Re: Phoning home
Steve Langasek writes ("Re: Phoning home"):
> On Tue, Feb 26, 2008 at 08:24:09PM +0000, Ian Jackson wrote:
> > If the latter, what privacy assurances do we have and why do we believe
> > them ?
>
> Why should we believe *any* privacy assurances? If you want an assurance of
> privacy, don't share any information that you consider private.
I think this is rather an absolutist approach.
I agree with your criticisms of the US's legally-mandated privacy
policies. The situation is somewhat better in the EU but there are
still serious problems.
But the fact that some organisations running servers and collecting
information issue untruthful statements doesn't mean that there aren't
better and worse servers.
For example, I'm happier with the way Debian configures its ntp
clients (pointing them at debian.pool.ntp.org) than the way Ubuntu
does (pointing them at ntp.ubuntu.com). This is not only because at
the actual ntp stage it aggregates our users' traffic with many others
so giving them more privacy, but also because we might reasonably
expect the relevant servers (those which in each case get to see the
users and the informaation about what they're running) to be more
trustworthy.
To give another example, I disapprove of the way that Firefox
indirects its request for the RSS feed for `Latest Headlines' through
Mozilla's servers. The headlines in fact actually come from the BBC;
not only are there some reasons why we might trust the BBC more than
the Mozilla Foundation, it more necessary that the browser contact the
BBC than that it contact Mozilla.
(Actually, I disagree with this behaviour for another reason as well:
It is wrong to present news headlines without unattribution, so the
button `latest headlines' should read `BBC headlines' or some such.
And then of course there is no point to the indirection through
Mozilla - if Mozilla decided to change their news provider, the
attribution would become wrong. When I was Ubuntu firefox maintainer
I changed this, contacting the BBC to make sure I was using a stable
RSS URL. However I think this has been reverted now, probably as part
of the switch to kowtow to upstream's outrageous trademark-related
demands.)
> I don't agree that we have any obligation to not analyze the data that we've
> come by legitimately.
I think we should be trustworthy. That is, when our users know that
their computers send us information (for whatever legitimate reason),
they should be confident that they wouldn't disapprove of the things
we do with it.
The fact that the user is wholly at our mercy, and cannot (for
example) verify whether we're doing bad things, does not make it any
more right for us to process their information other than as strictly
necessary.
(This is one of the fundamental principles in EU data ethics and law
which is not shared by the `all's fair in love and spying' US.)
Ian.
Reply to: