On Friday, January 16, 2015 06:58:51 AM Josh Bressers wrote:
> == Automatic Bug Reporting ==
> Fedora contains tools designed to detect and report bugs when they occur
> on your system. These tools are configured so that the end-user must
> opt-in to reporting these bugs to us (either via a system-wide setting
> or on a case-by-case basis).
> In reporting these bugs, we collect debugging information about the
> state of your system and its running applications. Every attempt is made
> to anonymize these reports and scrub them of personal information,
> however, it is possible that they may still contain personal information
> and/or information about your computer usage. Please keep this in mind
> before submitting these bug reports. By choosing to submit these
> reports, you are giving Fedora permission to use their contents, even if
> those contents contain personal information about you and/or your
> computer usage.
I'm not comfortable with this message. It's extremely broad, and there some
loose ends we really should clarify.
1) What do we do about other things that collect user data (Firefox will
send bug reports to Mozilla, not Fedora, for example). We've mostly just
ignored this in the past as best as I can tell.
2) If we find personal information in a bug report, what will do we do?
3) What exactly are we collecting? This should be clearly defined so we
know where the line is, and when it gets crossed. It's easy for things like
to feature their way to being dangerous.
4) How long do we keep the data?
What about things that collect information about the end user that the end
user may not know is being collected, like zeitgiest? While its not supposed
to leave the system, people might be surprised to know how much has been
collected and how long. Opt-out instructions at a minimum might be nice.