What procedures are being put in place so that EU residents (and hopefully everyone) can contact Fedora or Red Hat to obtain/understand/verify/delete their machine data, beyond obviously personal data?  When even a London HIV clinic just lost control of highly protected medical information (http://www.bbc.com/news/uk-england-london-34127740) what technical and personnel safeguards are being put in place to prevent and audit leaks of the spectrum of personal-to-impersonal data that will increasingly become property of Red Hat?

What precautions are being taken to ensure "Anonymous" and "Non-Personal" info is truly guaranteed to remain so, as advertised in the Privacy Policy, whether or not there are future mergers/acquisitions/divestitures?  Similar to Matt Miller's Aug 12th Flock State-of-Fedora statement that machine UUID's should be rotated monthly (not naively linked to prior UUID's) if there are concerns?  Are UUID's, geolocation, IP addresses all listed as "Non-Personal" forever, or just until the next sysadmin / management decides otherwise?

Mass leaks of ostensibly unimportant data can impact many students/citizens/staff through diverse unintended consequences.  If we believe in open architectures: how frequently will this data be updated please, how many employees will generally have access to this data?  And hence vulnerable to coercion from US/China/Russia/Israel/etc intelligence agencies, perhaps to index a targetted list of non-updated Fedora systems for their proxies' secondary attacks?  If the purpose is purely (as stated) to gather usage statistics snapshots (private or public) as described, when might source "census" data be fully deleted after the fact, including from unstated (hence unaccountable, no matter how sincere) 3rd parties, and if so how?

More Mysteriously: why was the entire paragraph "Our Commitment to Privacy" removed from Aug 14, 2008's https://fedoraproject.org/wiki/Legal:PrivacyPolicy, along with sentence "To make this Statement easy to find, we have made it available on our homepage and at every location where personally-identifiable information may be requested" which until now had make such a commitment appear real?  Why this silent de-emphasizing of privacy going forward?

More Neutrally: Paul Frields is on the right track when he says "Perhaps a wiki page for privacy increasing customizations is called for, where we could consolidate such settings or tweaks" and yet pushing this evolving burden out into wiki wilderness swampland is the very definition of a Unfunded Mandate.  Who will take the bull by the horns, before Fedora's brand is permanently tarnished, when yet more antiprivacy "openwashing" we can easily avoid? (openwashing == having an appearance of open transparency for marketing purposes, while continuing proprietary/hidden practices)

More Optimistically: how can Fedora genuinely take the bull By The Horns, and expand into education, human rights and civil society applications used by social enterpreneurs in good conscience, in all kinds of countries (repressive and non, and in-between) during this post-Snowden era --- yes showcasing new use patterns --- but with broadly authentic, thoughtful and tangible treatment of humanity/privacy is absolutely paramount ?  In developing world edutech, here's a common response we all face, when conventional firms cannot go beyond legalese lip-service to privacy, hence we so badly need help (from communities like Fedora especially!) to overcome the growing distrust: http://hackeducation.com/2015/06/29/is-it-time-to-give-up-on-computers/

Disclaimer: I don't speak for One Laptop per Child, but I actively work with OLPC community groups distributing Fedora on school servers and OLPC laptops in many countries, to citizen groups who justifiably ask for clear transparency even around incidental data flows (permacookies of all kinds, intentional AND incidental).  Since heartless exploitation is so often the norm today, online or off, where is the inner soul, in the face of cynics' claim that privacy is now a luxury good, as obsolete as democracy?  Can we instead kick off new understandings thanks to Matt Miller's legit and intentional efforts, beyond sweetly-worded smallprint, adding boldy forthright human-readable explanation/risks/summary as to where Fedora's de facto default (purposeful, pray) dataveillance flows are headed over the coming years?  Would Be Far Better~