On Fri, 2007-02-16 at 04:35 +0000, Arthur Pemberton wrote:
On 2/16/07, Ralf Corsepius <rc040203(a)freenet.de> wrote:
> On Fri, 2007-02-16 at 02:46 +0000, Arthur Pemberton wrote:
> > On 2/16/07, Ralf Corsepius <rc040203(a)freenet.de> wrote:
> > > On Fri, 2007-02-16 at 02:19 +0000, Arthur Pemberton wrote:
> > > > On 2/16/07, Ralf Corsepius <rc040203(a)freenet.de> wrote:
> > > > > On Thu, 2007-02-15 at 02:33 -0500, seth vidal wrote:
> > > > > > On Thu, 2007-02-15 at 08:20 +0100, Ralf Corsepius wrote:
> > >
> > > > I don't think you've ever said how the information is being
sent
> > > > without user permission or what the personal data is that is being
> > > > sent.
> > > The smolt developers would be the ones to reply this.
> > >
> > > AFAIS (I banned smolt from my installations), it transmits
> > > a machine-id, several HW details (CPU brand, type, peripherials,
> > > bogomips) and OS details via http.
> > >
> > > i.e. they have the IP, they have a "machine-id", and they have
> > > information which is not publicly available elsewhere.
> > >
> > > Ralf
> > >
> >
> > Fair enough. However the machine-id cannot legally id your computer,
> > nor is it supposed to be able to. As far as I understand, your
> > machine-id will be specific to Fedora.
> >
> > But considiering you have to TELL IT to transmit thoise things, how
> > can there be any legal problems?
>
> There is one dead-beat argument likely rendering this discussion moot:
>
> Not wrt. smolt, because the server is hosted in a foreign country,
> therefore the data, unless it's contents is lawful, is likely not
> subject to German laws (To be verified by a German lawyer).
Maybe Fedora needs to simply not run smolt in german countries. You
make it seem as if there is some special, useful data being stored.
Absolutely not. I am only commenting from a German perspective, because
I am living in Germany, because I am familiar with the situation around
here. I am pretty sure, what I said applies to many other countries as
well.
The data is only interesting from a statistical point of view, and
to
a limited audience.
For YOU, but ... the fact "$big business" is running
42 Fedora 6
machines with 9 of them being equipped with a topsecret "IBMINTAMD"
processor at 50 GHz in their development departments might be a business
secret.
> > Or are you saying it is illegal to
> > ask someone to fillout a survey form ,
> No, it is not, but (at least some) Germans probably will be very
> reluctant to fill out such forms and be very careful about what they
> fill out.
Okay. So what's the differene bween not filling out the form and not
running smolt?
What is the difference between not installing smolt and having to
fill
out a form?
Basically: security, less exposure to risks.
> > where they can simply ignore,
> > in your country?
> Common practice on "statistical survey forms" is them to carry an
> explicit "data-privacy disclaimer", which people explicitly have to
> check (== opt-in), which details what the data is being used for, to
> whom it will be passed on and when it will be deleted.
There is no fundamental difference between smolt and a survey form -
down to to the fac that machine readable survey forms do have id
numbers (in this case the machine id - may be it should be called the
smolt id since there is no such thing as a machine id, yet at least)
German laws
probably would mandate to keep the machine id separate from
the IP or not to record the IP at all.
Ralf