Create Task
Maniphest T6604

Write KDE telemetry usage policy / "Code of Telemetry Conduct"
Open, HighPublic
Actions

Description

From Akademy BoF:

  • no unique identification
  • no user data leakage (file names, etc)
  • avoid fingerprinting
  • detailed public documentation
  • strict review process before releasing this
  • opt-in

Should go under https://community.kde.org/Policies

Initial draft at the bottom of https://notes.kde.org/p/akademy-2017-kuserfeedback

vkrause created this task.Jul 25 2017, 2:21 PM
vkrause renamed this task from Write KDE telemetry usage policy to Write KDE telemetry usage policy / "Code of Telemetry Conduct".Jul 25 2017, 2:45 PM
vkrause updated the task description. (Show Details)
vkrause moved this task from Backlog to In Progress on the KUserFeedback board.Jul 26 2017, 9:18 AM
vkrause updated the task description. (Show Details)
vkrause added a comment.Aug 13 2017, 9:52 AM

Draft sent to kde-community@kde.org.

vkrause added a comment.EditedAug 14 2017, 5:05 PM

Not yet integrated ideas from the kde-community discussion:

  • audit log: doesn't conflict, implemented, do we want to make this mandatory?
  • revocation support: conflicts with publication
  • data license and publication: publication conflicts with revocation, license: CC0 vs CC-BY-SA?
  • data retention limits: conflicts with publication
  • allow unique identification: requested by Kexi, conflicts with publication as this could be considered personal data

Topics that came up elsewhere:

  • What is the "lower-bound"? Does checking for application updates/news (and possibly tracking that on the server side) already count as "telemetry" in this context? (see e.g. current practice in Akregator or KDevelop.
lavender added a subscriber: lavender.May 23 2018, 3:46 PM
  • require the use of differential privacy tools (e.g. rappor which is what Chrome and Firefox uses)
vkrause moved this task from In Progress to Done on the KUserFeedback board.Jul 7 2018, 2:38 PM