?",
and then the possibility of opting in/out of individual packages.
Also, any package which does something essentially different could
have its own question.

> I think from the pov of meshlab, it would be good to be able to
> anonymise and aggregate the information on Debian servers before
> reporting it upstream.  What do people think about some kind of
> package-specific ad-hoc laundering service, or a popcon addon ?

This could be an option given to the user, I guess.  I like the
possibility of anonymising responses, as long as it does not
negatively affect the benefits the phoning home provides.  (For
example, it could be that upstream wants to know about the habits of
individual users and their patterns over time rather than just the sum
total of this information.  In such a case, Debian would have to track
the individual users, then modify the info before sending it
upstream.)

   Julian

Reply to:

Follow-Ups:
- Re: Phoning home
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

References:
- Phoning home
  - From: Ian Jackson <ian@davenant.greenend.org.uk>

Prev by Date: Bug#465140: debian-policy: clarify when to use alternatives
Next by Date: Bug#465140: debian-policy: clarify when to use alternatives
Previous by thread: Phoning home
Next by thread: Re: Phoning home
Index(es):
- Date
- Thread